[clang] 7586aea - [NFC][CLANG] Fix static code analyzer concerns with dereference null return value

via cfe-commits cfe-commits at lists.llvm.org
Tue May 23 07:11:42 PDT 2023 

Author: Manna, Soumi
Date: 2023-05-23T07:10:44-07:00
New Revision: 7586aeab7ad3fb035752eea89fd2bb895de21143

URL: https://github.com/llvm/llvm-project/commit/7586aeab7ad3fb035752eea89fd2bb895de21143
DIFF: https://github.com/llvm/llvm-project/commit/7586aeab7ad3fb035752eea89fd2bb895de21143.diff

LOG: [NFC][CLANG] Fix static code analyzer concerns with dereference null return value

Reported by Static Code Analyzer Tool, Coverity:

Inside "SemaExprMember.cpp" file, in clang::Sema::BuildMemberReferenceExpr(clang::Expr *, clang::QualType, clang::SourceLocation, bool, clang::CXXScopeSpec &, clang::SourceLocation, clang::NamedDecl *, clang::DeclarationNameInfo const &, clang::TemplateArgumentListInfo const *, clang::Scope const *, clang::Sema::ActOnMemberAccessExtraArgs *): Return value of function which returns null is dereferenced without checking

  //Condition !Base, taking true branch.
  if (!Base) {
    TypoExpr *TE = nullptr;
    QualType RecordTy = BaseType;

     //Condition IsArrow, taking true branch.
     if (IsArrow) RecordTy = RecordTy->castAs<PointerType>()->getPointeeType();
    	//returned_null: getAs returns nullptr (checked 279 out of 294 times).
    	//Condition TemplateArgs != NULL, taking true branch.

     //Dereference null return value (NULL_RETURNS)
     //dereference: Dereferencing a pointer that might be nullptr RecordTy->getAs() when calling LookupMemberExprInRecord.
     if (LookupMemberExprInRecord(
           *this, R, nullptr, RecordTy->getAs<RecordType>(), OpLoc, IsArrow,
           SS, TemplateArgs != nullptr, TemplateKWLoc, TE))
        return ExprError();
     if (TE)
       return TE;

This patch uses castAs instead of getAs which will assert if the type doesn't match.

Reviewed By: erichkeane

Differential Revision: https://reviews.llvm.org/D151130

Added: 
    

Modified: 
    clang/lib/Sema/SemaExprMember.cpp

Removed: 
    


################################################################################
diff  --git a/clang/lib/Sema/SemaExprMember.cpp b/clang/lib/Sema/SemaExprMember.cpp
index 60b9b013d3f2..3d14ca3859bb 100644
--- a/clang/lib/Sema/SemaExprMember.cpp
+++ b/clang/lib/Sema/SemaExprMember.cpp
@@ -767,7 +767,7 @@ Sema::BuildMemberReferenceExpr(Expr *Base, QualType BaseType,
     QualType RecordTy = BaseType;
     if (IsArrow) RecordTy = RecordTy->castAs<PointerType>()->getPointeeType();
     if (LookupMemberExprInRecord(
-            *this, R, nullptr, RecordTy->getAs<RecordType>(), OpLoc, IsArrow,
+            *this, R, nullptr, RecordTy->castAs<RecordType>(), OpLoc, IsArrow,
             SS, TemplateArgs != nullptr, TemplateKWLoc, TE))
       return ExprError();
     if (TE)

More information about the cfe-commits mailing list