[PATCH] D151010: [NFC][CLANG] Fix issue with dereference null return value found by Coverity static analyzer tool

Soumi Manna via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Fri May 19 18:35:50 PDT 2023 

Manna created this revision.
Manna added a reviewer: erichkeane.
Herald added subscribers: manas, ASDenysPetrov, dkrupp, donat.nagy, Szelethus, a.sidorin, baloghadamsoftware.
Herald added a project: All.
Manna requested review of this revision.
Herald added a project: clang.

Reported by Coverity static analyzer tool:

in TypeIsInnerPointer(clang::​QualType): Return value of function which returns null is dereferenced without checking

  if (OrigT == T || !T->isPointerType())
     return true;
   //returned_null: getAs returns nullptr (checked 229 out of 237 times). 
   //var_assigned: Assigning: PT = nullptr return value from getAs.
   const PointerType* PT = T->getAs<PointerType>();
      	
   //Dereference null return value (NULL_RETURNS)
   //dereference: Dereferencing a pointer that might be nullptr PT when calling getPointeeType. 
   QualType UPointeeT = PT->getPointeeType().getUnqualifiedType();
   if (UPointeeT->isRecordType()) {
       //returned_null: getAs returns nullptr (checked 279 out of 294 times). 
       //var_assigned: Assigning: RecordTy = nullptr return value from getAs.
      const RecordType *RecordTy = UPointeeT->getAs<RecordType>();
      	
      //Dereference null return value (NULL_RETURNS)
      //dereference: Dereferencing a pointer that might be nullptr RecordTy when calling getDecl. 
      if (!RecordTy->getDecl()->isCompleteDefinition())
         return false;
    }

This patch uses castAs instead of getAs which will assert if the type doesn't match.


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D151010

Files:
  clang/lib/ARCMigrate/ObjCMT.cpp


Index: clang/lib/ARCMigrate/ObjCMT.cpp
===================================================================
--- clang/lib/ARCMigrate/ObjCMT.cpp
+++ clang/lib/ARCMigrate/ObjCMT.cpp
@@ -1056,10 +1056,10 @@
     T = TD->getDecl()->getUnderlyingType();
   if (OrigT == T || !T->isPointerType())
     return true;
-  const PointerType* PT = T->getAs<PointerType>();
+  const PointerType* PT = T->castAs<PointerType>();
   QualType UPointeeT = PT->getPointeeType().getUnqualifiedType();
   if (UPointeeT->isRecordType()) {
-    const RecordType *RecordTy = UPointeeT->getAs<RecordType>();
+    const RecordType *RecordTy = UPointeeT->castAs<RecordType>();
     if (!RecordTy->getDecl()->isCompleteDefinition())
       return false;
   }


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D151010.523978.patch
Type: text/x-patch
Size: 730 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20230520/a9d81e8c/attachment.bin>

More information about the cfe-commits mailing list