Click on image to see enlargment

PC-lint/FlexeLint Output | Reference Manual Explanation | Home

            bug671.cpp

1    #include <string.h>
2    #include <stdio.h>
3    const char *countries = "Albania ... USA ... ";
4    const char *country = "USA";
5    void HappyBirthday( const char *names, int len )
6        {
7        char greeting[100] = "Happy Birthday ";
8        if( !names || len >= 0 ) return;
9        strncat( greeting, names, len );
10       printf( "%s\n", greeting );
11       }
12   int main()
13       {
14       int len = strlen( country );
15       const char *names = strstr( countries, country );
16       HappyBirthday( names, len );
17       return 0;
18       }

This program (an abstraction from a larger program) was intended to create an appropriate greeting for the celebration of Independence Day in the United States. But something is going wrong. What is it?


bug671.cpp lint Output

--- Module:   bug671.cpp (C++)
                                  _
    strncat( greeting, names, len );
bug671.cpp(9) : Info 732: Loss of sign (arg. no. 3) (int to unsigned int) 
bug671.cpp(9) : Warning 671: Possibly passing to function 'strncat(char *,
    const char *, unsigned int)' a negative value (-1), arg. no. 3 [Reference:
    file bug671.cpp: line 8] 
                               _
    int len = strlen( country );
bug671.cpp(14) : Info 713: Loss of precision (initialization) (unsigned int to int)

Reference Manual Explanation


671    Possibly passing to function 'Symbol' a negative value (Integer),
       Context Reference  -- An integral value that may possibly be
       negative is being passed to a function that is expecting only
       positive values for a particular argument.  The message contains
       the name of the function (Symbol), the questionable value
       (Integer) and the argument number (Context).  The function may be
       a standard library function designed to accept only positive
       values such as malloc or memcpy (third argument), or may have
       been identified by the user as such through the -function or -sem
       options.  See message 422 for an example and further explanation..

Commentary

Who's passing a negative value to strncat(), you ask? Well, no one, at least not in this example. But the test that precedes the call to strncat() is shunting away anything but negative values. It's a classic case of one test revealing an error other than the one it was designed to catch.



If you have comments or questions about this bug, please post them to our   Discussion Forum


Previous Bug - Bug #669 - June 2007

[ new ] Use our Interactive Demo to Run FlexeLint on our Bugs of the Month

PC-lint/FlexeLint - Product Overview

Home | Contact | Order

PC-lint and FlexeLint are trademarks of Gimpel Software
Copyright 2007, Gimpel Software, All rights reserved.