stackoom
  简体   繁体   中英

How detect a buffer overflow with splint

 原文  2021-12-21 13:38:39       c/ overflow/ splint

Question

I'm trying to use splint to detect some bug in my code. One of more critical point is the buffer overflow detection and seem that splint is not able to do that. I've tried with a simple C-code

void test()
 {
    int i;
    int a[10]
    for(i=0;i<12;i++)
        a[i]=i;
 }

This code generate a core dump but the Splint log is empty I runned splint with default flag Any suggestion about to detect this? Thanks

1 answers

solution1
 0  2022-01-20 08:06:39

+bounds option solve my problem: Possible out-of-bounds store: a[i] Unable to resolve constraint: requires i @ test.c:6:11 <= 9 needed to satisfy precondition: requires maxSet(a @ test.c:6:9) >= i @ test.c:6:11 A memory write may write to an address beyond the allocated buffer. (Use -boundswrite to inhibit warning)

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question GCC how to detect stack buffer overflow How to detect buffer overflow in C for this particular case, How to implement a buffer overflow how to write an buffer overflow? Valgrind won't detect buffer overflow How to generate a splint log How to prevent Buffer overflow / array overflow? How to use buffer overflow exploit How to avoid buffer overflow in c How to prevent memcpy buffer overflow?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM