Ett Martin wrote:
> I have checked the sources with a static code analysis tool cppcheck:
>
> cppcheck -q -a -j2 postgresql-8.3.7
> [postgresql-8.3.7/contrib/cube/cube.c:1418]: (all) Array index out of
> bounds
> [postgresql-8.3.7/contrib/cube/cube.c:1437]: (all) Array index out of
> bounds
Have you then verified that the complaint is actually valid? Static
analysis tools only point out places where you might want to look.
It's common in C to do things like:
struct block {
block *next;
size_t blockdata_size;
uint8_t blockdata[0];
}
where you allocate a `block' structure using something like:
block* alloc_block(size_t numbytes)
{
return (block*)(malloc(sizeof(block)+numbytes));
}
Because C permits indexing past the end of an array, you can then safely
and legally access your allocated memory past the block header with
things like:
someblock->blockdata[11];
Static analysis tools won't realise what's going on, and will complain.
I'd say after a quick glance that that's what's happening here, though
I'm far from certain.
--
Craig Ringer