[PATCH] D49722: [CStringSyntaxChecker] Check strlcat sizeof check

David CARLIER via Phabricator via cfe-commits Thu, 06 Sep 2018 22:31:11 -0700

devnexen added inline comments.


================
Comment at: test/Analysis/cstring-syntax.c:49
+  strlcat(dest, "0123456789", badlen / 2);
+  strlcat(dest, "0123456789", badlen); // expected-warning {{The third 
argument allows to potentially copy more bytes than it should. Replace with the 
value 'badlen' - strlen(dest) - 1 or lower}}
+  strlcat(dest, "0123456789", badlen - strlen(dest) - 1);
----------------
NoQ wrote:
> The suggested fix is a bit weird.
> 
> The correct code for appending `src` to `dst` is either `strlcat(dst, src, 
> sizeof(dst));` (the approach suggested by the man page) or `strlcat(dst + 
> strlen(dst) + 1, src, sizeof(dst) - strlen(dst) - 1)` (which is equivalent 
> but faster if you already know `strlen(dst)`). In both cases you can specify 
> a smaller value but not a larger value.
In fact in this case the message is misleading/a bit wrong.


https://reviews.llvm.org/D49722



_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D49722: [CStringSyntaxChecker] Check strlcat sizeof check

Reply via email to