a case of CWE: 398

Static source code analysis tool for C and C++ code

Brought to you by: danielmarjamaki

a case of CWE: 398

Forum: General Discussion

Creator: AlexHsieh

Created: 2024-08-07

Updated: 2024-08-07

AlexHsieh - 2024-08-07

Hi,
I use cppcheck-2.14.1 to check the following code

#include <string> using namespace std; int main() { string ss[1]; ss->clear(); //(*ss).clear(); // OK //ss[0].clear(); // OK string s; s.append(ss[i]); return 0; }

, and get
CWE: 398
Out of bounds access in expression 'ss[i]' because 'ss' is empty.

Is this a false positive?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

CHR - 2024-08-07

Thanks for reporting, ticket is here: https://trac.cppcheck.net/ticket/12993

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

AlexHsieh - 2024-08-07

Thank you for the confirmation.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.