Bug Buster 001: Can You Bust the Bug?

Bug Buster

Sponsored by Rogue Wave, maker of Klocwork

How good are you at finding bugs in code? The following is a code snippet that contains an error. Take a look at the code listing and see if you can find the error. To make it easier, we've listed five options. One of those options is correct while the other four are not.

Can you find the error without looking at the choices?

Bug Buster #001

Here is the first Bug Buster:

The code:

char letters_array[26];
for( int i = 0; i <= 26; i++ )
          letters_array[i] = (char)(i + 64); 

cout << letters_array[1] << letters_array[18];
cout << letters_array[3] << letters_array[3];

Your choices:

The char cast in the third line causes a type-mismatch error. You can't do (char) (i + 64)
The for loop is infinite.
There is a buffer overflow for the letters_array array.
letters_array is not initialized before it is used.
Nothing is wrong. The code works fine.

 

How quickly can you find the issue? Feel free to comment on how quickly you found the issue! We will be posting additional snippets over the coming weeks with additional bugs for you to bust. You can click to the next page to find the answer.

Bug Buster 1: Answer

The letters_array is declared with 26 items, thus is valid with indexes from 0 to 25. The <= in the third line will allow the index of 26 to be used, thus pointing to the 27th element. This is a buffer overflow error. How long did it take you to find the issue?

In a short listing like this, the buffer overflow is pretty easy to find. In a listing with thousands of lines of code, this can get a lot harder. Buffer overflows are just one of the errors that a static code analysis tool like Rogue Wave’s Klocwork can find quickly, thus saving you time.



Comments

  • There are no comments yet. Be the first to comment!

Leave a Comment
  • Your email address will not be published. All fields are required.

Top White Papers and Webcasts

  • This IDC study assists senior IT leaders in assessing the current state of their hybrid cloud management processes, governance models, technologies, and skills to identify gaps and create a road map for better aligning the organization's management model and tools with the emerging needs of complex, dynamic self-service hybrid cloud environments. This IDC MaturityScape identifies five maturity stages for hybrid cloud management based on a set of specific people, process, and technology dimensions and outcomes. …

  • Speed. Agility. Flexibility. There are the big drivers behind most organizations' move to the cloud for their test/dev environments. Freed from the shackles of physical, on-premises infrastructures means test/dev teams can be incredibly fast, both in standing up and tearing down test beds. They can manage version control and they can share work between teams faster ever than below. Read this white paper to learn how your business can respond faster to the rapidly changing needs of customers with a cloud-based …

Most Popular Programming Stories

More for Developers

RSS Feeds

Thanks for your registration, follow us on our social networks to keep up-to-date