[cfe-commits] r148631 - in /cfe/trunk: lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp test/Analysis/taint-tester.m

Anna Zaks ganna at apple.com
Fri Jan 20 22:59:01 PST 2012 

Author: zaks
Date: Sat Jan 21 00:59:01 2012
New Revision: 148631

URL: http://llvm.org/viewvc/llvm-project?rev=148631&view=rev
Log:
[analyzer] It's possible to have a non PointerType expression evaluate to a Loc value. When this happens, use the default type.

Added:
    cfe/trunk/test/Analysis/taint-tester.m
Modified:
    cfe/trunk/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp

Modified: cfe/trunk/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp?rev=148631&r1=148630&r2=148631&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp Sat Jan 21 00:59:01 2012
@@ -406,8 +406,8 @@
 
   const PointerType *ArgTy =
     dyn_cast<PointerType>(Arg->getType().getCanonicalType().getTypePtr());
-  assert(ArgTy);
-  SVal Val = State->getSVal(*AddrLoc, ArgTy->getPointeeType());
+  SVal Val = State->getSVal(*AddrLoc,
+                            ArgTy ? ArgTy->getPointeeType(): QualType());
   return Val.getAsSymbol();
 }
 

Added: cfe/trunk/test/Analysis/taint-tester.m
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/taint-tester.m?rev=148631&view=auto
==============================================================================
--- cfe/trunk/test/Analysis/taint-tester.m (added)
+++ cfe/trunk/test/Analysis/taint-tester.m Sat Jan 21 00:59:01 2012
@@ -0,0 +1,20 @@
+// RUN: %clang_cc1  -analyze -analyzer-checker=experimental.security.taint,debug.TaintTest %s -verify
+
+#import <stdarg.h>
+
+ at interface NSString
+- (NSString *)stringByAppendingString:(NSString *)aString;
+ at end
+extern void NSLog (NSString *format, ...);
+extern void NSLogv(NSString *format, va_list args);
+
+void TestLog (NSString *format, ...);
+void TestLog (NSString *format, ...) {
+    va_list ap;
+    va_start(ap, format);
+    NSString *string = @"AAA: ";
+    
+    NSLogv([string stringByAppendingString:format], ap);
+    
+    va_end(ap);
+}
\ No newline at end of file

More information about the cfe-commits mailing list