warn-strncat-size.c revision c36bedc90c687caa71748480c60707ea4608b092
1// RUN: %clang_cc1 -Wstrncat-size -verify -fsyntax-only %s 2 3typedef __SIZE_TYPE__ size_t; 4char *strncat(char *, const char *, size_t); 5size_t strlen (const char *s); 6 7struct { 8 char f1[100]; 9 char f2[100][3]; 10} s4, **s5; 11 12char s1[100]; 13char s2[200]; 14int x; 15 16void test(char *src) { 17 char dest[10]; 18 19 strncat(dest, "AAAAAAAAAAAAAAAAAAAAAAAAAAAAA", sizeof(dest) - strlen(dest) - 1); // no-warning 20 strncat(dest, "AAAAAAAAAAAAAAAAAAAAAAAAAAAAA", sizeof(dest) - 1); // no-warning - the code might assume that dest is empty 21 22 strncat(dest, src, sizeof(src)); // expected-warning {{size argument in 'strncat' call appears to be size of the source}} expected-note {{change the argument to be the free space in the destination buffer minus the terminating null byte}} 23 24 strncat(dest, src, sizeof(src) - 1); // expected-warning {{size argument in 'strncat' call appears to be size of the source}} expected-note {{change the argument to be the free space in the destination buffer minus the terminating null byte}} 25 26 strncat(dest, "AAAAAAAAAAAAAAAAAAAAAAAAAAA", sizeof(dest)); // expected-warning{{the value of the size argument in 'strncat' is too large, might lead to a buffer overflow}} expected-note {{change the argument to be the free space in the destination buffer minus the terminating null byte}} 27 28 strncat(dest, "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA", sizeof(dest) - strlen(dest)); // expected-warning{{the value of the size argument in 'strncat' is too large, might lead to a buffer overflow}} expected-note {{change the argument to be the free space in the destination buffer minus the terminating null byte}} 29 30 strncat((*s5)->f2[x], s2, sizeof(s2)); // expected-warning {{size argument in 'strncat' call appears to be size of the source}} expected-note {{change the argument to be the free space in the destination buffer minus the terminating null byte}} 31 strncat(s1+3, s2, sizeof(s2)); // expected-warning {{size argument in 'strncat' call appears to be size of the source}} 32 strncat(s4.f1, s2, sizeof(s2)); // expected-warning {{size argument in 'strncat' call appears to be size of the source}} expected-note {{change the argument to be the free space in the destination buffer minus the terminating null byte}} 33} 34 35// Don't issue FIXIT for flexible arrays. 36struct S { 37 int y; 38 char x[]; 39}; 40 41void flexible_arrays(struct S *s) { 42 char str[] = "hi"; 43 strncat(s->x, str, sizeof(str)); // expected-warning {{size argument in 'strncat' call appears to be size of the source}} 44} 45 46// Don't issue FIXIT for destinations of size 1. 47void size_1() { 48 char z[1]; 49 char str[] = "hi"; 50 51 strncat(z, str, sizeof(z)); // expected-warning{{the value of the size argument in 'strncat' is too large, might lead to a buffer overflow}} 52} 53 54// Support VLAs. 55void vlas(int size) { 56 char z[size]; 57 char str[] = "hi"; 58 59 strncat(z, str, sizeof(str)); // expected-warning {{size argument in 'strncat' call appears to be size of the source}} expected-note {{change the argument to be the free space in the destination buffer minus the terminating null byte}} 60} 61