[cfe-commits] r151007 - in /cfe/trunk: lib/StaticAnalyzer/Checkers/MacOSKeychainAPIChecker.cpp test/Analysis/keychainAPI.m
Anna Zaks
ganna at apple.com
Mon Feb 20 16:00:44 PST 2012
Author: zaks
Date: Mon Feb 20 18:00:44 2012
New Revision: 151007
URL: http://llvm.org/viewvc/llvm-project?rev=151007&view=rev
Log:
[analyzer] Make KeyChainAPI checker inlining-aware.
Modified:
cfe/trunk/lib/StaticAnalyzer/Checkers/MacOSKeychainAPIChecker.cpp
cfe/trunk/test/Analysis/keychainAPI.m
Modified: cfe/trunk/lib/StaticAnalyzer/Checkers/MacOSKeychainAPIChecker.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/MacOSKeychainAPIChecker.cpp?rev=151007&r1=151006&r2=151007&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Checkers/MacOSKeychainAPIChecker.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Checkers/MacOSKeychainAPIChecker.cpp Mon Feb 20 18:00:44 2012
@@ -447,7 +447,8 @@
const Expr *ArgExpr = CE->getArg(FunctionsToTrack[idx].Param);
// If the argument entered as an enclosing function parameter, skip it to
// avoid false positives.
- if (isEnclosingFunctionParam(ArgExpr))
+ if (isEnclosingFunctionParam(ArgExpr) &&
+ C.getLocationContext()->getParent() == 0)
return;
if (SymbolRef V = getAsPointeeSymbol(ArgExpr, C)) {
@@ -481,6 +482,10 @@
if (!retExpr)
return;
+ // If inside inlined call, skip it.
+ if (C.getLocationContext()->getParent() != 0)
+ return;
+
// Check if the value is escaping through the return.
ProgramStateRef state = C.getState();
const MemRegion *V =
@@ -549,6 +554,11 @@
// TODO: Remove this after we ensure that checkDeadSymbols are always called.
void MacOSKeychainAPIChecker::checkEndPath(CheckerContext &Ctx) const {
ProgramStateRef state = Ctx.getState();
+
+ // If inside inlined call, skip it.
+ if (Ctx.getLocationContext()->getParent() != 0)
+ return;
+
AllocatedSetTy AS = state->get<AllocatedData>();
if (AS.isEmpty())
return;
Modified: cfe/trunk/test/Analysis/keychainAPI.m
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/keychainAPI.m?rev=151007&r1=151006&r2=151007&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/keychainAPI.m (original)
+++ cfe/trunk/test/Analysis/keychainAPI.m Mon Feb 20 18:00:44 2012
@@ -1,4 +1,4 @@
-// RUN: %clang_cc1 -analyze -analyzer-checker=osx.SecKeychainAPI %s -verify
+// RUN: %clang_cc1 -analyze -analyzer-checker=osx.SecKeychainAPI %s -analyzer-inline-call -verify
// Fake typedefs.
typedef unsigned int OSStatus;
@@ -133,7 +133,7 @@
return outData;
} // no-warning
-// Password was passed in as an argument and does nt have to be deleted.
+// Password was passed in as an argument and does not have to be deleted.
OSStatus getPasswordAndItem(void** password, UInt32* passwordLength) {
OSStatus err;
SecKeychainItemRef item;
@@ -337,3 +337,63 @@
} while(10 >= row[1]);
return row;
}
+
+// Test inter-procedural behaviour.
+
+void my_FreeParam(void *attrList, void* X) {
+ SecKeychainItemFreeContent(attrList, X);
+}
+
+void *my_AllocateReturn(OSStatus *st) {
+ unsigned int *ptr = 0;
+ UInt32 length;
+ void *outData;
+ *st = SecKeychainItemCopyContent(2, ptr, ptr, &length, &outData);
+ return outData;
+}
+
+OSStatus my_Allocate_Param(void** password, UInt32* passwordLength) {
+ OSStatus err;
+ SecKeychainItemRef item;
+ err = SecKeychainFindGenericPassword(0, 3, "xx", 3, "xx",
+ passwordLength, password, &item);
+ return err;
+}
+
+void allocAndFree1() {
+ unsigned int *ptr = 0;
+ OSStatus st = 0;
+ UInt32 length;
+ void *outData;
+ st = SecKeychainItemCopyContent(2, ptr, ptr, &length, &outData);
+ if (st == noErr)
+ my_FreeParam(ptr, outData);
+}
+
+void allocNoFree2() {
+ OSStatus st = 0;
+ void *outData = my_AllocateReturn(&st); // expected-warning{{Allocated data is not released:}}
+}
+
+void allocAndFree2(void *attrList) {
+ OSStatus st = 0;
+ void *outData = my_AllocateReturn(&st);
+ if (st == noErr)
+ my_FreeParam(attrList, outData);
+}
+
+void allocNoFree3() {
+ UInt32 length = 32;
+ void *outData;
+ OSStatus st = my_Allocate_Param(&outData, &length); // expected-warning{{Allocated data is not released}}
+}
+
+void allocAndFree3(void *attrList) {
+ UInt32 length = 32;
+ void *outData;
+ OSStatus st = my_Allocate_Param(&outData, &length);
+ if (st == noErr)
+ SecKeychainItemFreeContent(attrList, outData);
+
+}
+
More information about the cfe-commits
mailing list