implied: delete unused function sm_state_in_slist()
[smatch.git] / validation / sm_array_overflow4.c
blob36966d4fcb0fb2e82d0d5fca068c453ca13ac96b
1 #include <stdio.h>
2 #include <string.h>
4 #define ARRAY_SIZE(x) (sizeof(x)/sizeof((x)[0]))
6 long long a[] = {1, 2};
8 int main(char *arg0)
10 short *s = a;
11 short *s2 = (&(a));
12 char buf[4], buf2[4];
13 int i;
15 printf("%d\n", s[1]);
16 printf("%d\n", s[2]);
17 printf("%d\n", s[3]);
18 printf("%d\n", s[4]);
19 printf("%d\n", s[5]);
20 printf("%d\n", s[6]);
21 printf("%d\n", s[7]);
22 printf("%d\n", s[8]);
23 printf("%d\n", s2[8]);
24 printf("%d\n", ((short *)a)[6]);
25 printf("%d\n", ((short *)a)[8]);
26 strcpy(buf, "1234");
27 strcpy(buf2, arg0);
29 return 0;
32 * check-name: smatch overflow check #4
33 * check-command: smatch --spammy sm_array_overflow4.c
35 * check-output-start
36 sm_array_overflow4.c:22 main() error: buffer overflow 's' 8 <= 8
37 sm_array_overflow4.c:23 main() error: buffer overflow 's2' 8 <= 8
38 sm_array_overflow4.c:25 main() error: buffer overflow 'a' 8 <= 8
39 sm_array_overflow4.c:26 main() error: strcpy() '"1234"' too large for 'buf' (5 vs 4)
40 sm_array_overflow4.c:27 main() warn: strcpy() 'arg0' of unknown size might be too large for 'buf2'
41 * check-output-end