Skip to content

I suggest you ...

← General

Missing data overrun detection

We had a construction like;
len = strlen(value);
p = malloc(len)
strcpy(p, value)

since we allocate 1 byte too little the strcpy will always cause a buffer overrun. But lint 9.00k did not detect it. Since this was only called with data read from files, it was detected when I added a call where value was a string literal

It seems like lint is good in arithmetic and less good in algebra
When it have a string literal of a known length it correct calculates the overrun, but if value is of unknown length it can't deduct that the overrun happens.

Rgds Lars

10 votes
Vote

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
Lars Worsaae shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment

General

Categories

Feedback and Knowledge Base

(thinking…)