public inbox for gcc-bugs@sourceware.org help / color / mirror / Atom feed
From: "noloader at gmail dot com" <gcc-bugzilla@gcc.gnu.org> To: gcc-bugs@gcc.gnu.org Subject: [Bug analyzer/95043] New: GCC 10 Analyzer and false positive on 'memcpy(dest, src, count);' Date: Sun, 10 May 2020 23:09:24 +0000 [thread overview] Message-ID: <bug-95043-4@http.gcc.gnu.org/bugzilla/> (raw) https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95043 Bug ID: 95043 Summary: GCC 10 Analyzer and false positive on 'memcpy(dest, src, count);' Product: gcc Version: 10.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: analyzer Assignee: dmalcolm at gcc dot gnu.org Reporter: noloader at gmail dot com Target Milestone: --- Created attachment 48500 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=48500&action=edit Preprocessed source file idea.ii Hi Everyone, I'm trying out the analyzer on a C++ project. I'm working on Fedora 32 with GCC 10. $ gcc --version gcc (GCC) 10.0.1 20200430 (Red Hat 10.0.1-0.14) Here's what I am seeing: | 527 | if (src && dest) | | ~~ | | | | | (9) ...to here | | (10) following ‘true’ branch... | 528 | memcpy(dest, src, count); | | ~~~~~~~~~~~~~~~~~~~~~~~~ | | | | | | | (12) argument 1 (‘dest’) NULL where non-null expected Here's the source file: https://github.com/weidai11/cryptopp/blob/master/misc.h#L506. And the function (with extra noise omitted): inline void memcpy_s(void *dest, size_t sizeInBytes, const void *src, size_t count) { if (count > sizeInBytes) throw InvalidArgument("memcpy_s: buffer overflow"); if (src && dest) memcpy(dest, src, count); } I have not been able to reproduce this with a reproducer. The reproducer shown below fails to tickle the issue. Attached is the preprocessed source file with the problem, idea.ii.tar.gz. ========== The reproducer shown below fails to reproduce the issue. $ cat test.cxx #include <cstddef> #include <stdexcept> #include <cstring> #include <memory> inline void my_memcpy(void* dest, size_t sizeInBytes, const void* src, size_t count) { if (count > sizeInBytes) throw std::runtime_error("Overflow"); if(dest && src) memcpy(dest, src, count); } int main(int argc, char* argv[]) { char buf[16]; my_memcpy(NULL, 16, argv[0], strlen(argv[0])); return 0; }
next reply other threads:[~2020-05-10 23:09 UTC|newest] Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top 2020-05-10 23:09 noloader at gmail dot com [this message] 2020-05-11 7:30 ` [Bug analyzer/95043] " marxin at gcc dot gnu.org 2020-05-11 16:29 ` dmalcolm at gcc dot gnu.org 2021-03-02 21:49 ` dmalcolm at gcc dot gnu.org 2021-03-24 21:08 ` dmalcolm at gcc dot gnu.org
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=bug-95043-4@http.gcc.gnu.org/bugzilla/ \ --to=gcc-bugzilla@gcc.gnu.org \ --cc=gcc-bugs@gcc.gnu.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).