Multi-dimensional arrays and Code Analysis
-
Friday, September 14, 2012 10:28 AM
Hello, everybody.
I have an example of code#define MAX 10 #define BUFFER_SIZE 1024 TCHAR Strings[MAX - 1][BUFFER_SIZE]; VOID FillArray( _Out_writes_(MAX) TCHAR Array[MAX][BUFFER_SIZE] ) { // // Here must be the Write overrun, but the Code Analysis is silent // for (int i = 0; i < MAX + 1; i++) { _tcscpy_s(Array[i], _countof(Array[0]), _T("hello world")); } } int _tmain(int argc, _TCHAR* argv[]) { // // Here the Code Analysis shows: // C6386 Write overrun // Buffer overrun while writing to 'Strings': the writable size is '18432' bytes, // but '20480' bytes might be written. // FillArray(Strings); return 0; }Did I apply wrong annotation or the current version of the Code Analysis just does not recognize this type of error?
All Replies
-
Tuesday, September 18, 2012 5:38 AMModerator
Hi Andrey,
Thank you for posting in the MSDN forum.
Which VS version are you using? If possible, you could share us this project, we try to check it in our PC.
Please attach your Visual Studio project, you can upload it to the sky driver, and then share the download link in your post.
Best Regards,
Jack Zhai [MSFT]
MSDN Community Support | Feedback to us
-
Tuesday, September 18, 2012 7:12 PM
Hi Jack,
I use the Visual Studio Ultimate 2012. You can just create a "Win32 Console Application" and paste the code. In the settings of the project I only changed the Code Analysis Rule Set to the Microsoft All Rules.
I also used the same code with the _Out_cap_c_ annotation in Visual Studio Ultimate 2010 and Visual Studio Ultimate 2012, and got a different results:
VOID FillArray( _Out_cap_c_(MAX) TCHAR Array[MAX][BUFFER_SIZE] ) { // // Visual Studio Ultimate 2010: warning C6385: Invalid data: accessing 'Array', // the readable size is '0*2048' bytes, but '4096' bytes might be read. // Code Analysis thinks that 'Array' is '0*2048' bytes, but 'Array' is 20480 bytes. // // // Visual Studio Ultimate 2012: No code analysis issues were detected. // for (int i = 0; i < MAX + 1; i++) { _tcscpy_s(Array[i], _countof(Array[0]), _T("hello world")); } } -
Wednesday, September 19, 2012 8:03 AMModerator
Hi Andrey,
Do you mean that you could get the C6386 in VS2012? But it has the C6385 warning in VS2010, am I right?
Not the VC++ expert, I could create this app in VS2012.
#include "stdafx.h"
#include <iostream>
#define MAX 10
#define BUFFER_SIZE 1024
TCHAR Strings[MAX - 1][BUFFER_SIZE];
void FillArray(_Out_writes_(MAX) TCHAR Array[MAX][BUFFER_SIZE])
{
for (int i = 0; i < MAX + 1; i++) {
_tcscpy_s(Array[i], _countof(Array[0]), _T("hello world"));
}
}
int _tmain(int argc, _TCHAR* argv[])
{
FillArray(Strings);
return 0;
}
And then I try to use the Code Analysis, select “Enable Code Analysis on Build”, and run this rule set “Microsoft All Rules”, I get the result like your previous reply.
C6386: Buffer overrun while writing to 'Strings': the writable size is '18432' bytes, but '20480' bytes might be written.
But it seems that it doesn’t work if I copy the same code in the VS2010. Would you mind sharing us the app in the VS2010? In addition, you could check the difference between the two apps, maybe you could get some useful information.
Best Regards,
Jack Zhai [MSFT]
MSDN Community Support | Feedback to us
- Edited by Jack Zhai - MSFTMicrosoft Contingent Staff, Moderator Wednesday, September 19, 2012 8:03 AM
-
Wednesday, September 19, 2012 11:04 AM
Hi Jack,
The warning C6386 shows up in both VS and the C6385 only in VS2010.
This code for both VS:
#define MAX 10 #define BUFFER_SIZE 1024 TCHAR Strings[MAX - 1][BUFFER_SIZE]; VOID FillArray( _Out_cap_c_(MAX) TCHAR Array[MAX][BUFFER_SIZE] ) { // // Visual Studio Ultimate 2010: warning C6385: Invalid data: accessing 'Array', // the readable size is '0*2048' bytes, but '4096' bytes might be read. // Code Analysis thinks that 'Array' is '0*2048' bytes, but 'Array' is 20480 bytes. // // // Visual Studio Ultimate 2012: No code analysis issues were detected. // Here must be the Write overrun, but the Code Analysis is silent // for (int i = 0; i < MAX + 1; i++) { _tcscpy_s(Array[i], _countof(Array[0]), _T("hello world")); } } int _tmain(int argc, _TCHAR* argv[]) { // // C6386 Write overrun // Buffer overrun while writing to 'Strings': the writable size is '18432' bytes, // but '20480' bytes might be written. // FillArray(Strings); return 0; }
This code only for VS2012:
#define MAX 10 #define BUFFER_SIZE 1024 TCHAR Strings[MAX - 1][BUFFER_SIZE]; VOID FillArray( _Out_writes_(MAX) TCHAR Array[MAX][BUFFER_SIZE] ) { // // Visual Studio Ultimate 2012: No code analysis issues were detected. // Here must be the Write overrun, but the Code Analysis is silent // for (int i = 0; i < MAX + 1; i++) { _tcscpy_s(Array[i], _countof(Array[0]), _T("hello world")); } } int _tmain(int argc, _TCHAR* argv[]) { // // C6386 Write overrun // Buffer overrun while writing to 'Strings': the writable size is '18432' bytes, // but '20480' bytes might be written. // FillArray(Strings); return 0; }
The difference beetwen the examples is that the first use annotation _Out_cap_c_ and the second _Out_writes_. -
Thursday, September 20, 2012 7:43 AMModerator
Hi Andrey,
Glad to receive your reply.
I try to repro it again, I get the same result as yours, the same app has the different warnings in VS2010 and VS2012.
To help you resolve this issue, I suggest you can submit this feedback to Microsoft Connect feedback portal: http://connect.microsoft.com, Microsoft engineers will evaluate them seriously. If you submit this feedback, hope you could post it here, I will vote it. Thanks for your understanding.
Sincerely,
Jack Zhai [MSFT]
MSDN Community Support | Feedback to us
-
Thursday, September 20, 2012 12:37 PM
- Marked As Answer by Jack Zhai - MSFTMicrosoft Contingent Staff, Moderator Friday, September 21, 2012 1:42 AM
