[cfe-commits] PATCH: Enhance array bounds checking
Joerg Sonnenberger
joerg at britannica.bec.de
Thu Jul 14 10:39:15 PDT 2011
On Thu, Jul 14, 2011 at 10:28:52AM -0700, Ted Kremenek wrote:
> Hi Kaelyn,
>
> I was reviewing this patch (which I think is a great step), and I had a high-level comment about the following test case:
>
> +void swallow (const char *x) { (void)x; }
> +void test_pointer_arithmetic() {
> + const char hello[] = "Hello world!"; // expected-note 2 {{declared here}}
> + const char *helloptr = hello;
> +
> + swallow("Hello world!" + 6); // no-warning
> + swallow("Hello world!" - 6); // expected-warning {{refers before the beginning of the array}}
> + swallow("Hello world!" + 14); // expected-warning {{refers past the end of the array}}
>
> Do we really want this to be a warning? There are plenty of examples where an out-of-bounds pointer is computed for legit reasons. As long as that address is not dereferenced, there isn't necessarily a problem. I'm fearful this may generate a fair amount of noise on codebases that do elaborate tricks with pointer offsets. Indeed this very example doesn't actually exhibit a "bug".
I'm not sure yet, but I think this is something that really should be
investigated on real code bases first (and it should be a separate
option for that reason).
Joerg
More information about the cfe-commits
mailing list