[clang] 379b639 - Revert "[analyzer] Extend the documentation of MallocOverflow"
Balazs Benics via cfe-commits
cfe-commits at lists.llvm.org
Thu Aug 26 06:29:52 PDT 2021
Author: Balazs Benics
Date: 2021-08-26T15:29:32+02:00
New Revision: 379b6394d9ca254593b77ec3c0028e6d820715e4
URL: https://github.com/llvm/llvm-project/commit/379b6394d9ca254593b77ec3c0028e6d820715e4
DIFF: https://github.com/llvm/llvm-project/commit/379b6394d9ca254593b77ec3c0028e6d820715e4.diff
LOG: Revert "[analyzer] Extend the documentation of MallocOverflow"
This reverts commit 6097a41924584b613153237d8e66e9660001ce7d.
Added:
Modified:
clang/docs/analyzer/checkers.rst
Removed:
################################################################################
diff --git a/clang/docs/analyzer/checkers.rst b/clang/docs/analyzer/checkers.rst
index 66c540ec0b544..9a74dffc1658d 100644
--- a/clang/docs/analyzer/checkers.rst
+++ b/clang/docs/analyzer/checkers.rst
@@ -2154,14 +2154,7 @@ Warn about buffer overflows (newer checker).
alpha.security.MallocOverflow (C)
"""""""""""""""""""""""""""""""""
-Check for overflows in the arguments to ``malloc()``.
-It tries to catch ``malloc(n * c)`` patterns, where:
- - ``n``: a variable or member access of an object
- - ``c``: a constant foldable integral
-
-This checker was designed for code audits, so expect false-positive reports.
-One is supposed to silence this checker by ensuring proper bounds checking on
-the variable in question using e.g. an ``assert()`` or a branch.
+Check for overflows in the arguments to malloc().
.. code-block:: c
@@ -2175,26 +2168,6 @@ the variable in question using e.g. an ``assert()`` or a branch.
void *p = malloc(n * sizeof(int)); // no warning
}
- void test3(int n) {
- assert(n <= 100 && "Contract violated.");
- void *p = malloc(n * sizeof(int)); // no warning
- }
-
-Limitations:
- - The checker won't warn for variables involved in explicit casts,
- since that might limit the variable's domain.
- E.g.: ``(unsigned char)int x`` would limit the domain to ``[0,255]``.
- The checker will miss the true-positive cases when the explicit cast would
- not tighten the domain to prevent the overflow in the subsequent
- multiplication operation.
-
- - If the variable ``n`` participates in a comparison anywhere in the enclosing
- function's scope, even after the ``malloc()``, the report will be still
- suppressed.
-
- - It is an AST-based checker, thus it does not make use of the
- path-sensitive taint-analysis.
-
.. _alpha-security-MmapWriteExec:
alpha.security.MmapWriteExec (C)
More information about the cfe-commits
mailing list