[Bug other/89863] [meta-bug] Issues that static analyzers (cppcheck, clang-static-analyzer) find that gcc misses

dcb314 at hotmail dot com gcc-bugzilla@gcc.gnu.org
Mon Feb 10 12:41:00 GMT 2020


https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89863

--- Comment #6 from David Binderman <dcb314 at hotmail dot com> ---
For this C++ code:

// reading 8 bytes from a 5 byte field

# include <stdint.h>
# include <cstring>

struct S
{
        char a[ 5];
        short b;
};

void f( const S * ps)
{
        uint64_t n;

        memcpy( &n, ps->a, sizeof( uint64_t));
}

derived from recent Linux kernel, gcc has nothing to say:

$ /home/dcb/gcc/results/bin/gcc -c -g -O2 -Wall -Wextra feb10a.cc
$ 

Interestingly, clang++ doesn't say much either:

$ clang++ -c -O2 -Wall -Wextra feb10a.cc
$ 

Adding _FORTIFY_SOURCE=2 doesn't help. Here is cppcheck in action:

$ /home/dcb/cppcheck/trunk/cppcheck  feb10a.cc
feb10a.cc:17:16: error: Buffer is accessed out of bounds: ps->a
[bufferAccessOutOfBounds]
 memcpy( &n, ps->a, sizeof( uint64_t));
               ^
$


More information about the Gcc-bugs mailing list