e5e7204f41
## Review A dedicated reviewer checked the rule description successfully for: - [ ] logical errors and incorrect information - [ ] information gaps and missing content - [ ] text style and tone - [ ] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule) --------- Co-authored-by: gaetan-ferry-sonarsource <112399173+gaetan-ferry-sonarsource@users.noreply.github.com>
26 lines
780 B
Plaintext
26 lines
780 B
Plaintext
== How to fix it
|
|
|
|
=== Code examples
|
|
|
|
In the following code example, ``memchr`` is used to find the first occurrence of the ``@`` character in a buffer, ``array``. The second argument does not match the size of this buffer, so it may find an occurrence of the character after the end of the buffer and read data it is not supposed to. If the returned ``pos`` pointer is later used to write characters, this could unexpectedly overwrite data.
|
|
|
|
==== Noncompliant code example
|
|
|
|
[source,cpp,diff-id=1,diff-type=noncompliant]
|
|
----
|
|
char array[10];
|
|
initialize(array);
|
|
char *pos = memchr(array, '@', 42); // Noncompliant
|
|
----
|
|
|
|
|
|
==== Compliant solution
|
|
|
|
[source,cpp,diff-id=1,diff-type=compliant]
|
|
----
|
|
char array[10];
|
|
initialize(array);
|
|
char *pos = memchr(array, '@', sizeof(array));
|
|
----
|
|
|