如何解决多空间警告“数组索引超出范围

Question

While doing Poly-space analysis on the code base, I am getting an orange check warning on below snippet saying that the pointer may be outside its bounds.

I've tried adding a null check before accessing the array like if( x[i] != NULL), but it doesn't help.The pointer which is passed as an argument to the function is also declared as a pointer, so that I'm not able to determine the size of buffer being passed to the function.

void foo(const int *x, unsigned int value)
{
   int i, data;
   for(i=0;i<value;i++)
   {
      data = x[i]; // pointer may be out of bounds here
   }
   sendToSomeOtherInterface(data);
}

I can understand that polyspace might be assuming that at some point of time, the pointer may point to an invalid memory and code may crash, but how to write code more cleanly to avoid the problem? I can't change usage of pointers as it has an impact over huge files.

Answer 1

How Polyspace handles this depends on the context of the analysis. If you run just that function through on its own, and depend on Polyspace's main generator, then I would expect that to be an orange out of bounds array index on line 6.

A few things to consider:

1. This code breaks at least a few common industry coding guidelines regarding usage of pointers and arrays.
2. In order for Polyspace to know that index i is going to be within the bounds of the buffer pointed to by the constant pointer x , Polyspace will need to be able to know the size of the buffer represented by x .
3. Without any calling context (using main generator and no explicit calls to this function), Polyspace is going to be stuck in the situation of not knowing the bounds of x or the value of value . This is true for anyone on stackoverflow just reading the code without context as well.
4. If you analyze the function with calling context, that code may provide enough information. Ultimately, Polyspace has to be able to see the size of what is passed in via the constant pointer x