- This topic has 5 replies, 2 voices, and was last updated 15 years, 7 months ago by
.
- Posts
Hello,
how can I find a buffer overflow in arrays?For example:
int x[10];
int y[5][5];
int z[5][5][2];x[12] = 0;
y[3][7] = 8;
z[2][6][1] = 8;Compilers don’t find these problems during compilation or during run-time.
Can some one help me?
Thanks
The best thing to do in c/c++ is check that the indexes are with in range :
12345<br />int array [ 2] [ 2 ];<br />if ( i < 2 && j < 2 )<br />var = array [ i ] [ j ];<br />since c/c++ does not use array descriptors ( an array header with the maximum length information ) there is really no other way I can think of.
Interesting program ( I suppose this software is based on a parser that uses the C/C++ grammer that checks declarations and uses of pointers and arrays ). I guess its fine to use something like this ( if you trust the authors code :) ). You do have to run your source code through two translators per compile though , this could take extra time with large programs …..
I haven’t used the software since I’ve gotten pretty good at finding access violations after years of writing my own data structures and lots of software that uses pointers. Anything I write in C/C++ or assembly language is designed with execution speed in mind so I probably would not use anything that slows my code down ( I belive that is why C/C++ was designed without provisions to check for access violations at compile time ). Anyway , I guess the software is a clever idea and if you don’t mind the performance hit , use it ………
- The forum ‘C Programming’ is closed to new topics and replies.