[cfe-commits] r137526 - in /cfe/trunk: lib/StaticAnalyzer/Checkers/MacOSKeychainAPIChecker.cpp test/Analysis/keychainAPI.m

Anna Zaks ganna at apple.com
Fri Aug 12 15:47:22 PDT 2011 

Author: zaks
Date: Fri Aug 12 17:47:22 2011
New Revision: 137526

URL: http://llvm.org/viewvc/llvm-project?rev=137526&view=rev
Log:
MacOSKeychainAPIChecker: If the allocated data address entered as an enclosing function parameter, skip it to avoid false positives.

Modified:
    cfe/trunk/lib/StaticAnalyzer/Checkers/MacOSKeychainAPIChecker.cpp
    cfe/trunk/test/Analysis/keychainAPI.m

Modified: cfe/trunk/lib/StaticAnalyzer/Checkers/MacOSKeychainAPIChecker.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/MacOSKeychainAPIChecker.cpp?rev=137526&r1=137525&r2=137526&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Checkers/MacOSKeychainAPIChecker.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Checkers/MacOSKeychainAPIChecker.cpp Fri Aug 12 17:47:22 2011
@@ -349,6 +349,11 @@
     return;
 
   const Expr *ArgExpr = CE->getArg(FunctionsToTrack[idx].Param);
+  // If the argument entered as an enclosing function parameter, skip it to
+  // avoid false positives.
+  if (isEnclosingFunctionParam(ArgExpr))
+    return;
+
   if (SymbolRef V = getAsPointeeSymbol(ArgExpr, C)) {
     // If the argument points to something that's not a symbolic region, it
     // can be:

Modified: cfe/trunk/test/Analysis/keychainAPI.m
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/keychainAPI.m?rev=137526&r1=137525&r2=137526&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/keychainAPI.m (original)
+++ cfe/trunk/test/Analysis/keychainAPI.m Fri Aug 12 17:47:22 2011
@@ -133,6 +133,17 @@
   return outData;
 } // no-warning
 
+// Password was passed in as an argument and does nt have to be deleted.
+OSStatus getPasswordAndItem(void** password, UInt32* passwordLength) {
+    OSStatus err;
+    SecKeychainItemRef item;
+    err = SecKeychainFindGenericPassword(0, 3, "xx",
+                                         3, "xx",
+                                         passwordLength, password,
+                                         &item);
+    return err;
+} // no-warning
+
 int apiMismatch(SecKeychainItemRef itemRef, 
          SecKeychainAttributeInfo *info,
          SecItemClass *itemClass) {

More information about the cfe-commits mailing list