[LLVMbugs] [Bug 12807] New: unix.cstring.NullArg: strncpy: greater than destination buffer

bugzilla-daemon Sat, 12 May 2012 18:52:01 -0700

http://llvm.org/bugs/show_bug.cgi?id=12807


             Bug #: 12807
           Summary: unix.cstring.NullArg: strncpy: greater than
                    destination buffer
           Product: clang
           Version: trunk
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P
         Component: Static Analyzer
        AssignedTo: [email protected]
        ReportedBy: [email protected]
                CC: [email protected]
    Classification: Unclassified


#include <string.h>
#include <stdlib.h>

int main(int argc, char** inp) {
  int len=0;
  char* inc_fn;
  inc_fn=(char*)malloc(len+1);
  strncpy(inc_fn,inp[0],len);
  free(inc_fn);
  return 0;
}

gives:
$ clang -cc1 -analyze  -analyzer-checker=unix.cstring.NullArg  gcc/test.c    -I
/usr/include/   -I ../llvm-build/Debug+Asserts/lib/clang/3.2/include/ 
gcc/test.c:8:3: warning: Size argument is greater than the length of the
destination buffer
  strncpy(inc_fn,inp[0],len);
  ^                     ~~~
1 warning generated.

This is only with len=0. For non-zero length the warning is not shown.

-- 
Configure bugmail: http://llvm.org/bugs/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
_______________________________________________
LLVMbugs mailing list
[email protected]
http://lists.cs.uiuc.edu/mailman/listinfo/llvmbugs

[LLVMbugs] [Bug 12807] New: unix.cstring.NullArg: strncpy: greater than destination buffer

Reply via email to