alexfh requested changes to this revision. alexfh added inline comments. This revision now requires changes to proceed.
================ Comment at: docs/clang-tidy/checks/readability-strlen-argument.rst:20 + char *p = new char[(strlen(s) - 1)] + strcpy(p, s); + ---------------- JonasToth wrote: > danielmarjamaki wrote: > > JonasToth wrote: > > > isnt that an overflow? > > > an example: > > > `strlen(s) == 10` -> `p` will be 9 characters long, since its substracted > > > with `1`. > > > > > > the copy operation will then copy the content of `s` into `p`, therefore > > > copying 10 characters into a buffer of length 9. > > > > > > as i understand it `strcpy(p, s + 1)` would be correct with the sizes. > > yes it is overflow. My intention was to show that strlen(s+1) syntax is > > dangerous. > ok. please state that the overflow in a comment, its better to make that > explicit. BTW, `strlen(x) - N` is not only prone to overflows, but also less efficient (in case it's intentional). Did you run the check on real projects to see how likely this pattern is a bug? Repository: rL LLVM https://reviews.llvm.org/D32346 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
