1 #include <stdio.h> 2 3 #define ARRAY_SIZE(x) (sizeof(x)/sizeof((x)[0])) 4 5 int a[] = {1, 2, 3, 4}; 6 7 int main(void) 8 { 9 int *p; 10 11 for (p = a; p < &a[ARRAY_SIZE(a)]; p++) 12 printf("%d\n", *p); 13 p = &a[5]; 14 return 0; 15 } 16 /* 17 * check-name: smatch array check #3 18 * check-command: smatch sm_array_overflow3.c 19 * 20 * check-output-start 21 sm_array_overflow3.c:13 main() error: buffer overflow 'a' 4 <= 5 22 * check-output-end 23 */ 24