0

I'm trying to use splint to detect some bug in my code. One of more critical point is the buffer overflow detection and seem that splint is not able to do that. I've tried with a simple C-code

void test()
 {
    int i;
    int a[10]
    for(i=0;i<12;i++)
        a[i]=i;
 }

This code generate a core dump but the Splint log is empty I runned splint with default flag Any suggestion about to detect this ? Thanks

H2O
  • 153
  • 1
  • 1
  • 13
  • Even gcc with default settings manages to find the bug. I would consider the possibility of Splint being useless crap. See this for example: https://stackoverflow.com/questions/8235204/odd-behavior-from-splint-bounds-checking – Lundin Dec 21 '21 at 13:53
  • 1
    Own experience: Splint's bound checking is far from being usable. – the busybee Dec 21 '21 at 14:34

1 Answers1

0

+bounds option solve my problem: Possible out-of-bounds store: a[i] Unable to resolve constraint: requires i @ test.c:6:11 <= 9 needed to satisfy precondition: requires maxSet(a @ test.c:6:9) >= i @ test.c:6:11 A memory write may write to an address beyond the allocated buffer. (Use -boundswrite to inhibit warning)

additional info : splint +bounds to run the check I found the flag looking into all flag availbale in splint and get more detail in specific help:

splint --help flags alpha splint --help bounds

H2O
  • 153
  • 1
  • 1
  • 13
  • 1
    Your answer could be improved with additional supporting information. Please [edit] to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers [in the help center](/help/how-to-answer). – Community Jan 20 '22 at 16:11