I suggest you ...

Missing data overrun detection

We had a construction like;
len = strlen(value);
p = malloc(len)
strcpy(p, value)

since we allocate 1 byte too little the strcpy will always cause a buffer overrun. But lint 9.00k did not detect it. Since this was only called with data read from files, it was detected when I added a call where value was a string literal

It seems like lint is good in arithmetic and less good in algebra
When it have a string literal of a known length it correct calculates the overrun, but if value is of unknown length it can't deduct that the overrun happens.

Rgds Lars

9 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Lars Worsaae shared this idea  ·   ·  Admin →

    0 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...

      Feedback and Knowledge Base