Hello!
Here is a patch that will make Clang warn when there is this index out of bounds:
void f(int x) {
int a[10];
if (x >= 10)
a = x;
}
The checkLocation is not triggered on the “a = x;” statement. Is this by design? Is the checkPrestmt a good choice or would it be better to choose some other check type?
Best regards,
Daniel Marjamäki
…
Daniel Marjamäki Senior Engineer
Evidente ES East AB Warfvinges väg 34 SE-112 51 Stockholm Sweden
Mobile: +46 (0)709 12 42 62
E-mail: Daniel.Marjamaki@evidente.se
www.evidente.se
array-bounds.patch (1.55 KB)
I see the diagnostic without any patches. Are you sure you were testing the existing code with alpha.security.ArrayBound on? Is there a more complex example that wasn’t working?
Background: checkLocation is supposed to be called on both loads and stores already, which is why it has the “isLoad” argument.
Jordan
array-bounds.patch (1.55 KB)
Hello!
I see the diagnostic without any patches. Are you sure you were testing the existing code with alpha.security.ArrayBound on? Is there a more complex example that wasn’t working?
I fail to reproduce right now. The warning is reported.
I’ll investigate if I can reproduce the false negative again.
Thanks!
Daniel Marjamäki
…
Daniel Marjamäki Senior Engineer
Evidente ES East AB Warfvinges väg 34 SE-112 51 Stockholm Sweden
Mobile: +46 (0)709 12 42 62
E-mail: Daniel.Marjamaki@evidente.se
www.evidente.se
Hi!
My previous patch doesn't work well.
No warning is written for this code:
void f\(int x\) \{
int a\[10\];
if \(x >= 10\)
a\[x\] = 1;
\}
A warning is written for this code:
void f(int x) {
int a[10];
if (x >= 10)
a[x] = x;
}
Is there some intentional limitation here? Or is it unintentional.
Best regards,
Daniel Marjamäki