[clang] [clang][dataflow] Reorder checks to protect against a null pointer dereference. (PR #66764)
via cfe-commits
cfe-commits at lists.llvm.org
Tue Sep 19 05:06:45 PDT 2023
llvmbot wrote:
<!--LLVM PR SUMMARY COMMENT-->
@llvm/pr-subscribers-clang
<details>
<summary>Changes</summary>
I've received a report of a null pointer dereference happening on the
`LocDst->getType()` dereference. I wasn't unfortunately able to find a repro,
but I'd argue the new version is better for the reduced indentation alone.
---
Full diff: https://github.com/llvm/llvm-project/pull/66764.diff
1 Files Affected:
- (modified) clang/lib/Analysis/FlowSensitive/Transfer.cpp (+7-6)
``````````diff
diff --git a/clang/lib/Analysis/FlowSensitive/Transfer.cpp b/clang/lib/Analysis/FlowSensitive/Transfer.cpp
index b510114a7a355eb..2414a1cc026af5f 100644
--- a/clang/lib/Analysis/FlowSensitive/Transfer.cpp
+++ b/clang/lib/Analysis/FlowSensitive/Transfer.cpp
@@ -531,17 +531,18 @@ class TransferVisitor : public ConstStmtVisitor<TransferVisitor> {
auto *LocDst =
cast_or_null<RecordStorageLocation>(Env.getStorageLocation(*Arg0));
+ if (LocSrc == nullptr || LocDst == nullptr)
+ return;
+
// The assignment operators are different from the type of the destination
- // in this model (i.e. in one of their base classes). This must be very rare
- // and we just bail.
+ // in this model (i.e. in one of their base classes). This must be very
+ // rare and we just bail.
if (Method->getThisObjectType().getCanonicalType().getUnqualifiedType() !=
LocDst->getType().getCanonicalType().getUnqualifiedType())
return;
- if (LocSrc != nullptr && LocDst != nullptr) {
- copyRecord(*LocSrc, *LocDst, Env);
- Env.setStorageLocation(*S, *LocDst);
- }
+ copyRecord(*LocSrc, *LocDst, Env);
+ Env.setStorageLocation(*S, *LocDst);
}
}
``````````
</details>
https://github.com/llvm/llvm-project/pull/66764
More information about the cfe-commits
mailing list