No warnings: passing too-short array to array parameter with `static` size
ch3root opened this issue · 1 comments
ch3root commented
Source code:
#include <stdio.h>
static int f(int a[static 1])
{
if (a)
return 1;
return 0;
}
int main()
{
printf("%d\n", f(0));
}
C11, 6.7.6.3p7: "If the keyword static also appears within the [ and ] of the array type derivation, then for each call to the function, the value of the corresponding actual argument shall provide access to the first element of an array with at least as many elements as specified by the size expression."
tis-interpreter (21f4c7a) output:
[value] Analyzing a complete application starting at main
[value] Computing initial state
[value] Initial state computed
0
[value] done for function main
gcc (GCC) 7.0.0 20160627 (experimental):
$ gcc -std=c11 -pedantic -Wall -Wextra -O3 -fsanitize=undefined test.c && ./a.out
0
clang version 3.9.0 (trunk 271312):
$ clang -std=c11 -Weverything -O3 -fsanitize=undefined test.c && ./a.out
test.c:12:18: warning: null passed to a callee that requires a non-null argument [-Wnonnull]
printf("%d\n", f(0));
^ ~
test.c:3:18: note: callee declares array parameter as static here
static int f(int a[static 1])
^~~~~~~~~~~
1 warning generated.
1
ch3root commented
An example illustrating that clang uses dereferenceability of the full static
size. It crashes. The crash goes away with:
- removing
static
, or - changing
static 2
tostatic 1
, or - changing
a[1]
toa[2]
.
Source code:
#include <string.h>
#include <stdio.h>
#include <unistd.h>
#include <sys/mman.h>
#define MAP_ANONYMOUS 0x20
static int f(char a[static 2], int k)
{
return k ? 0 : a[1];
}
int main(int argc, char **argv)
{
(void)argv;
size_t pagesize = (size_t)sysconf(_SC_PAGESIZE);
char *p = mmap(NULL, pagesize * 2, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
if (p == MAP_FAILED)
return 1;
memset(p, 0, pagesize * 2);
if (mprotect(p + pagesize, pagesize, PROT_NONE) != 0)
return 2;
printf("%d\n", f(p + pagesize - 1, argc));
}
Results:
$ clang -std=c11 -Weverything -O3 test.c && ./a.out
Segmentation fault
clang version: clang version 3.9.0 (trunk 271312)