David Friedman <[EMAIL PROTECTED]> wrote:
I encountered a problem very much similar to this when checking some
code that made extensive use of this macro:
#define newstr(s)\
strcpy(malloc(strlen(s) + 1), s)
every time it used that macro is raised a "-boundswrite" warning
since it thought the src buffer could get overflowed.
Urk. This code is of course broken. (Why, oh WHY, didn't ANSI bless
"strdup"?) malloc() can fail, returning a NULL pointer, and then this
code *will* crash or scribble on memory incorrectly.
The best solution is to write your own void *xmalloc(size_t) function
which abort()s or exit()s if memory runs out, and make sure that SPLint
knows that it always returns a long enough block.
