[PATCH] D47007: [Sanitizer] CStringChecker fix for strlcpy when no bytes are copied to the dest buffer
Artem Dergachev via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Fri May 18 11:28:18 PDT 2018
NoQ accepted this revision.
NoQ added a comment.
This revision is now accepted and ready to land.
I've been thinking if we could de-duplicate this whole set of branches that computes the return value so that we didn't have to fix every bug twice. Maybe move it to an auxiliary function.
================
Comment at: lib/StaticAnalyzer/Checkers/CStringChecker.cpp:1795
// copied element, or a pointer to the start of the destination buffer.
Result = (returnEnd ? UnknownVal() : DstVal);
} else {
----------------
Do we need to consider `returnEnd` on the short path as well?
================
Comment at: lib/StaticAnalyzer/Checkers/CStringChecker.cpp:1869-1875
if (returnPtr) {
// If this is a stpcpy-style copy, but we were unable to check for a buffer
// overflow, we still need a result. Conjure a return value.
if (returnEnd && Result.isUnknown()) {
Result = svalBuilder.conjureSymbolVal(nullptr, CE, LCtx, C.blockCount());
}
}
----------------
Do we need to do that on the short path as well?
Repository:
rC Clang
https://reviews.llvm.org/D47007
More information about the cfe-commits
mailing list