http://llvm.org/bugs/show_bug.cgi?id=11114
Summary: Clang buffer overflow checks fail to detect simple
case.
Product: clang
Version: trunk
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P
Component: Static Analyzer
AssignedTo: [email protected]
ReportedBy: [email protected]
CC: [email protected]
Tested with version of clang/scan-build in trunk. The static analyzer fails to
detect a simple buffer overflow in program found here. I guess more of an FYI
than anything else..
http://www.debian-administration.org/articles/408
clang -v
clang version 3.0 (trunk 141707)
Target: x86_64-unknown-linux-gnu
Thread model: posix
scan-build gcc -o buggy buggy.c
scan-build: 'clang' executable not found in '/opt/clang/scan-build/bin'.
scan-build: Using 'clang' from path: /opt/clang/bin/clang
scan-build: Removing directory '/tmp/scan-build-2011-10-11-1' because it
contains no reports.
clang --analyze -Xclang -analyzer-checker -Xclang security.experimental buggy.c
clang --analyze -Xclang -analyzer-checker -Xclang
security.experimental.ArrayBound buggy.c
clang --analyze -Xclang -analyzer-checker -Xclang
security.experimental.ArrayBound2 buggy.c
--
Configure bugmail: http://llvm.org/bugs/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
_______________________________________________
LLVMbugs mailing list
[email protected]
http://lists.cs.uiuc.edu/mailman/listinfo/llvmbugs
