[PATCH] D55226: [Fix][StaticAnalyzer] Bug 39792 - False positive on strcpy targeting struct member
Pierre van Houtryve via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Tue Dec 4 10:57:51 PST 2018
Pierre-vh updated this revision to Diff 176676.
Pierre-vh added a comment.
Here's the diff without the extra newline :)
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D55226/new/
https://reviews.llvm.org/D55226
Files:
lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp
test/Analysis/security-syntax-checks.m
Index: test/Analysis/security-syntax-checks.m
===================================================================
--- test/Analysis/security-syntax-checks.m
+++ test/Analysis/security-syntax-checks.m
@@ -177,6 +177,11 @@
strcpy(x, "abcd");
}
+void test_strcpy_safe_2() {
+ struct {char s1[100];} s;
+ strcpy(s.s1, "hello");
+}
+
//===----------------------------------------------------------------------===
// strcat()
//===----------------------------------------------------------------------===
Index: lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp
===================================================================
--- lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp
+++ lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp
@@ -651,13 +651,12 @@
const auto *Target = CE->getArg(0)->IgnoreImpCasts(),
*Source = CE->getArg(1)->IgnoreImpCasts();
- if (const auto *DeclRef = dyn_cast<DeclRefExpr>(Target))
- if (const auto *Array = dyn_cast<ConstantArrayType>(DeclRef->getType())) {
- uint64_t ArraySize = BR.getContext().getTypeSize(Array) / 8;
- if (const auto *String = dyn_cast<StringLiteral>(Source)) {
- if (ArraySize >= String->getLength() + 1)
- return;
- }
+
+ if (const auto *Array = dyn_cast<ConstantArrayType>(Target->getType())) {
+ uint64_t ArraySize = BR.getContext().getTypeSize(Array) / 8;
+ if (const auto *String = dyn_cast<StringLiteral>(Source)) {
+ if (ArraySize >= String->getLength() + 1)
+ return;
}
// Issue a warning.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D55226.176676.patch
Type: text/x-patch
Size: 1561 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20181204/725b67fb/attachment.bin>
More information about the cfe-commits
mailing list