1 #include "check_debug.h" 2 3 int strlen(char *buf); 4 void strcpy(char *dest, char *src); 5 int snprintf(char *dest, int limit, char *format, char *str); 6 int sprintf(char *dest, char *format, char *str); 7 8 char *str; 9 10 int main(void) 11 { 12 char buf[10]; 13 char buf1[10]; 14 15 if (strlen(str) > 11) 16 return; 17 snprintf(buf, 11, "%s", str); 18 sprintf(buf1, "%s", str); 19 } 20 /* 21 * check-name: smatch overflow #6 22 * check-command: smatch -I.. sm_overflow6.c 23 * 24 * check-output-start 25 sm_overflow6.c:17 main() error: snprintf() is printing too much 11 vs 10 26 sm_overflow6.c:17 main() error: snprintf() chops off the last chars of 'str': 12 vs 11 27 sm_overflow6.c:18 main() error: sprintf() copies too much data from 'str': 12 vs 10 28 * check-output-end 29 */ 30