ports//devel/splint/work/splint-3.1.2/test/constannot.c

/*@constant int MaxLength=20@*/
# define MaxLength 20

void foo (char *str) /*@requires maxSet(str) >= MaxLength@*/ 
{
  str[20] = 'a';
}

void foo2 (char *str) /*@requires maxSet(str) >= (MaxLength - 1)@*/ 
{
  str[20] = 'a'; /* error */
}

void foo3 ()
{
  char buf[MaxLength];

  buf[0] = '\0';

  foo (buf); /* error: off by 1 */
  foo2 (buf); /* okay */
}

syntax highlighted by Code2HTML, v. 0.9.1