[cfe-dev] RFC on array-bounds patch
Daniel Marjamäki
Daniel.Marjamaki at evidente.se
Fri Feb 21 06:01:09 PST 2014
Hi!
My previous patch doesn't work well.
No warning is written for this code:
void f(int x) {
int a[10];
if (x >= 10)
a[x] = 1;
}
A warning is written for this code:
void f(int x) {
int a[10];
if (x >= 10)
a[x] = x;
}
Is there some intentional limitation here? Or is it unintentional.
Best regards,
Daniel Marjamäki
From: Jordan Rose [mailto:jordan_rose at apple.com]
Sent: den 18 februari 2014 18:08
To: Daniel Marjamäki
Cc: cfe-dev at cs.uiuc.edu
Subject: Re: [cfe-dev] RFC on array-bounds patch
I see the diagnostic without any patches. Are you sure you were testing the existing code with alpha.security.ArrayBound on? Is there a more complex example that wasn't working?
Background: checkLocation is supposed to be called on both loads and stores already, which is why it has the "isLoad" argument.
Jordan
On Feb 17, 2014, at 10:29 , Daniel Marjamäki <Daniel.Marjamaki at evidente.se> wrote:
Hello!
Here is a patch that will make Clang warn when there is this index out of bounds:
void f(int x) {
int a[10];
if (x >= 10)
a[x] = x;
}
The checkLocation is not triggered on the "a[x] = x;" statement. Is this by design? Is the checkPrestmt a good choice or would it be better to choose some other check type?
Best regards,
Daniel Marjamäki
..................................................................................................................
Daniel Marjamäki Senior Engineer
Evidente ES East AB Warfvinges väg 34 SE-112 51 Stockholm Sweden
Mobile: +46 (0)709 12 42 62
E-mail: Daniel.Marjamaki at evidente.se
www.evidente.se
_______________________________________________
cfe-dev mailing list
cfe-dev at cs.uiuc.edu
http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
More information about the cfe-dev
mailing list