1 #include "check_debug.h" 2 3 void memdup(char *to, int size); 4 void strcpy(char *dest, char *src); 5 6 void func (char *a, char *b) 7 { 8 char c[5]; 9 10 a = memdup(b, 5); 11 strcpy(c, a); 12 a[5] = '\0'; 13 } 14 /* 15 * check-name: smatch memdup overflow 16 * check-command: smatch -I.. sm_overflow5.c 17 * 18 * check-output-start 19 sm_overflow5.c:12 func() error: buffer overflow 'a' 5 <= 5 20 * check-output-end 21 */ 22