[PATCH] D150968: [NFC][CLANG] Fix issue with dereference null return value found by Coverity static analyzer tool

Soumi Manna via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Fri May 19 07:50:26 PDT 2023 

Manna created this revision.
Herald added subscribers: manas, ASDenysPetrov, dkrupp, donat.nagy, Szelethus, a.sidorin, baloghadamsoftware.
Herald added a project: All.
Manna requested review of this revision.
Herald added a project: clang.

Reported by Coverity:

  In clang::​FunctionDecl::​isReplaceableGlobalAllocationFunction(std::​optional<unsigned int> *, bool *): Return value of function which returns null is dereferenced without checking 
  
  if (!IsSizedDelete && !Ty.isNull() && Ty->isEnumeralType()) {
       QualType T = Ty;
       //Condition TD, taking false branch.
      while (const auto *TD = T->getAs<TypedefType>())
        T = TD->getDecl()->getUnderlyingType();
        //returned_null: getAs returns nullptr (checked 95 out of 97 times). 
      	
      //Dereference null return value (NULL_RETURNS)
      // dereference: Dereferencing a pointer that might be nullptr T->getAs() when calling getDecl. 
      IdentifierInfo *II = T->getAs<EnumType>()->getDecl()->getIdentifier();
      if (II && II->isStr("__hot_cold_t"))
        Consume();
    }

This patch uses castAs instead of getAs which will assert if the type doesn't match.


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D150968

Files:
  clang/lib/AST/Decl.cpp


Index: clang/lib/AST/Decl.cpp
===================================================================
--- clang/lib/AST/Decl.cpp
+++ clang/lib/AST/Decl.cpp
@@ -3301,7 +3301,7 @@
     QualType T = Ty;
     while (const auto *TD = T->getAs<TypedefType>())
       T = TD->getDecl()->getUnderlyingType();
-    IdentifierInfo *II = T->getAs<EnumType>()->getDecl()->getIdentifier();
+    IdentifierInfo *II = T->castAs<EnumType>()->getDecl()->getIdentifier();
     if (II && II->isStr("__hot_cold_t"))
       Consume();
   }


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D150968.523774.patch
Type: text/x-patch
Size: 515 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20230519/030f294a/attachment.bin>

More information about the cfe-commits mailing list