1/* FUNCTION: __builtin___strcpy_chk */
7#ifdef __CPROVER_STRING_ABSTRACTION
12 "strcpy buffer overflow");
15 "builtin object size");
22 "strcpy src/dst overlap");
30 }
while(i < s &&
ch != (
char)0);
35/* FUNCTION: __builtin___strcat_chk */
41#ifdef __CPROVER_STRING_ABSTRACTION
49 "builtin object size");
55 //" for(size_t i=0; i<__CPROVER_zero_string_length(src); i++)
63 "strcat src/dst overlap");
70 for(; i < s &&
ch != (
char)0; ++i, ++j)
79/* FUNCTION: __builtin___strncat_chk */
85#ifdef __CPROVER_STRING_ABSTRACTION
91 "strncat zero-termination of 2nd argument");
94 "builtin object size");
111 "strncat src/dst overlap");
119 for(; i < s && j <
n &&
ch != (
char)0; ++i, ++j)
130/* FUNCTION: strcpy */
132#ifndef __CPROVER_STRING_H_INCLUDED
134 #define __CPROVER_STRING_H_INCLUDED
142#ifdef __CPROVER_STRING_ABSTRACTION
147 "strcpy buffer overflow");
154 "strcpy src/dst overlap");
162 }
while(
ch != (
char)0);
167/* FUNCTION: strncpy */
169#ifndef __CPROVER_STRING_H_INCLUDED
171#define __CPROVER_STRING_H_INCLUDED
179#ifdef __CPROVER_STRING_ABSTRACTION
189 (src >=
dst +
n) || (
dst >= src +
n),
190 "strncpy src/dst overlap");
195 // We use a single loop to make bounds checking etc easier.
196 // Note that strncpy _always_ writes 'n' characters into 'dst'.
197 for(end = 0; i <
n; i++)
199 ch = end ? 0 : src[i];
201 end = end ||
ch == (
char)0;
207/* FUNCTION: __builtin___strncpy_chk */
209#ifndef __CPROVER_STRING_H_INCLUDED
211#define __CPROVER_STRING_H_INCLUDED
221#ifdef __CPROVER_STRING_ABSTRACTION
228 "strncpy object size");
234 (src >=
dst +
n) || (
dst >= src +
n),
235 "strncpy src/dst overlap");
241 // We use a single loop to make bounds checking etc easier.
242 // Note that strncpy _always_ writes 'n' characters into 'dst'.
243 for(end = 0; i <
n; i++)
245 ch = end ? 0 : src[i];
247 end = end ||
ch == (
char)0;
253/* FUNCTION: strcat */
255#ifndef __CPROVER_STRING_H_INCLUDED
257#define __CPROVER_STRING_H_INCLUDED
265#ifdef __CPROVER_STRING_ABSTRACTION
268 "strcat zero-termination of 1st argument");
270 "strcat zero-termination of 2nd argument");
273 "strcat buffer overflow");
275 //" for(size_t i=0; i<__CPROVER_zero_string_length(src); i++)
283 "strcat src/dst overlap");
290 for(;
ch != (
char)0; ++i, ++j)
299/* FUNCTION: strncat */
301#ifndef __CPROVER_STRING_H_INCLUDED
303#define __CPROVER_STRING_H_INCLUDED
311#ifdef __CPROVER_STRING_ABSTRACTION
317 "strncat zero-termination of 2nd argument");
334 (src >=
dst +
n) || (
dst >= src +
n),
335 "strncat src/dst overlap");
343 for(; j <
n &&
ch != (
char)0; ++i, ++j)
354/* FUNCTION: strcmp */
356#ifndef __CPROVER_STRING_H_INCLUDED
358#define __CPROVER_STRING_H_INCLUDED
366#ifdef __CPROVER_STRING_ABSTRACTION
369 "strcmp zero-termination of 1st argument");
371 "strcmp zero-termination of 2nd argument");
382# pragma CPROVER check push
383# pragma CPROVER check disable "conversion"
386# pragma CPROVER check pop
403/* FUNCTION: strcasecmp */
405#ifndef __CPROVER_STRING_H_INCLUDED
407#define __CPROVER_STRING_H_INCLUDED
415#ifdef __CPROVER_STRING_ABSTRACTION
418 "strcasecmp zero-termination of 1st argument");
420 "strcasecmp zero-termination of 2nd argument");
431# pragma CPROVER check push
432# pragma CPROVER check disable "conversion"
435# pragma CPROVER check pop
455/* FUNCTION: strncmp */
457#ifndef __CPROVER_STRING_H_INCLUDED
459#define __CPROVER_STRING_H_INCLUDED
467#ifdef __CPROVER_STRING_ABSTRACTION
470 "strncmp zero-termination of 1st argument");
473 "strncmp zero-termination of 2nd argument");
481# pragma CPROVER check push
482# pragma CPROVER check disable "conversion"
485# pragma CPROVER check pop
497 while(
ch1!=0 &&
ch2!=0 && i<
n);
502/* FUNCTION: strncasecmp */
504#ifndef __CPROVER_STRING_H_INCLUDED
506#define __CPROVER_STRING_H_INCLUDED
514#ifdef __CPROVER_STRING_ABSTRACTION
517 "strncasecmp zero-termination of 1st argument");
519 "strncasecmp zero-termination of 2nd argument");
528# pragma CPROVER check push
529# pragma CPROVER check disable "conversion"
532# pragma CPROVER check pop
547 while(
ch1!=0 &&
ch2!=0 && i<
n);
552/* FUNCTION: strlen */
554#ifndef __CPROVER_STRING_H_INCLUDED
556#define __CPROVER_STRING_H_INCLUDED
564 #ifdef __CPROVER_STRING_ABSTRACTION
566 "strlen zero-termination");
575/* FUNCTION: strdup */
577#ifndef __CPROVER_STRING_H_INCLUDED
579#define __CPROVER_STRING_H_INCLUDED
582#ifndef __CPROVER_STDLIB_H_INCLUDED
584 #define __CPROVER_STDLIB_H_INCLUDED
596 if(
cpy==((
void *)0))
return 0;
597 #ifdef __CPROVER_STRING_ABSTRACTION
604/* FUNCTION: memcpy */
606#ifndef __CPROVER_STRING_H_INCLUDED
608#define __CPROVER_STRING_H_INCLUDED
617#ifdef __CPROVER_STRING_ABSTRACTION
622 // for(size_t i=0; i<n ; i++) dst[i]=src[i];
637 ((
const char *)src >= (
const char *)
dst +
n) ||
638 ((
const char *)
dst >= (
const char *)src +
n),
639 "memcpy src/dst overlap");
647 //for(__CPROVER_size_t i=0; i<n ; i++) ((char *)dst)[i]=((const char *)src)[i];
657/* FUNCTION: __builtin___memcpy_chk */
662#ifdef __CPROVER_STRING_ABSTRACTION
669 "builtin object size");
670 // for(size_t i=0; i<n ; i++) dst[i]=src[i];
684 ((
const char *)src >= (
const char *)
dst +
n) ||
685 ((
const char *)
dst >= (
const char *)src +
n),
686 "memcpy src/dst overlap");
695 //for(__CPROVER_size_t i=0; i<n ; i++) ((char *)dst)[i]=((const char *)src)[i];
704/* FUNCTION: memset */
706#ifndef __CPROVER_STRING_H_INCLUDED
708#define __CPROVER_STRING_H_INCLUDED
716 #ifdef __CPROVER_STRING_ABSTRACTION
718 "memset buffer overflow");
719 // for(size_t i=0; i<n ; i++) s[i]=c;
734 "memset destination region writeable");
739 //for(__CPROVER_size_t i=0; i<n ; i++) sp[i]=c;
740 unsigned char s_n[
n];
748/* FUNCTION: __builtin_memset */
753 #ifdef __CPROVER_STRING_ABSTRACTION
755 "memset buffer overflow");
756 // for(size_t i=0; i<n ; i++) s[i]=c;
773 "memset destination region writeable");
778 //for(__CPROVER_size_t i=0; i<n ; i++) sp[i]=c;
779 unsigned char s_n[
n];
787/* FUNCTION: __builtin___memset_chk */
792#ifdef __CPROVER_STRING_ABSTRACTION
794 "memset buffer overflow");
797 "builtin object size");
798 // for(size_t i=0; i<n ; i++) s[i]=c;
813 "memset destination region writeable");
819 //for(__CPROVER_size_t i=0; i<n ; i++) sp[i]=c;
820 unsigned char s_n[
n];
828/* FUNCTION: memmove */
830#ifndef __CPROVER_STRING_H_INCLUDED
832#define __CPROVER_STRING_H_INCLUDED
837 void *
memmove(
void *dest,
const void *src,
size_t n)
840 #ifdef __CPROVER_STRING_ABSTRACTION
842 "memmove buffer overflow");
843 // dst = src (with overlap allowed)
854 "memmove source region readable");
856 "memmove destination region writeable");
868/* FUNCTION: __builtin___memmove_chk */
870#ifndef __CPROVER_STRING_H_INCLUDED
872#define __CPROVER_STRING_H_INCLUDED
880 #ifdef __CPROVER_STRING_ABSTRACTION
882 "memmove buffer overflow");
885 "builtin object size");
886 // dst = src (with overlap allowed)
899 "memmove source region readable");
901 "memmove destination region writeable");
914/* FUNCTION: memcmp */
916#ifndef __CPROVER_STRING_H_INCLUDED
918#define __CPROVER_STRING_H_INCLUDED
927 #ifdef __CPROVER_STRING_ABSTRACTION
929 "memcmp buffer overflow of 1st argument");
931 "memcmp buffer overflow of 2nd argument");
934 "memcmp region 1 readable");
936 "memcpy region 2 readable");
949/* FUNCTION: strchr */
951#ifndef __CPROVER_STRING_H_INCLUDED
953#define __CPROVER_STRING_H_INCLUDED
961 #ifdef __CPROVER_STRING_ABSTRACTION
963 "strchr zero-termination of string argument");
966 return found?src+i:0;
971 return ((
char *)src)+i;
// cast away const-ness
978/* FUNCTION: strrchr */
980#ifndef __CPROVER_STRING_H_INCLUDED
982#define __CPROVER_STRING_H_INCLUDED
990 #ifdef __CPROVER_STRING_ABSTRACTION
992 "strrchr zero-termination of string argument");
995 return found?((
char *)src)+i:0;
1000 if(src[i]==(
char)
c)
res=((
char *)src)+i;
1001 if(src[i]==0)
break;
1007/* FUNCTION: strerror */
1009#ifndef __CPROVER_STRING_H_INCLUDED
1011#define __CPROVER_STRING_H_INCLUDED
1018 #ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
__CPROVER_bool __CPROVER_w_ok(const void *,...)
__CPROVER_bool __CPROVER_r_ok(const void *,...)
ait supplies three of the four components needed: an abstract interpreter (in this case handling func...
exprt object_size(const exprt &pointer)
void * calloc(__CPROVER_size_t nmemb, __CPROVER_size_t size)
int strncmp(const char *s1, const char *s2, size_t n)
char * __builtin___strcpy_chk(char *dst, const char *src, __CPROVER_size_t s)
int strcmp(const char *s1, const char *s2)
void * memset(void *s, int c, size_t n)
void * __builtin___memcpy_chk(void *dst, const void *src, __CPROVER_size_t n, __CPROVER_size_t size)
void * memmove(void *dest, const void *src, size_t n)
void * __builtin___memset_chk(void *s, int c, __CPROVER_size_t n, __CPROVER_size_t size)
char * strerror(int errnum)
__inline char * __builtin___strcat_chk(char *dst, const char *src, __CPROVER_size_t s)
char * __builtin___strncpy_chk(char *dst, const char *src, size_t n, size_t object_size)
char * strcpy(char *dst, const char *src)
int strncasecmp(const char *s1, const char *s2, size_t n)
int strcasecmp(const char *s1, const char *s2)
__inline char * __builtin___strncat_chk(char *dst, const char *src, __CPROVER_size_t n, __CPROVER_size_t s)
char * strrchr(const char *src, int c)
char * strncpy(char *dst, const char *src, size_t n)
void * __builtin_memset(void *s, int c, __CPROVER_size_t n)
char * strcat(char *dst, const char *src)
int memcmp(const void *s1, const void *s2, size_t n)
char * strchr(const char *src, int c)
size_t strlen(const char *s)
void * memcpy(void *dst, const void *src, size_t n)
void * __builtin___memmove_chk(void *dest, const void *src, size_t n, __CPROVER_size_t size)
char * strdup(const char *str)
char * strncat(char *dst, const char *src, size_t n)