No longer catching some instances of Overlapping Data Buffer?

Static source code analysis tool for C and C++ code

Brought to you by: danielmarjamaki

No longer catching some instances of Overlapping Data Buffer?

Forum: Development

Creator: Steve Hopkins

Created: 2019-03-18

Updated: 2019-03-19

Steve Hopkins - 2019-03-18

Just upgraded from cppcheck v1.33 to v1.78. The code below was formerly flagged as an overlapping data buffer, but is ignored with v1.78. We saw in other tests that the verbage for Overlapping Data Buffer has changed to "The variable <name> is used both as...", and those tests still worked once we accommodated the change.
int result=0;
char str[50] = "Don't do this.";
result = sprintf(str, "bad practice so %s", str);
Is this change in behavior by design?</name>

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Daniel Marjamäki - 2019-03-18

I do get a warning with git head.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Daniel Marjamäki - 2019-03-19

Could you provide a better example code. This check does not check the code in global scope, you have to put it in a function. With this code I get a warning:

void f() { int result=0; char str[50] = "Don't do this."; result = sprintf(str, "bad practice so %s", str); }
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Steve Hopkins - 2019-03-19

I checked closer, and this error is still getting captured with v1.78, so cppcheck is still behaving the same for this test case, so there is no problem.
If there's a moderator, I wouldn't mind if this issue chain were deleted. Since I was wrong, it's just a waste of space, except maybe to serve as a cautionary tale against posting a problem before double-checking your assertions.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.