C++ 缓冲区溢出;VS代码分析
在VS 2012中启用静态代码分析时,以下代码因缓冲区溢出而失败C++ 缓冲区溢出;VS代码分析,c++,visual-studio-2012,C++,Visual Studio 2012,在VS 2012中启用静态代码分析时,以下代码因缓冲区溢出而失败 SimulationData result = rri->getSimulationResult(); //Extract the data and return struct.. RRResult* aResult = new RRResult; aResult->RSize = result.rSize(); aResult->CSize = result.cSi
SimulationData result = rri->getSimulationResult();
//Extract the data and return struct..
RRResult* aResult = new RRResult;
aResult->RSize = result.rSize();
aResult->CSize = result.cSize();
int size = aResult->RSize*aResult->CSize;
aResult->Data = new double[size];
int index = 0;
//The data layout is simple row after row, in one single long row...
for(int row = 0; row < aResult->RSize; row++)
{
for(int col = 0; col < aResult->CSize; col++)
{
aResult->Data[index++] = result(row, col); //Over run here! but how?
}
}
有人能发现它有什么问题吗?可能有助于查看SimulationData::operator a.k.a.,result的实现。从静态代码分析的结果中查看实际描述会更有帮助。aResult->RSize和aResult->CSize的类型是什么?乘法中看起来像是溢出。RSize和CSize的类型是整数。下面是代码分析窗口中编辑为适合的描述:C6386写入“aResult->Data”时写入溢出缓冲区溢出:可写大小为“size*8”字节,但可能会写入“24”字节。“index”可能等于对“aResult->Data[2]的2次无效写入,可写范围为0到0