blob: b424d5d5b047536404315d27a4be178f672d7405 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
// RUN: %clang_cc1 -analyze -analyzer-checker=experimental.security.taint,debug.TaintTest -verify %s
int scanf(const char *restrict format, ...);
int getchar(void);
#define BUFSIZE 10
int Buffer[BUFSIZE];
void bufferScanfAssignment(int x) {
int n;
int *addr = &Buffer[0];
scanf("%d", &n);
addr += n;// expected-warning {{tainted}}
*addr = n; // expected-warning 2 {{tainted}}
}
|
