adaint.c

ettl.martin at gmx dot de Wed, 08 Jun 2011 15:25:24 -0700

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=49334


           Summary: [cppcheck] possible index out of bounds in
                    gcc/ada/adaint.c
           Product: gcc
           Version: unknown
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: ada
        AssignedTo: unassig...@gcc.gnu.org
        ReportedBy: ettl.mar...@gmx.de


During a check with the static code analysis tool cppcheck, the tool discoverd
a possible buffer access out of bounds issue. The tool printed the following
output:

[gcc/ada/adaint.c][error] Array index -1 is out of bounds at line 3139

After further investiating, i reduced the code to following snipped and indeed
cppcheck is right. Please take a look at the reduced testcase:

#define MAXPATH  256

static char new_canonical_dirspec [MAXPATH];

char * f (char *dirspec)
{
    int len;

    strcpy (new_canonical_dirspec, "");

    len = strlen (new_canonical_dirspec);

    if (new_canonical_dirspec [len-1] != '/') // <-- if len == 0 --> Acces out
of bounds
        strncat (new_canonical_dirspec, "/", MAXPATH);

    new_canonical_dirspec [MAXPATH - 1] = (char) 0;

    return new_canonical_dirspec;
}

Best regards from the cppcheck team

Ettl Martin

[Bug ada/49334] New: [cppcheck] possible index out of bounds in gcc/ada/adaint.c

Reply via email to