Can any C debugger catch this error?

Discussion in 'C Programming' started by virtual@lavabit.com, Dec 12, 2008.

  1. Guest

    Here is the contents of "blah.c":

    #include <string.h>

    int main(void)
    {
    char buf1[5];
    char buf2[5];

    strcpy(buf2, "12345678");

    return 0;
    }

    I've tried using Valgrind as follows:

    virchanza ~ $ gcc -g -o blah blah.c
    virchanza ~ $ valgrind ./blah
    ==6502== Memcheck, a memory error detector.
    ==6502== Copyright (C) 2002-2007, and GNU GPL'd, by Julian Seward et
    al.
    ==6502== Using LibVEX rev 1854, a library for dynamic binary
    translation.
    ==6502== Copyright (C) 2004-2007, and GNU GPL'd, by OpenWorks LLP.
    ==6502== Using valgrind-3.3.1-Debian, a dynamic binary instrumentation
    framework.
    ==6502== Copyright (C) 2000-2007, and GNU GPL'd, by Julian Seward et
    al.
    ==6502== For more details, rerun with: -v
    ==6502==
    ==6502==
    ==6502== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 11 from
    1)
    ==6502== malloc/free: in use at exit: 0 bytes in 0 blocks.
    ==6502== malloc/free: 0 allocs, 0 frees, 0 bytes allocated.
    ==6502== For counts of detected errors, rerun with: -v
    ==6502== All heap blocks were freed -- no leaks are possible.

    As you can see, Valgrind doesn't mention the error. Does anyone know
    of any debugging tool on any platform that can catch this error?

    My platform is Linux on x86.
     
    , Dec 12, 2008
    #1
    1. Advertising

  2. writes:

    > #include <string.h>
    >
    > int main(void)
    > {
    > char buf1[5];
    > char buf2[5];
    >
    > strcpy(buf2, "12345678");
    >
    > return 0;
    > }
    >
    > I've tried using Valgrind as follows:

    [...]

    It appears valgrind doesn't detect this sort of error. Sorry for
    misleading you.

    Mudflap, however, does.

    nate@archdiocese:/tmp$ gcc-4.3 -fmudflap -o blah blah.c -lmudflap
    nate@archdiocese:/tmp$ ./blah
    *******
    mudflap violation 1 (check/write): time=1229075915.384719 ptr=0xbfbc6826 size=9
    pc=0xb7e5f2bd location=`(strcpy dest)'
    /usr/lib/libmudflap.so.0(__mf_check+0x3d) [0xb7e5f2bd]
    /usr/lib/libmudflap.so.0(__mfwrap_strcpy+0xc3) [0xb7e6cad3]
    ./blah(main+0x48) [0x80486ec]
    Nearby object 1: checked region begins 0B into and ends 4B after
    mudflap object 0x804ad68: name=`blah.c:6:10 (main) buf2'
    bounds=[0xbfbc6826,0xbfbc682a] size=5 area=stack check=0r/3w liveness=3
    alloc time=1229075915.384667 pc=0xb7e5ea5d
    number of nearby objects: 1
     
    Nate Eldredge, Dec 12, 2008
    #2
    1. Advertising

  3. In article <>,
    <> wrote:

    > char buf2[5];
    >
    > strcpy(buf2, "12345678");


    >As you can see, Valgrind doesn't mention the error.


    No, it basically only detects errors with malloc()ed memory.

    >Does anyone know
    >of any debugging tool on any platform that can catch this error?


    I believe that when I used dbx on Solaris years ago it could do this,
    but I might be wrong.

    -- Richard
    --
    Please remember to mention me / in tapes you leave behind.
     
    Richard Tobin, Dec 12, 2008
    #3
  4. Guest

    On Dec 12, 5:03 pm, Nate Eldredge <> wrote:

    > Mudflap, however, does.



    Fantastic, thanks! :-D

    For anyone in my position, here's how to get mudflap working on
    Ubuntu:
    apt-get install libmudflap0
    apt-get install libmudflap0-4.3-dev

    Is there any other debugging tools I should know about? Currently I'm
    using gdb and mudflap :-D
     
    , Dec 12, 2008
    #4
  5. maverik Guest

    On Dec 12, 12:45 pm, wrote:
    > As you can see, Valgrind doesn't mention the error. Does anyone know
    > of any debugging tool on any platform that can catch this error?


    AFAIK, a Lint/Splint also can detect this error. It's not a debugging
    tool, but the tool for statically checking C programs for security
    vulnerabilities and coding mistakes.
     
    maverik, Dec 12, 2008
    #5
  6. writes:

    > On Dec 12, 5:03 pm, Nate Eldredge <> wrote:
    >
    >> Mudflap, however, does.

    >
    > Fantastic, thanks! :-D

    <snip>
    > Is there any other debugging tools I should know about? Currently I'm
    > using gdb and mudflap :-D


    Don't dump valgrind's memcheck tool. Not only does it check allocated
    memory, it also checks for uses of indeterminate values.

    --
    Ben.
     
    Ben Bacarisse, Dec 12, 2008
    #6
  7. user923005 Guest

    On Dec 12, 1:45 am, wrote:
    > Here is the contents of "blah.c":
    >
    > #include <string.h>
    >
    > int main(void)
    > {
    >     char buf1[5];
    >     char buf2[5];
    >
    >     strcpy(buf2, "12345678");
    >
    >     return 0;
    >
    > }
    >
    > I've tried using Valgrind as follows:
    >
    > virchanza ~ $ gcc -g -o blah blah.c
    > virchanza ~ $ valgrind ./blah
    > ==6502== Memcheck, a memory error detector.
    > ==6502== Copyright (C) 2002-2007, and GNU GPL'd, by Julian Seward et
    > al.
    > ==6502== Using LibVEX rev 1854, a library for dynamic binary
    > translation.
    > ==6502== Copyright (C) 2004-2007, and GNU GPL'd, by OpenWorks LLP..
    > ==6502== Using valgrind-3.3.1-Debian, a dynamic binary instrumentation
    > framework.
    > ==6502== Copyright (C) 2000-2007, and GNU GPL'd, by Julian Seward et
    > al.
    > ==6502== For more details, rerun with: -v
    > ==6502==
    > ==6502==
    > ==6502== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 11 from
    > 1)
    > ==6502== malloc/free: in use at exit: 0 bytes in 0 blocks.
    > ==6502== malloc/free: 0 allocs, 0 frees, 0 bytes allocated.
    > ==6502== For counts of detected errors, rerun with: -v
    > ==6502== All heap blocks were freed -- no leaks are possible.
    >
    > As you can see, Valgrind doesn't mention the error. Does anyone know
    > of any debugging tool on any platform that can catch this error?
    >
    > My platform is Linux on x86.


    No need for a debugger.
    C:\tmp>type bug.c
    #include <string.h>
    int main(void)
    {
    char buf1[5];
    char buf2[5];
    strcpy(buf2, "12345678");
    return 0;
    }

    C:\tmp>type _LINT.TMP

    --- Module: bug.c (C)
    _
    strcpy(buf2, "12345678");
    bug.c(6) : Warning 419: Apparent data overrun for function 'strcpy
    (char *,
    const char *)', argument 2 (size=9) exceeds argument 1 (size=5)
    [Reference:
    file bug.c: line 6]
    bug.c(6) : Info 831: Reference cited in prior message
    _
    }
    bug.c(8) : Warning 529: Symbol 'buf1' (line 4) not subsequently
    referenced
    bug.c(4) : Info 830: Location cited in prior message
    _
    }
    bug.c(8) : Note 953: Variable 'buf1' (line 4) could be declared as
    const ---
    Eff. C++ 3rd Ed. item 3
    bug.c(4) : Info 830: Location cited in prior message

    I used PC-Lint, but Gimpel makes a Linux version too.
     
    user923005, Dec 12, 2008
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. John Black
    Replies:
    8
    Views:
    4,216
    Xenos
    Aug 20, 2004
  2. Adam
    Replies:
    9
    Views:
    613
    red floyd
    Feb 2, 2006
  3. Marteno Rodia

    catch doesn't catch a thrown exception

    Marteno Rodia, Aug 3, 2009, in forum: Java
    Replies:
    5
    Views:
    625
    Daniel Pitts
    Aug 5, 2009
  4. Robert Oschler
    Replies:
    1
    Views:
    246
    Mcginkel
    Sep 5, 2005
  5. aflat362
    Replies:
    7
    Views:
    236
    naixn
    Dec 7, 2006
Loading...

Share This Page