Skip to content

Undefined behavior in call to strcmp() in acutest_select_() #77

New issue
New issue
Open
Open
Undefined behavior in call to strcmp() in acutest_select_()#77
@Melkor-1

Description

@Melkor-1
Melkor-1
opened on Jun 3, 2024

  • In main(), on line 1838, there is this call:

    acutest_cmdline_read_(acutest_cmdline_options_, argc, argc, acutest_cmdline_callback_)

    which on line 1438, calls the callback argument like this:

    ret = callback(opt->id, NULL);

    where callback is acutest_cmdline_callback_). This callback then on line 1681 calls:

    if (acutest_select_(arg) == 0)

    where arg was NULL. This then (on line 1059) calls:

    if (strcmp(acutest_list_[i].name, pattern) == 0)

    Yet pattern, the parameter holding the value of arg, is a null pointer.

    According to ISO C11, 7.1.4, "Use of library functions":

    Each of the following statements applies unless explicitly stated otherwise in the detailed descriptions that follow: If an argument to a function has an invalid value (such as [...] a null pointer [...]) [...], the behavior is undefined.

    The description of strcmp() in 7.24.4 does not state otherwise, so the behavior is undefined, and the above call to strcmp() invokes undefined behavior.

This was found when compiling the code with -fanalyzer with GCC 13.1.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions