[PATCH] D70411: [analyzer] CERT: StrChecker: 31.c
Artem Dergachev via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Wed Dec 4 15:45:40 PST 2019
NoQ added a comment.
In D70411#1769628 <https://reviews.llvm.org/D70411#1769628>, @Charusso wrote:
> F10966837: str31-c.tar.gz <https://reviews.llvm.org/F10966837>
These reports seem to confirm my point. I took a look at first 5 and in all of them the code does in fact ensure that the buffer space is sufficient, but in 5 different ways. You most likely won't be able to enumerate all possible ways in which the user can ensure that the destination buffer size is sufficient.
F10967274: content_encoding.c_5ae4f30ce29f14441139e7bbe20eeaaa.plist.html <https://reviews.llvm.org/F10967274>
The source string is taken from a global table and therefore has known maximum size.
F10967277: ftp.c_8cb07866de61ef56be82135a4d3a5b7e.plist.html <https://reviews.llvm.org/F10967277>
The source string is an IP address and port, which has a known limit on the number of digits it can have.
F10967280: imap.c_fd80e0804acd9e7ecb9c2483151625a9.plist.html <https://reviews.llvm.org/F10967280>
The source string is a literal `'*'`.
F10967295: tftp.c_eee38be8d783d25f2e733fa3740d13fc.plist.html <https://reviews.llvm.org/F10967295>
There's an if-statement that checks that the storage size is sufficient.
F10967300: tool_dirhie.c_87dd00a845a927c9b8ed587c6b314af1.plist.html <https://reviews.llvm.org/F10967300>
The source string is a token (obtained via `strtok`) of a string that has the same size as the destination buffer.
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D70411/new/
https://reviews.llvm.org/D70411
More information about the cfe-commits
mailing list