I am running a static security analyzer on some old C++
code. It is flagging the ::memcpy
call as a buffer overflow violation. The code looks fine to me. Why is it complaining?
#define ALLOC_SIZE 4 * 1024
int arr_max = ALLOC_SIZE;
int *arr = new int[arr_max];
// ...
void resize_arr() {
int* new_arr = new int[arr_max + ALLOC_SIZE];
::memcpy(new_arr, arr, arr_max * sizeof(int)); // BUFFER OVERFLOW
arr_max += ALLOC_SIZE;
delete [] arr;
arr = new_arr;
}
不知道您的代码分析器有多聪明,但是如果您对resize_arr
函数进行了足够的余量调用,则arr_max
最终将溢出并可能导致缓冲区溢出。
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.