[PATCH] D16317: [Analyzer] Fix for PR23790: bind real value returned from strcmp when modelling strcmp.
Devin Coughlin via cfe-commits
cfe-commits at lists.llvm.org
Tue Jan 19 09:05:20 PST 2016
dcoughlin added a comment.
ayartsev:
> This also may theoretically help to find defects if a tested code relays on a value returned from strcmp like
> if (strcmp(x, y) == 1) { ... }
I think it would be useful and not that difficult to write a checker that checks for this explicitly. I don't think an AST-based/clang-tidycheck would quite be enough because I suspect programmers often store the result of strcmp() in a local before using it. One approach would be to have a path-sensitive checker keep a set of symbolic result values from strcmp() and diagnose if any is ever explicitly checked for (dis)-equality with -1 or 1.
http://reviews.llvm.org/D16317
More information about the cfe-commits
mailing list