bugfix: pointer check failure in fgets

mauguignard · mauguignard · commit 10ab557fd58c · 2019-05-07T12:02:16.000-03:00
Now we assume str_length greater than 0, since no dereference should take place when str_length equals 0. Updated cbmc-library/fgets-01 regression test. Fixes: #4621
diff --git a/regression/cbmc-library/fgets-01/test.desc b/regression/cbmc-library/fgets-01/test.desc
@@ -5,6 +5,6 @@ main.c
 ^SIGNAL=0$
 ^VERIFICATION FAILED$
 \[main.assertion.3\] line 16 assertion p\[1\] == 'b': FAILURE
-\*\* 2 of \d+ failed
+\*\* 1 of \d+ failed
 --
 ^warning: ignoring
diff --git a/src/ansi-c/library/stdio.c b/src/ansi-c/library/stdio.c
@@ -259,7 +259,7 @@ char *fgets(char *str, int size, FILE *stream)
   if(size>0)
   {
     int str_length=__VERIFIER_nondet_int();
-    __CPROVER_assume(str_length>=0 && str_length<size);
+    __CPROVER_assume(str_length>0 && str_length<size);
     // check that the memory is accessible
     (void)*(char *)str;
     (void)*(((const char *)str) + str_length - 1);

Original file line number	Diff line number	Diff line change
`@@ -259,7 +259,7 @@ char fgets(char str, int size, FILE *stream)`
`259`	`259`	`if(size>0)`
`260`	`260`	`{`
`261`	`261`	`int str_length=__VERIFIER_nondet_int();`
`262`		`- __CPROVER_assume(str_length>=0 && str_length<size);`
	`262`	`+ __CPROVER_assume(str_length>0 && str_length<size);`
`263`	`263`	`// check that the memory is accessible`
`264`	`264`	`(void)(char )str;`
`265`	`265`	`(void)(((const char )str) + str_length - 1);`