[PATCH] D70411: [analyzer] CERT: STR31-C
Balázs Kéri via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Wed Apr 1 01:36:57 PDT 2020
balazske added inline comments.
================
Comment at: clang/lib/StaticAnalyzer/Checkers/cert/StrChecker.cpp:55
+ // they can cause a not null-terminated string. In this case we store the
+ // string is being not null-terminated in the 'NullTerminationMap'.
+ //
----------------
The functions `gets`, `strcpy` return a null-terminated string according to standard, probably `sprintf` too, and the `fscanf` `%s` output is null-terminated too even if no length is specified (maybe it writes outside of the specified buffer but null terminated).
================
Comment at: clang/test/Analysis/cert/str31-c.cpp:117
+ if (editor != NULL) {
+ size_t len = strlen(editor) + 1;
+ buff2 = (char *)malloc(len);
----------------
Do we get a warning if the `+1` above is missing?
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D70411/new/
https://reviews.llvm.org/D70411
More information about the cfe-commits
mailing list