False positive due to character array on stack with initialiser

Static source code analysis tool for C and C++ code

Brought to you by: danielmarjamaki

False positive due to character array on stack with initialiser

Forum: General Discussion

Creator: Daniel Egger

Created: 2016-07-01

Updated: 2016-07-07

Daniel Egger - 2016-07-01

Hi guys,

I discovered a false positive with some (ancient) use of an initialiser to initialise a character array on the stack to an empty string.

I tried to create a Trac account to create a ticket but somehow didn't receive the email.

Here's a demo program to show the warning:

#include <stdio.h> int main (int argc, char **argv) { char str[6] = "\0"; unsigned short port = 65535; snprintf (str, sizeof (str), "%hu", port); }

The warning is:

[test.c:8]: (error) Buffer is accessed out of bounds.

The only way to removing the warning is to get rid of the "\0".
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

antred - 2016-07-04

The false positive should still be fixed, but why not just do

char str[6] = {};
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Mr. X - 2016-07-07

Fixed by:
https://github.com/danmar/cppcheck/commit/644a2163945340d2df6f4390781730bb74238567

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.