search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
analyzer: enable taint state machine by default [PR103533]
[official-gcc.git] / gcc / testsuite / gcc.dg / analyzer / pr93382.c
blob91eab2192ad9c259c0b80010f96f13d8879bb180
1 typedef __SIZE_TYPE__ size_t;
2
3 int idx;
4 void *fp;
5
6 size_t
7 fread (void *, size_t, size_t, void *);
8
9 void
10 ql (void)
11 {
12 int n1[1];
13
14 fread (n1, sizeof (n1[0]), 1, fp); /* { dg-message "'n1' gets an unchecked value here" "" { xfail *-*-* } } */
15 idx = n1[0]; /* { dg-message "'idx' has an unchecked value here \\\(from 'n1'\\\)" "" { xfail *-*-* } } */
16 }
17
18 int arr[10];
19
20 int
21 pl (void)
22 {
23 ql ();
24 return arr[idx]; /* { dg-warning "use of attacker-controlled value 'idx' in array lookup without bounds checking" "" { xfail *-*-* } } */
25 }
Mirror of the offical gcc git repository hosted at gcc.gnu.org