(root)/
gcc-13.2.0/
gcc/
testsuite/
gcc.dg/
analyzer/
out-of-bounds-2.c
       1  #include <stdlib.h>
       2  #include <string.h>
       3  #include <stdio.h>
       4  #include <stdint.h>
       5  
       6  /* Wanalyzer-out-of-bounds tests for buffer over-reads.  */
       7  
       8  /* Avoid folding of memcpy.  */
       9  typedef void * (*memcpy_t) (void *dst, const void *src, size_t n);
      10  
      11  static memcpy_t __attribute__((noinline))
      12  get_memcpy (void)
      13  {
      14    return memcpy;
      15  }
      16  
      17  
      18  void test1 (void)
      19  {
      20    int id_sequence[3];
      21    memset (id_sequence, 0, 3 * sizeof(int));
      22    printf ("%i", id_sequence[3]); /* { dg-line test1 } */
      23  
      24    /* { dg-warning "stack-based buffer over-read" "warning" { target *-*-* } test1 } */
      25    /* { dg-message "read of 4 bytes from after the end of 'id_sequence'" "num bad bytes note" { target *-*-* } test1 } */
      26    /* { dg-message "valid subscripts for 'id_sequence' are '\\\[0\\\]' to '\\\[2\\\]'" "valid subscript note" { target *-*-* } test1 } */
      27  }
      28  
      29  void test2 (void)
      30  {
      31    int n = 4;
      32    int arr[n];
      33    memset (arr, 0, n * sizeof (int));
      34  
      35    int sum = 0;
      36    for (int i = n - 1; i >= 0; i--)
      37      sum += arr[i];
      38  }
      39  
      40  void test3 (void)
      41  {
      42    int n = 4;
      43    int arr[4];
      44    memset (arr, 0, n * sizeof (int));
      45  
      46    int sum = 0;
      47    for (int i = n; i > 0; i--)
      48      sum += arr[i]; /* { dg-line test3 } */
      49  
      50    /* { dg-warning "stack-based buffer over-read" "warning" { target *-*-* } test3 } */
      51    /* { dg-message "" "note" { target *-*-* } test3 } */
      52  }
      53  
      54  void test4 (void)
      55  {
      56    int n = 4;
      57    int *arr = malloc (n * sizeof (int));
      58    if (!arr)
      59      return;
      60    memset (arr, 0, n * sizeof(int));
      61    
      62    int sum = 0;
      63    for (int i = n - 1; i >= 0; i--)
      64      sum += *(arr + i);
      65  
      66    free (arr);
      67  }
      68  
      69  void test5 (void)
      70  {
      71    int n = 4;
      72    int *arr = malloc (n * sizeof (int));
      73    if (!arr)
      74      return;
      75    memset (arr, 0, n * sizeof(int));
      76    
      77    int sum = 0;
      78    for (int i = n; i > 0; i--)
      79      sum += *(arr + i); /* { dg-line test5 } */
      80  
      81    free (arr);
      82    /* { dg-warning "heap-based buffer over-read" "bounds warning" { target *-*-* } test5 } */
      83    /* { dg-message "read of 4 bytes from after the end of the region" "num bad bytes note" { target *-*-* } test5 } */
      84  
      85    /* { dg-warning "use of uninitialized value" "uninit warning" { target *-*-* } test5 } */
      86  }