[clang] [clang][analyzer] Check for label location bindings in `DereferenceChecker` (PR #91119)
via cfe-commits
cfe-commits at lists.llvm.org
Sun May 5 05:40:15 PDT 2024
llvmbot wrote:
<!--LLVM PR SUMMARY COMMENT-->
@llvm/pr-subscribers-clang
Author: Rajveer Singh Bharadwaj (Rajveer100)
<details>
<summary>Changes</summary>
Resolves #<!-- -->89264
Values should not be stored in addresses of labels, this throws a fatal error when this happens.
---
Full diff: https://github.com/llvm/llvm-project/pull/91119.diff
2 Files Affected:
- (modified) clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp (+7)
- (added) clang/test/Analysis/Issue89264.c (+13)
``````````diff
diff --git a/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
index 1cebfbbee77dae..a1770e15ad7d52 100644
--- a/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
+++ b/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
@@ -286,6 +286,13 @@ void DereferenceChecker::checkBind(SVal L, SVal V, const Stmt *S,
// If we're binding to a reference, check if the value is known to be null.
if (V.isUndef())
return;
+
+ // One should never write to label addresses.
+ if (auto Label = L.getAs<loc::GotoLabel>()) {
+ llvm::errs() << "WRITING TO LABEL: " << L << "\n";
+ llvm::errs() << "Fatal Error: " << "Dereference of the address of a label" << "\n";
+ return;
+ }
const MemRegion *MR = L.getAsRegion();
const TypedValueRegion *TVR = dyn_cast_or_null<TypedValueRegion>(MR);
diff --git a/clang/test/Analysis/Issue89264.c b/clang/test/Analysis/Issue89264.c
new file mode 100644
index 00000000000000..1592bc20ee56f2
--- /dev/null
+++ b/clang/test/Analysis/Issue89264.c
@@ -0,0 +1,13 @@
+// RUN: %clang_analyze_cc1 -analyzer-checker=core,debug.ExprInspection -verify %s
+
+void clang_analyzer_dump(char);
+void clang_analyzer_dump_ptr(char*);
+
+// https://github.com/llvm/llvm-project/issues/89185
+void binding_to_label_loc() {
+ char *b = &&MyLabel;
+MyLabel:
+ *b = 0; // no-crash
+ clang_analyzer_dump_ptr(b); // expected-warning {{&&MyLabel}}
+ clang_analyzer_dump(*b); // expected-warning {{Unknown}}
+}
``````````
</details>
https://github.com/llvm/llvm-project/pull/91119
More information about the cfe-commits
mailing list