[all-commits] [llvm/llvm-project] 1d7e58: [analyzer] Fix use of length in CStringChecker
vabridgers via All-commits
all-commits at lists.llvm.org
Wed Jul 13 17:19:42 PDT 2022
Branch: refs/heads/main
Home: https://github.com/llvm/llvm-project
Commit: 1d7e58cfade1dd4236efba59ce969698bb05a039
https://github.com/llvm/llvm-project/commit/1d7e58cfade1dd4236efba59ce969698bb05a039
Author: einvbri <vince.a.bridgers at ericsson.com>
Date: 2022-07-13 (Wed, 13 Jul 2022)
Changed paths:
M clang/docs/analyzer/checkers.rst
M clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp
M clang/test/Analysis/string.c
Log Message:
-----------
[analyzer] Fix use of length in CStringChecker
CStringChecker is using getByteLength to get the length of a string
literal. For targets where a "char" is 8-bits, getByteLength() and
getLength() will be equal for a C string, but for targets where a "char"
is 16-bits getByteLength() returns the size in octets.
This is verified in our downstream target, but we have no way to add a
test case for this case since there is no target supporting 16-bit
"char" upstream. Since this cannot have a test case, I'm asserted this
change is "correct by construction", and visually inspected to be
correct by way of the following example where this was found.
The case that shows this fails using a target with 16-bit chars is here.
getByteLength() for the string literal returns 4, which fails when
checked against "char x[4]". With the change, the string literal is
evaluated to a size of 2 which is a correct number of "char"'s for a
16-bit target.
```
void strcpy_no_overflow_2(char *y) {
char x[4];
strcpy(x, "12"); // with getByteLength(), returns 4 using 16-bit chars
}
```
This change exposed that embedded nulls within the string are not
handled. This is documented as a FIXME for a future fix.
```
void strcpy_no_overflow_3(char *y) {
char x[3];
strcpy(x, "12\0");
}
```
Reviewed By: martong
Differential Revision: https://reviews.llvm.org/D129269
More information about the All-commits
mailing list