[PATCH] D29384: [analyzer] Fix an assertion fail in CStringSyntaxChecker

Phabricator via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Thu Feb 2 00:32:14 PST 2017


This revision was automatically updated to reflect the committed changes.
Closed by commit rL293874: [analyzer] Fix an assertion fail in CStringSyntaxChecker. (authored by xazax).

Changed prior to commit:
  https://reviews.llvm.org/D29384?vs=86599&id=86773#toc

Repository:
  rL LLVM

https://reviews.llvm.org/D29384

Files:
  cfe/trunk/lib/StaticAnalyzer/Checkers/CStringSyntaxChecker.cpp
  cfe/trunk/test/Analysis/cstring-syntax.c


Index: cfe/trunk/lib/StaticAnalyzer/Checkers/CStringSyntaxChecker.cpp
===================================================================
--- cfe/trunk/lib/StaticAnalyzer/Checkers/CStringSyntaxChecker.cpp
+++ cfe/trunk/lib/StaticAnalyzer/Checkers/CStringSyntaxChecker.cpp
@@ -36,25 +36,24 @@
   AnalysisDeclContext* AC;
 
   /// Check if two expressions refer to the same declaration.
-  inline bool sameDecl(const Expr *A1, const Expr *A2) {
-    if (const DeclRefExpr *D1 = dyn_cast<DeclRefExpr>(A1->IgnoreParenCasts()))
-      if (const DeclRefExpr *D2 = dyn_cast<DeclRefExpr>(A2->IgnoreParenCasts()))
+  bool sameDecl(const Expr *A1, const Expr *A2) {
+    if (const auto *D1 = dyn_cast<DeclRefExpr>(A1->IgnoreParenCasts()))
+      if (const auto *D2 = dyn_cast<DeclRefExpr>(A2->IgnoreParenCasts()))
         return D1->getDecl() == D2->getDecl();
     return false;
   }
 
   /// Check if the expression E is a sizeof(WithArg).
-  inline bool isSizeof(const Expr *E, const Expr *WithArg) {
-    if (const UnaryExprOrTypeTraitExpr *UE =
-    dyn_cast<UnaryExprOrTypeTraitExpr>(E))
-      if (UE->getKind() == UETT_SizeOf)
+  bool isSizeof(const Expr *E, const Expr *WithArg) {
+    if (const auto *UE = dyn_cast<UnaryExprOrTypeTraitExpr>(E))
+      if (UE->getKind() == UETT_SizeOf && !UE->isArgumentType())
         return sameDecl(UE->getArgumentExpr(), WithArg);
     return false;
   }
 
   /// Check if the expression E is a strlen(WithArg).
-  inline bool isStrlen(const Expr *E, const Expr *WithArg) {
-    if (const CallExpr *CE = dyn_cast<CallExpr>(E)) {
+  bool isStrlen(const Expr *E, const Expr *WithArg) {
+    if (const auto *CE = dyn_cast<CallExpr>(E)) {
       const FunctionDecl *FD = CE->getDirectCallee();
       if (!FD)
         return false;
@@ -65,14 +64,14 @@
   }
 
   /// Check if the expression is an integer literal with value 1.
-  inline bool isOne(const Expr *E) {
-    if (const IntegerLiteral *IL = dyn_cast<IntegerLiteral>(E))
+  bool isOne(const Expr *E) {
+    if (const auto *IL = dyn_cast<IntegerLiteral>(E))
       return (IL->getValue().isIntN(1));
     return false;
   }
 
-  inline StringRef getPrintableName(const Expr *E) {
-    if (const DeclRefExpr *D = dyn_cast<DeclRefExpr>(E->IgnoreParenCasts()))
+  StringRef getPrintableName(const Expr *E) {
+    if (const auto *D = dyn_cast<DeclRefExpr>(E->IgnoreParenCasts()))
       return D->getDecl()->getName();
     return StringRef();
   }
@@ -82,8 +81,8 @@
   bool containsBadStrncatPattern(const CallExpr *CE);
 
 public:
-  WalkAST(const CheckerBase *checker, BugReporter &br, AnalysisDeclContext *ac)
-      : Checker(checker), BR(br), AC(ac) {}
+  WalkAST(const CheckerBase *Checker, BugReporter &BR, AnalysisDeclContext *AC)
+      : Checker(Checker), BR(BR), AC(AC) {}
 
   // Statement visitor methods.
   void VisitChildren(Stmt *S);
@@ -108,8 +107,7 @@
   const Expr *LenArg = CE->getArg(2);
 
   // Identify wrong size expressions, which are commonly used instead.
-  if (const BinaryOperator *BE =
-              dyn_cast<BinaryOperator>(LenArg->IgnoreParenCasts())) {
+  if (const auto *BE = dyn_cast<BinaryOperator>(LenArg->IgnoreParenCasts())) {
     // - sizeof(dst) - strlen(dst)
     if (BE->getOpcode() == BO_Sub) {
       const Expr *L = BE->getLHS();
Index: cfe/trunk/test/Analysis/cstring-syntax.c
===================================================================
--- cfe/trunk/test/Analysis/cstring-syntax.c
+++ cfe/trunk/test/Analysis/cstring-syntax.c
@@ -10,4 +10,6 @@
   strncat(dest, "AAAAAAAAAAAAAAAAAAAAAAAAAAA", sizeof(dest)); // expected-warning {{Potential buffer overflow. Replace with}}
   strncat(dest, "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA", sizeof(dest) - strlen(dest)); // expected-warning {{Potential buffer overflow. Replace with}}
   strncat(dest, src, sizeof(src)); // expected-warning {{Potential buffer overflow. Replace with}}
+  // Should not crash when sizeof has a type argument.
+  strncat(dest, "AAAAAAAAAAAAAAAAAAAAAAAAAAA", sizeof(char));
 }


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D29384.86773.patch
Type: text/x-patch
Size: 3989 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20170202/f706c868/attachment.bin>


More information about the cfe-commits mailing list