[cfe-dev] Detecting undefined pointer arithmetic
Demi M. Obenour via cfe-dev
cfe-dev at lists.llvm.org
Sun Jan 10 23:39:52 PST 2021
I noticed that none of the sanitizers seems to support checking for
out-of-bounds pointer arithmetic, even though my understanding of
the C standard is that this is undefined behavior. In particular, I
believe the following trivial program has undefined behavior (assuming
malloc() succeeds), but none of the sanitizers flag any warnings:
#include <stdlib.h>
int main(void) {
char *buf = malloc(1);
if (buf) {
char *this_is_ub = buf + 3;
free(buf);
}
}
Of course, I suspect this just has not been implemented yet, but
it still leaves me at a loss for how to track this form of UB down.
Is there a better solution than manual code review?
Sincerely,
Demi Obenour
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20210111/ef2edccf/attachment.sig>
More information about the cfe-dev
mailing list