[PATCH] D79330: [Analyzer][VLASizeChecker] Check for VLA size overflow.

Kristóf Umann via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Wed May 13 08:05:28 PDT 2020


Szelethus requested changes to this revision.
Szelethus added a comment.
This revision now requires changes to proceed.

> Variable-length array (VLA) should have a size that fits into a size_t value. At least if the size is queried with sizeof, but it is better (and more simple) to check it always

So it is creating VLA larger than `sizeof(size_t)` isn't a bug, bur rather a sign of code smell? Then we shouldn't create a fatal error node for it, **unless** we're trying to fit it in a variable that isn't sufficiently large. The fact that `sizeof` it is a bug wasn't immediately obvious to me either, so a quote from the standard as comments would be appreciated:

§6.5.3.4.4 <http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1256.pdf>, about operator sizeof: The value of the result is implementation-defined, and its type (an unsigned integer type) is `size_t`, defined in `<stddef.h>` (and other headers).


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79330/new/

https://reviews.llvm.org/D79330





More information about the cfe-commits mailing list