[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)
Alejandro Álvarez Ayllón via cfe-commits
cfe-commits at lists.llvm.org
Mon Mar 11 08:30:12 PDT 2024
alejandro-alvarez-sonarsource wrote:
> Additionally, the checked preconditions look not exact. For example the POSIX documentation for `getdelim` says: "If *n is non-zero, the application shall ensure that *lineptr either points to an object of size at least *n bytes, or is a null pointer." This means `*lineptr` can be NULL when `*n` is a nonzero value. The buffer size of `*lineptr` could be checked that is at least `*n` (if `*lineptr` is not NULL).
With 9db5a4a261655c6825cf83c3ace545129060b7df now this behavior is modeled.
As for where to model the preconditions. `StdLibraryFunctionsChecker` actually has a comment about these functions:
```
// FIXME these are actually defined by POSIX and not by the C standard, we
// should handle them together with the rest of the POSIX functions.
```
So, it seems removing them from `StdLibraryFunctionsChecker` is not out of the question. We can leave them together with other stream functions, or we could move them to `UnixAPIChecker`, which we have enabled downstream.
I think the latter is a reasonable compromise so `StreamChecker` scope is the stream itself, and not everything surrounding the `FILE*` APIs.
https://github.com/llvm/llvm-project/pull/83027
More information about the cfe-commits
mailing list