[splint-discuss] Some issue with buffer sizes (maxRead/maxSet)
AlannY
m at alanny.ru
Wed Sep 8 06:59:07 EDT 2010
Hi there. I'm using splint quite a lot now, but never used buffer sizes checking. So, I want to try. There are minor example, test program:
/*@+boundsread +boundswrite@*/
char*
test (size_t *size)
/*@requires maxSet(size)>=0;@*/
/*@ensures maxSet(result)>=(*size-1);@*/
{
*size = 0;
return (char *)1;
}
int
main (void)
{
char *t = NULL;
size_t size = 0;
t = test (&size);
t[size-1] = '\0';
return 0;
}
*there are minor hints by splint, skip it*
The main problem is:
test.c:18:7: Possible out-of-bounds store: test(&size)
Unable to resolve constraint:
requires maxSet(&size @ test.c:18:13) >= 0
needed to satisfy precondition:
requires maxSet(&size @ test.c:18:13) >= 0
derived from test precondition: requires maxSet(<parameter 1>) >= 0
A memory write may write to an address beyond the allocated buffer. (Use
-boundswrite to inhibit warning)
Line 18 is a:
t = test (&size);
As I see, splint don't know the size of the <size> variable. As I may predict, it's because <size> variable is not an array.
Is it possible to tell splint the size of the <size> variable? Or may be there are some better solutions?
Thanks for patience.
More information about the splint-discuss
mailing list