alpha.security.ArrayBoundV2 not working on the revision 350084

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

alpha.security.ArrayBoundV2 not working on the revision 350084

James Y Knight via cfe-dev
Hello,

I was trying to test the 'alpha.security.ArrayBoundV2' checker with this simple code snippet;

  1 #include <stdio.h>                                                              
  2 #include <stdlib.h>                                                             
  3                                                                                 
  4 int main(int argc, char** argv){                                                
  5     int i;                                                                      
  6     int *a = malloc(sizeof(int) * 10);                                          
  7     if (!a) return -1;                            
  8     for (i = 0; i < 11; i++) {   //< supposed to find here                                                  
  9         a[i] = i;                                                               
10     }                                                                           
11     free(a);                                                                    
12     return 0;                                                                   
13 } 

I ran the analyzer with enabling 'alpha.security.ArrayBoundV2' (scan-build -o . -enable-checker alpha.security.ArrayBoundV2 clang bo.c -O0 -g), but either it does not work or apparently it concluded there is no problem.

scan-build -o . -enable-checker alpha.security.ArrayBoundV2 clang bo.c -O0 -g
scan-build: Using '/home/gwangmu/opt/llvm/install/bin/clang-8' for static analysis
scan-build: Removing directory '/home/gwangmu/Scratch/vuln-tests/bo/2019-02-12-202738-6126-1' because it contains no reports.
scan-build: No bugs found.

I searched for material or articles where this checker was used, but they are quite rare and also no similar problem cannot be found. Was the command running the analyzer not configured well, or is there any CMake flag that I need to set before building the analyzer to use alpha checkers?

Best,
Gwangmu Lee.


Gwangmu Lee
Ph.D. Student
+82) 10 4114 7441
Room 615, Bldg 301, Seoul National University, Gwanak-ro 1, Gwanak-gu, Seoul, South Korea.
Sent from Mailspring
_______________________________________________
cfe-dev mailing list
[hidden email]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev