[PATCH] D151130: [NFC][CLANG] Fix static code analyzer concerns with dereference null return value

Soumi Manna via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Mon May 22 11:32:37 PDT 2023 

Manna created this revision.
Herald added subscribers: manas, ASDenysPetrov, dkrupp, donat.nagy, Szelethus, a.sidorin, baloghadamsoftware.
Herald added a project: All.
Manna requested review of this revision.
Herald added a project: clang.

Reported by Static Analyzer Tool:

Inside "SemaExprMember.cpp" file, in clang::​Sema::​BuildMemberReferenceExpr(clang::​Expr *, clang::​QualType, clang::​SourceLocation, bool, clang::​CXXScopeSpec &, clang::​SourceLocation, clang::​NamedDecl *, clang::​DeclarationNameInfo const &, clang::​TemplateArgumentListInfo const *, clang::​Scope const *, clang::​Sema::​ActOnMemberAccessExtraArgs *): Return value of function which returns null is dereferenced without checking

  //Condition !Base, taking true branch.
  if (!Base) {
    TypoExpr *TE = nullptr;
    QualType RecordTy = BaseType;
  
    //Condition IsArrow, taking true branch.
     if (IsArrow) RecordTy = RecordTy->castAs<PointerType>()->getPointeeType();
    	//returned_null: getAs returns nullptr (checked 279 out of 294 times). [show details]
    	//Condition TemplateArgs != NULL, taking true branch.
    	
     //Dereference null return value (NULL_RETURNS)
     //dereference: Dereferencing a pointer that might be nullptr RecordTy->getAs() when calling LookupMemberExprInRecord. [show details]
     if (LookupMemberExprInRecord(
           *this, R, nullptr, RecordTy->getAs<RecordType>(), OpLoc, IsArrow,
           SS, TemplateArgs != nullptr, TemplateKWLoc, TE))
        return ExprError();
     if (TE)
       return TE;

This patch uses castAs instead of getAs which will assert if the type doesn't match.


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D151130

Files:
  clang/lib/Sema/SemaExprMember.cpp


Index: clang/lib/Sema/SemaExprMember.cpp
===================================================================
--- clang/lib/Sema/SemaExprMember.cpp
+++ clang/lib/Sema/SemaExprMember.cpp
@@ -767,7 +767,7 @@
     QualType RecordTy = BaseType;
     if (IsArrow) RecordTy = RecordTy->castAs<PointerType>()->getPointeeType();
     if (LookupMemberExprInRecord(
-            *this, R, nullptr, RecordTy->getAs<RecordType>(), OpLoc, IsArrow,
+            *this, R, nullptr, RecordTy->castAs<RecordType>(), OpLoc, IsArrow,
             SS, TemplateArgs != nullptr, TemplateKWLoc, TE))
       return ExprError();
     if (TE)


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D151130.524404.patch
Type: text/x-patch
Size: 616 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20230522/4d0efd09/attachment.bin>

More information about the cfe-commits mailing list