[PATCH] D41384: [analyzer] Suppress false positive warnings form security.insecureAPI.strcpy

AndrĂ¡s Leitereg via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Wed Dec 20 08:47:27 PST 2017


leanil updated this revision to Diff 127739.
leanil added a comment.

Move negative test next to the positive ones, because the necessary macros and run-lines are already defined there.


https://reviews.llvm.org/D41384

Files:
  lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp
  test/Analysis/security-syntax-checks.m


Index: test/Analysis/security-syntax-checks.m
===================================================================
--- test/Analysis/security-syntax-checks.m
+++ test/Analysis/security-syntax-checks.m
@@ -146,6 +146,11 @@
   strcpy(x, y); //expected-warning{{Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119}}
 }
 
+void test_strcpy_safe() {
+  char x[5];
+  strcpy(x, "abcd");
+}
+
 //===----------------------------------------------------------------------===
 // strcat()
 //===----------------------------------------------------------------------===
Index: lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp
===================================================================
--- lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp
+++ lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp
@@ -510,6 +510,18 @@
   if (!checkCall_strCommon(CE, FD))
     return;
 
+  int ArraySize = -1, StrLen = -1;
+  const auto *Target = CE->getArg(0)->IgnoreImpCasts(),
+             *Source = CE->getArg(1)->IgnoreImpCasts();
+  if (const auto *DeclRef = dyn_cast<DeclRefExpr>(Target))
+    if (const auto *Array = dyn_cast<ConstantArrayType>(
+            DeclRef->getDecl()->getType().getTypePtr()))
+      ArraySize = Array->getSize().getLimitedValue();
+  if (const auto *String = dyn_cast<StringLiteral>(Source))
+    StrLen = String->getLength();
+  if (StrLen != -1 && ArraySize >= StrLen + 1)
+    return;
+
   // Issue a warning.
   PathDiagnosticLocation CELoc =
     PathDiagnosticLocation::createBegin(CE, BR.getSourceManager(), AC);


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D41384.127739.patch
Type: text/x-patch
Size: 1707 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20171220/615d5075/attachment.bin>


More information about the cfe-commits mailing list