David Friedman <[EMAIL PROTECTED]> wrote:
        I encountered a problem very much similar to this when checking some
        code that made extensive use of this macro:
        #define newstr(s)\
                strcpy(malloc(strlen(s) + 1), s)
        every time it used that macro is raised a "-boundswrite" warning
        since it thought the src buffer could get overflowed.

Urk.  This code is of course broken.  (Why, oh WHY, didn't ANSI bless
"strdup"?)  malloc() can fail, returning a NULL pointer, and then this
code *will* crash or scribble on memory incorrectly.

The best solution is to write your own void *xmalloc(size_t) function
which abort()s or exit()s if memory runs out, and make sure that SPLint
knows that it always returns a long enough block.

Reply via email to