HP aC++/HP C A.06.25 Programmer's Guide
4 5 int a[10];
6 char b[10];
7 int *ip = &a[0]; // points to global array
8
9 int i;
10
11 void *foo(int n)
12 {
13 return malloc(n * sizeof(int));
14 }
15
16 int main(int argc, char **argv)
17 {
18 int j; // uninitialized variable
19
20 int *lp = (int*)foo(10); // points to heap object
21
22 // out of bound if "a.out 10"
23 if (argc > 1) {
24 i = atoi(argv[1]);
25 }
26
27 memset(b, 'a', i);
28
29 lp[i] = i;
30
31 ip[i+1] = i+1;
32
33 printf("lp[%d]=%d, ip[%d]=%d, ip[j=%d]=%d\n",
34 i, lp[i], i+1, ip[i+1], j, ip[j]);
35
36 return 0;
37 }
Compiling with +check=bounds:pointer:
$ cc +check=bounds:pointer rttest3.c
"rttest3.c", line 34: warning #2549-D: variable "j" is used before its
value is set
i, lp[i], i+1, ip[i+1], j, ip[j]);
^
Catch out-of-bounds pointer access through an uninitialized variable (the uninitialized
variable can be checked by +check=uninit):
$ RTC_NO_ABORT=1 a.out 2
Runtime Error: out of bounds buffer pointed by 0x40010320 has 40 bytes
(variable "a"), reading at 0x40010320-19824, 4 bytes ("rttest3.c", line 33)
(0) 0x0000000004004770 _rtc_raise_fault + 0x560 at rtc_utils.c:164
[./a.out](1) 0x0000000004008790 _rtc_oob_check_unknown_bounds + 0x1f0 at
rtc_bounds.c:465 [./a.out]
(2) 0x0000000004003920 main + 0x330 at rttest3.c:33 [./a.out]
(3) 0x60000000c0049c50 main_opd_entry + 0x50 [/usr/lib/hpux32/dld.so]
Memory fault(coredump)
Runtime Checking Options 103