forked from OSchip/llvm-project
58 lines
1.6 KiB
ReStructuredText
58 lines
1.6 KiB
ReStructuredText
.. title:: clang-tidy - bugprone-misplaced-operator-in-strlen-in-alloc
|
|
|
|
bugprone-misplaced-operator-in-strlen-in-alloc
|
|
==============================================
|
|
|
|
Finds cases where ``1`` is added to the string in the argument to ``strlen()``,
|
|
``strnlen()``, ``strnlen_s()``, ``wcslen()``, ``wcsnlen()``, and ``wcsnlen_s()``
|
|
instead of the result and the value is used as an argument to a memory
|
|
allocation function (``malloc()``, ``calloc()``, ``realloc()``, ``alloca()``) or
|
|
the ``new[]`` operator in `C++`. The check detects error cases even if one of
|
|
these functions (except the ``new[]`` operator) is called by a constant function
|
|
pointer. Cases where ``1`` is added both to the parameter and the result of the
|
|
``strlen()``-like function are ignored, as are cases where the whole addition is
|
|
surrounded by extra parentheses.
|
|
|
|
`C` example code:
|
|
|
|
.. code-block:: c
|
|
|
|
void bad_malloc(char *str) {
|
|
char *c = (char*) malloc(strlen(str + 1));
|
|
}
|
|
|
|
|
|
The suggested fix is to add ``1`` to the return value of ``strlen()`` and not
|
|
to its argument. In the example above the fix would be
|
|
|
|
.. code-block:: c
|
|
|
|
char *c = (char*) malloc(strlen(str) + 1);
|
|
|
|
|
|
`C++` example code:
|
|
|
|
.. code-block:: c++
|
|
|
|
void bad_new(char *str) {
|
|
char *c = new char[strlen(str + 1)];
|
|
}
|
|
|
|
|
|
As in the `C` code with the ``malloc()`` function, the suggested fix is to
|
|
add ``1`` to the return value of ``strlen()`` and not to its argument. In the
|
|
example above the fix would be
|
|
|
|
.. code-block:: c++
|
|
|
|
char *c = new char[strlen(str) + 1];
|
|
|
|
|
|
Example for silencing the diagnostic:
|
|
|
|
.. code-block:: c
|
|
|
|
void bad_malloc(char *str) {
|
|
char *c = (char*) malloc(strlen((str + 1)));
|
|
}
|