search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
math: tweak get_fuzzy_math()
[smatch.git] / validation / sm_overflow3.c
blobdee0a081ab94c50d34d2726a5df30402bedea3af
1 #include "check_debug.h"
2
3 void strcpy(char *to, char *from, int size);
4
5 void func (char *a, char *b)
6 {
7 char c[4];
8 char d[4];
9 char e[4];
10 char f[4];
11
12 b = "1234";
13 strcpy(a, b);
14 a[5] = '\0';
15 strcpy(c, b);
16 strcpy(d, "123");
17 strcpy(e, "1234");
18 strcpy(f, "12");
19 f[3] = '\0';
20 }
21 /*
22 * check-name: smatch strcpy overflow
23 * check-command: smatch -I.. sm_overflow3.c
24 *
25 * check-output-start
26 sm_overflow3.c:14 func() error: buffer overflow 'a' 5 <= 5
27 sm_overflow3.c:15 func() error: strcpy() 'b' too large for 'c' (5 vs 4)
28 sm_overflow3.c:17 func() error: strcpy() '"1234"' too large for 'e' (5 vs 4)
29 * check-output-end
30 */
Static analysis for C