Menu
▾
▴
Re: [Valgrind-users] How to write a tool to check unsafe strcpy-alike functions in another way
|
From: Bart V. A. <bva...@ac...> - 2013-10-31 15:03:25
|
On 31/10/2013 4:56, hamid alaei wrote: > Hi everyone, > Assume there is a C code that do this: > > char buff1[20]; > char buff2[30]="some small string"; > ... > strcpy(buff1, buff2); > > This code is can be regarded unsafe not only because it use strcpy(), > which doesn't accept a size argument for the maximum capacity of buff1, > but also because the maximum capacity if the target string buff1 is less > than the maximum capacity of the src string buff2. > > I know that if strcpy() tries to write outside buff1, then memcheck or > sgcheck can detect that, depending on whether these strings are in > stack/global memory or in the heap. But I want a warning while calling > strcpy() in this manner as well, regardless of whether overflow happens > or not. > > I am wondering if there is such a tool to do so. I guess it should > replace strcpy() and similar functions with a wrapper. Does anybody know > suck a tool/extension or how to write such a wrapper that can have > access to the max-size of buff1 and buff2? Hello Hamid, I think that smatch is already able to detect for the above example that the output buffer is too small (http://smatch.sourceforge.net/). Bart. |
