问题
#include <stdio.h>
main()
{
char buf[8];
sprintf(buf,"AAAA%3s","XXssssssssXXXsssssXXX");
printf("%s\n",buf);
}
I expected valgrind to detect a buffer overflow with the above code. But it does not report any errors or warnings. Do I need to enable any special flags for that?
回答1:
From Valgrind Tutorial
What valgrind is NOT
Although valgrind is an extremely useful program, it will not miraculously tell you about every memory bug in your program. There are several limitations that you should keep in mind. It does not do bounds checking on stack/static arrays ..
来源:https://stackoverflow.com/questions/29842747/valgrind-wont-detect-buffer-overflow