Klocwork正在產生一個似乎是錯誤的警報。 它提到的bug描述了我們代碼中大約80%的錯誤。 請指教,非空結束字符串虛警?
因此就可以剪斷集(意譯): -
//a snip set
// no bug here //
{
char* destStr;
destStr = (char*)malloc(150);
if (destStr != NULL) {
destStr[0]= '\0'; //__here is the difference__
char * myStr = malloc(200) ;
if (myStr != NULL) {
strcpy(myStr , destStr) ;
}
free(myStr);
}
free (destStr);
destStr = NULL;
}
//__whereas a bug here__ !
{
char* destStr;
destStr = (char*) malloc(150);
if (destStr != NULL) {
destStr[0]= '\0'; // __here is the difference__
}
else {
printf("hello world \n");
}
if (destStr != NULL) {
char * myStr = malloc(200);
if (myStr != NULL) {
strcpy(myStr , destStr); // __NNTS (not NULL terminated string) – Buffer overflow of 'myStr' due to non null terminated string 'destStr'.__
}
free (myStr);
}
free (destStr);
destStr = NULL;
}
//end of snip set
可能重複的[未空終止字符串 - 一個Klocwork的錯誤,沒有可理解理由](HTTP ://sackoverflow.com/questions/3181018/not-null-terminated-string-a-klocwork-error-with-no-understandable-reason) – kiamlaluno 2010-08-10 07:48:56