V742. Function receives an address of a 'char' type variable instead of pointer to a buffer.


The analyzer detected an error that has to do with passing the address of a variable of type 'char' to a string-handling function, which expects a pointer to a buffer of characters instead. It may lead to runtime errors since functions working with pointers to buffers of characters expect a number of characters and, sometimes, a null terminator at the end of the buffer.

Consider the following example:

const char a = 'f';
size_t len = strlen(&a);

In this code, a function that should return the length of a string receives a pointer to variable 'a'. As a result, the whole memory block following the variable's address until a null terminator is found is treated as a string. The outcome of executing this function is undefined; it may return a random value or raise a memory access error.

This bug pattern is very uncommon and usually results from bad code editing or mass replacement of substrings.

To fix the error, one should use a data set corresponding with a buffer of characters or use functions processing single characters.

The fixed version of the code above should look like this:

const char a[] = "f";
size_t len = strlen(a);

According to Common Weakness Enumeration, potential errors found by using this diagnostic are classified as CWE-170.


Bugs Found

Checked Projects
344
Collected Errors
12 899