[PATCH] D24307: calculate extent size for memory regions allocated by C++ new expression

Daniel Krupp via cfe-commits cfe-commits at lists.llvm.org
Wed Sep 7 11:06:02 PDT 2016


dkrupp created this revision.
dkrupp added reviewers: xazax.hun, NoQ, dcoughlin, zaks.anna.
dkrupp added a subscriber: cfe-commits.

ArrayBoundChecker did not detect out of bounds memory access errors in case an array was allocated by the new expression.

1.  MallocChecker.cpp was updated to calculate the extent size in Bytes similarly how it was done for memory regions allocated by malloc. The size constraint is added for arrays and non-arrays allocated by new.

2.  ArrayBoundCheckerV2.cpp was updated to better handle accessing locations preceding a symbolic memory region (such as buf[-1] in test2(..) in out-of-bounds.cpp). So computeExtentBegin(..) was updated to assume that the extent of a symbolic region starts at 0 if we know the size of the extent (as is the case in case of malloc or new).

3. out-of-bounds.cpp contains the relevant test cases for C++.

https://reviews.llvm.org/D24307

Files:
  lib/StaticAnalyzer/Checkers/ArrayBoundCheckerV2.cpp
  lib/StaticAnalyzer/Checkers/MallocChecker.cpp
  test/Analysis/out-of-bounds.cpp

-------------- next part --------------
A non-text attachment was scrubbed...
Name: D24307.70562.patch
Type: text/x-patch
Size: 10500 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20160907/b162bd5f/attachment.bin>


More information about the cfe-commits mailing list