[cfe-commits] [PATCH] review request - strncmp checker

Lenny Maiorani lenny at Colorado.EDU
Mon Apr 25 10:19:02 PDT 2011


On 04/22/2011 06:07 PM, Ted Kremenek wrote:
> On Apr 15, 2011, at 1:27 PM, Lenny Maiorani wrote:
>
>> Implements the strncmp() checker just like the strcmp() checker, but with bounds. Requires LLVM svn r129582.
>>
>> Please review.
>>
>> -Lenny
>
> Hi Lenny,
>
> This parts looks a bit suspect:
>
> +  int result;
> +  if (isBounded) {
> +    // Get the max number of characters to compare.
> +    const Expr *lenExpr = CE->getArg(2);
> +    SVal lenVal = state->getSVal(lenExpr);
> +    nonloc::ConcreteInt *CI = dyn_cast<nonloc::ConcreteInt>(&lenVal);
> +    llvm::APSInt lenInt(CI->getValue());
>
> There is no guarantee that lenVal will be a nonloc::ConcreteInt.  This means that the last line could be a null dereference.
>
> Cheers,
> Ted
Hi Ted,

Ah yes. You are right. Attached is an updated patch which should fix 
that. Please review.

-Lenny


-------------- next part --------------
A non-text attachment was scrubbed...
Name: strncmp-checker-2.diff
Type: text/x-patch
Size: 5573 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20110425/4d3d6bbd/attachment.bin>


More information about the cfe-commits mailing list