walkero
/
cppcheck
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

CheckBufferOverrun: Added comment in code to clarify why severity is portability for pointerOutOfBounds message.

This commit is contained in:
Daniel Marjamäki 2014-12-22 15:41:46 +01:00
parent 91e45ba8d7
commit e16a934fb3
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lib/checkbufferoverrun.cpp
View File

@ -175,6 +175,9 @@ void CheckBufferOverrun::outOfBoundsError(const Token *tok, const std::string &w
void CheckBufferOverrun::pointerOutOfBoundsError(const Token *tok, const std::string &object)
{
// The severity is portability instead of error since this ub doesnt
// cause bad behaviour on most implementations. people create out
// of bounds pointers by intention.
reportError(tok, Severity::portability, "pointerOutOfBounds", "Undefined behaviour: Pointer arithmetic result does not point into or just past the end of the " + object + ".\n"
"Undefined behaviour: The result of this pointer arithmetic does not point into or just one element past the end of the " + object + ". Further information: https://www.securecoding.cert.org/confluence/display/seccode/ARR30-C.+Do+not+form+or+use+out+of+bounds+pointers+or+array+subscripts");
}