I'm trying to implement merge sort in C when I came across something interesting raised by [Analyze -> Run Code Analysis] in Visual Studio 2015.
The code is as follows:
void MergeSort_r(int A[], int n)
{
// A = {1, 3, 2}
// n = 3
int rightCount;
int* R;
if ( n < 2 ) return;
// version 1: rightCount = 2
rightCount = n - (n/2);
// version 2: rightCount = 2
rightCount = n - 1;
R = ( int* ) malloc( rightCount * sizeof( int ) );
if ( R ) {
for ( int i = 0; i < rightCount; i++ ) {
R[i] = A[i];
}
free( R );
}
}
Even though both version of rightCount essentially evaluates to 2, in the first version, I get the warning:
"Buffer overrun while writing to 'R': the writable size is '(unsigned int)rightCount*sizeof(int)' bytes, but '8' bytes might be written."
Any idea why this is the case? Looking forward to hear your answers.
Visual C++ Code Analysis toolset may not always offer the best warnings. It tries to give you the best set of warnings to fix some potential issues/errors that may creep in at runtime. You have a few options:
#pragma
directive.new
, make_unique
etc.You should ideally always user newer smart pointers primitives like unique_ptr
, shared_ptr
etc. They not only allocate memory for you but deallocate on any exception thrown across the call stack. You don't need to type *
at all!
auto buffer = make_unique<int[]>(10); // 10 integers
Your code is fine and tools(especially analyzers) have their drawbacks — sometimes they generate false-positives. That's one of it. BTW, I checked your code on MSVS2015 and it gives me no warnings.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With