From c74262a802386c0fdc3af2cbed193448da934b82 Mon Sep 17 00:00:00 2001 From: Dan Carpenter Date: Thu, 29 Nov 2018 13:13:31 +0300 Subject: [PATCH] buf_size: fix handling of 1 element arrays I originally wrote a hack to say that 1 element arrays were really an unknown size because they're often used as the last member of a struct like this: struct my_struct { ... unsigned int buf_size; char buf[1]; }; (In olden days, compilers didn't allow zero size arrays??) Anyway, this hack was bad because sometimes a one element array is what people want and also these days we should return -1 for unknown size arrays. So I have removed this hack. Signed-off-by: Dan Carpenter --- check_snprintf_overflow.c | 2 +- smatch_buf_size.c | 4 ---- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/check_snprintf_overflow.c b/check_snprintf_overflow.c index 710c7fd7..9c89fdfc 100644 --- a/check_snprintf_overflow.c +++ b/check_snprintf_overflow.c @@ -37,7 +37,7 @@ static void match_snprintf(const char *fn, struct expression *expr, void *unused dest_size = get_array_size_bytes(dest); if (!get_implied_value(dest_size_expr, &limit_size)) return; - if (dest_size && dest_size < limit_size.value) + if (dest_size > 1 && dest_size < limit_size.value) sm_msg("error: snprintf() is printing too much %s vs %d", sval_to_str(limit_size), dest_size); format = expr_to_var(format_string); diff --git a/smatch_buf_size.c b/smatch_buf_size.c index df2670bf..0c7f3494 100644 --- a/smatch_buf_size.c +++ b/smatch_buf_size.c @@ -292,10 +292,6 @@ static int get_real_array_size_from_type(struct symbol *type) if (!get_implied_value(type->array_size, &sval)) return 0; - /* People put one element arrays on the end of structs */ - if (sval.value == 1) - return 0; - return sval.value; } -- 2.11.4.GIT