outofbound.c revision a5ce966d1a23d84aa5e849cf0ed62494e736ea6a
1// RUN: %clang_cc1 -analyze -analyzer-experimental-internal-checks -analyzer-experimental-checks -analyzer-check-objc-mem -analyzer-store=region -verify %s 2 3typedef __typeof(sizeof(int)) size_t; 4void *malloc(size_t); 5void *calloc(size_t, size_t); 6 7char f1() { 8 char* s = "abcd"; 9 char c = s[4]; // no-warning 10 return s[5] + c; // expected-warning{{Access out-of-bound array element (buffer overflow)}} 11} 12 13void f2() { 14 int *p = malloc(12); 15 p[3] = 4; // expected-warning{{Access out-of-bound array element (buffer overflow)}} 16} 17 18struct three_words { 19 int c[3]; 20}; 21 22struct seven_words { 23 int c[7]; 24}; 25 26void f3() { 27 struct three_words a, *p; 28 p = &a; 29 p[0] = a; // no-warning 30 p[1] = a; // expected-warning{{Access out-of-bound array element (buffer overflow)}} 31} 32 33void f4() { 34 struct seven_words c; 35 struct three_words a, *p = (struct three_words *)&c; 36 p[0] = a; // no-warning 37 p[1] = a; // no-warning 38 p[2] = a; // expected-warning{{Access out-of-bound array element (buffer overflow)}} 39} 40 41void f5() { 42 char *p = calloc(2,2); 43 p[3] = '.'; // no-warning 44 p[4] = '!'; // expected-warning{{out-of-bound}} 45} 46