[PATCH] D43928: [analyzer] Correctly measure array size in security.insecureAPI.strcpy
AndrĂ¡s Leitereg via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Thu Mar 1 00:28:05 PST 2018
leanil updated this revision to Diff 136474.
leanil added a comment.
`getQuantity()` returns a signed type
https://reviews.llvm.org/D43928
Files:
lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp
Index: lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp
===================================================================
--- lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp
+++ lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp
@@ -514,7 +514,7 @@
*Source = CE->getArg(1)->IgnoreImpCasts();
if (const auto *DeclRef = dyn_cast<DeclRefExpr>(Target))
if (const auto *Array = dyn_cast<ConstantArrayType>(DeclRef->getType())) {
- uint64_t ArraySize = BR.getContext().getTypeSize(Array) / 8;
+ auto ArraySize = BR.getContext().getTypeSizeInChars(Array).getQuantity();
if (const auto *String = dyn_cast<StringLiteral>(Source)) {
if (ArraySize >= String->getLength() + 1)
return;
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D43928.136474.patch
Type: text/x-patch
Size: 754 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20180301/7186fdc3/attachment-0001.bin>
More information about the cfe-commits
mailing list