Re: [Valgrind-users] suppress warning repetition

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

On 01/01/2015 04:44 PM, "João M. S. Silva" wrote:
> On 01/02/2015 12:05 AM, Tom Hughes wrote:
>> No. Stack overruns are not detected because there is no guard space
>> between stack variables like there is between heap variables.
>
> OK, I didn't know that. Now I'm a bit worried :P I thought my code was
> 99% clean :)

If there is any doubt [you have at least 1% doubt] then you should replace all uses
of sprintf with snprintf instead.  Using snprintf is not a fool-proof cure-all.
If the length limit is reached then the result has no terminating '\0',
so subsequent reads (such as via %s) might over-read the space for the result.
However, this is better than *overwriting* the space for the result.

>
> Is there a way to check for stack memory errors?

Not with the current design of valgrind(memcheck).

>     If it was not for the
> %s in the command string it could be caught with cppcheck, but with the
> %s only a runtime check would do, I guess.