[PATCH] D101108: [PR49761] Fix variadic arg handling in matcher
Chris Hamilton via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Thu Apr 22 13:59:54 PDT 2021
chrish_ericsson_atx created this revision.
chrish_ericsson_atx requested review of this revision.
Herald added projects: clang, clang-tools-extra.
Herald added a subscriber: cfe-commits.
Mishandling of variadic arguments in a function call caused a crash
(runtime assert fail) in bugprone-infinite-loop tidy checker. Fix
is to limit argument matching to the lesser of the number of variadic
params in the prototype or the number of actual args in the call.
Repository:
rG LLVM Github Monorepo
https://reviews.llvm.org/D101108
Files:
clang-tools-extra/test/clang-tidy/checkers/bugprone-infinite-loop.cpp
clang/include/clang/ASTMatchers/ASTMatchers.h
Index: clang/include/clang/ASTMatchers/ASTMatchers.h
===================================================================
--- clang/include/clang/ASTMatchers/ASTMatchers.h
+++ clang/include/clang/ASTMatchers/ASTMatchers.h
@@ -4757,8 +4757,12 @@
int ParamIndex = 0;
bool Matched = false;
+ unsigned numArgs = Node.getNumArgs();
+ if (FProto && FProto->isVariadic() && FProto->getNumParams() < numArgs) {
+ numArgs = FProto->getNumParams();
+ }
- for (; ArgIndex < Node.getNumArgs(); ++ArgIndex, ++ParamIndex) {
+ for (; ArgIndex < numArgs; ++ArgIndex, ++ParamIndex) {
BoundNodesTreeBuilder ArgMatches(*Builder);
if (ArgMatcher.matches(*(Node.getArg(ArgIndex)->IgnoreParenCasts()), Finder,
&ArgMatches)) {
Index: clang-tools-extra/test/clang-tidy/checkers/bugprone-infinite-loop.cpp
===================================================================
--- clang-tools-extra/test/clang-tidy/checkers/bugprone-infinite-loop.cpp
+++ clang-tools-extra/test/clang-tidy/checkers/bugprone-infinite-loop.cpp
@@ -386,3 +386,18 @@
do {
} while (false && CondVar);
}
+
+struct logger {
+ void (*debug)(struct logger *, const char *, ...);
+};
+
+int foo(void) {
+ struct logger *pl = 0;
+ int iterator = 0;
+ while (iterator < 10) {
+ char *l_tmp_msg = 0;
+ pl->debug(pl, "%d: %s\n", iterator, l_tmp_msg);
+ iterator++;
+ }
+ return 0;
+}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D101108.339776.patch
Type: text/x-patch
Size: 1402 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20210422/c8e6e86e/attachment.bin>
More information about the cfe-commits
mailing list