Bug Buster 001: Can You Bust the Bug?

Bug Buster

Sponsored by Rogue Wave, maker of Klocwork

How good are you at finding bugs in code? The following is a code snippet that contains an error. Take a look at the code listing and see if you can find the error. To make it easier, we've listed five options. One of those options is correct while the other four are not.

Can you find the error without looking at the choices?

Bug Buster #001

Here is the first Bug Buster:

The code:

char letters_array[26];
for( int i = 0; i <= 26; i++ )
          letters_array[i] = (char)(i + 64); 

cout << letters_array[1] << letters_array[18];
cout << letters_array[3] << letters_array[3];

Your choices:

The char cast in the third line causes a type-mismatch error. You can't do (char) (i + 64)
The for loop is infinite.
There is a buffer overflow for the letters_array array.
letters_array is not initialized before it is used.
Nothing is wrong. The code works fine.

 

How quickly can you find the issue? Feel free to comment on how quickly you found the issue! We will be posting additional snippets over the coming weeks with additional bugs for you to bust. You can click to the next page to find the answer.

Bug Buster 1: Answer

The letters_array is declared with 26 items, thus is valid with indexes from 0 to 25. The <= in the third line will allow the index of 26 to be used, thus pointing to the 27th element. This is a buffer overflow error. How long did it take you to find the issue?

In a short listing like this, the buffer overflow is pretty easy to find. In a listing with thousands of lines of code, this can get a lot harder. Buffer overflows are just one of the errors that a static code analysis tool like Rogue Wave’s Klocwork can find quickly, thus saving you time.



Comments

  • There are no comments yet. Be the first to comment!

Leave a Comment
  • Your email address will not be published. All fields are required.

Top White Papers and Webcasts

  • Testing full recoveries of IT environments requires a proven methodology. Establishing and meeting recovery time objectives (RTOs), configuring a cloud recovery system, and tracking your changing environment are all critical components of a successful cloud recovery operation. It's also important to establish and follow a set of cloud disaster recovery (CDR) best practices. Read this technical guide to learn about these best practices, along with how disaster recovery as a service (DRaaS) can help you complete …

  • Our on-demand webinar on Chef Automate will show you how to build, deploy, and manage your infrastructure and apps from one platform. Additionally, you'll have access to Chef Automate's commercial features, gain end-to-end visibility across your entire fleet, enable continuous compliance, and manage all change within a unified workflow. Other key takeaways include how to: Automate the creation of your computing infrastructure and configuration of your applications Dynamically configure nodes (any physical …

Most Popular Programming Stories

More for Developers

RSS Feeds

Thanks for your registration, follow us on our social networks to keep up-to-date