Concerning missing boundary check warnings (see original message below):
Here's the output by splint with +boundswrite and +boundsread. Regards, Thomas. tmpstr.c: (in function main) tmpstr.c(23,8): Possible out-of-bounds store: strcpy(s6, "8 bytes") Unable to resolve constraint: requires 5 >= 7 needed to satisfy precondition: requires maxSet(s6 @ tmpstr.c(23,15)) >= 7 derived from strcpy precondition: requires maxSet(<parameter 1>) >= maxRead(<parameter 2>) A memory write may write to an address beyond the allocated buffer. (Use -boundswrite to inhibit warning) tmpstr.c(26,8): Possible out-of-bounds store: strcpy(s7, s8) Unable to resolve constraint: requires 6 >= 7 needed to satisfy precondition: requires maxSet(s7 @ tmpstr.c(26,15)) >= maxRead(s8 @ tmpstr.c(26,18)) derived from strcpy precondition: requires maxSet(<parameter 1>) >= maxRead(<parameter 2>) tmpstr.c(28,8): Possible out-of-bounds store: memset(&s, 0, sizeof((s))) Unable to resolve constraint: requires maxSet(&s @ tmpstr.c(28,15)) >= sizeof((s)) @ tmpstr.c(28,26) + -1 needed to satisfy precondition: requires maxSet(&s @ tmpstr.c(28,15)) >= sizeof((s)) @ tmpstr.c(28,26) + -1 derived from memset precondition: requires maxSet(<parameter 1>) >= <parameter 3> + -1 -----Ursprungliche Nachricht----- Von: David Richard Larochelle [mailto:[EMAIL PROTECTED]] Gesendet: Mittwoch, 5. Juni 2002 22:41 An: eschner Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Betreff: Re: newbie questions > > As it is said, I am new to splint and managed to stumble upon three > questions. > > Could please anybody give me a hint? > > Thanks, Thomas. > > Could you list the warnings you get and what flags you're using. If you want splint to detect bounds errors then you need to use the +bounds flags or +bounds-read or +bounds-write. > /* Q 1: How can I really get rid of warnings concerning stdio.h? ignore-end > don't do it */ > > /*@ignore@*/ > #include <stdio.h> > /*@end@*/ > > int main > ( > /*@unused@*/ int argc, > /*@unused@*/ char *argv[] > ) > { > char s6[6]; > char s7[7]; > char s8[8]; > struct > { > int i; > long j; > } s; > > (void)strcpy(s6,"8 bytes"); /* Reported correctly */ > (void)strcpy(s7,"8 bytes"); /* Q 2: Why is there _no_ report? */ > (void)strcpy(s8,"8 bytes"); /* No report, correct */ > (void)strcpy(s7,s8); /* Reported correctly */ > (void)memset(s7,'\0',sizeof(s7)); /* No report, correct */ > (void)memset(&s,0,sizeof(s)); /* Q 3: Why _is_ there a report? */ > > return 0; > > } >