[clang] [-Wunsafe-buffer-usage] Fix false positives for constant cases (PR #92432)
Ziqing Luo via cfe-commits
cfe-commits at lists.llvm.org
Mon May 20 11:58:24 PDT 2024
================
@@ -420,25 +420,64 @@ AST_MATCHER(ArraySubscriptExpr, isSafeArraySubscript) {
// already duplicated
// - call both from Sema and from here
- const auto *BaseDRE =
- dyn_cast<DeclRefExpr>(Node.getBase()->IgnoreParenImpCasts());
- if (!BaseDRE)
+ if (const auto *BaseDRE =
+ dyn_cast<DeclRefExpr>(Node.getBase()->IgnoreParenImpCasts())) {
+ if (!BaseDRE->getDecl())
+ return false;
+ if (const auto *CATy = Finder->getASTContext().getAsConstantArrayType(
+ BaseDRE->getDecl()->getType())) {
+ if (const auto *IdxLit = dyn_cast<IntegerLiteral>(Node.getIdx())) {
+ const APInt ArrIdx = IdxLit->getValue();
+ // FIXME: ArrIdx.isNegative() we could immediately emit an error as that's a
+ // bug
+ if (ArrIdx.isNonNegative() &&
+ ArrIdx.getLimitedValue() < CATy->getLimitedSize())
+ return true;
+ }
+ }
+ }
+
+ if (const auto *BaseSL =
+ dyn_cast<StringLiteral>(Node.getBase()->IgnoreParenImpCasts())) {
+ if (const auto *CATy = Finder->getASTContext().getAsConstantArrayType(
+ BaseSL->getType())) {
+ if (const auto *IdxLit = dyn_cast<IntegerLiteral>(Node.getIdx())) {
+ const APInt ArrIdx = IdxLit->getValue();
+ // FIXME: ArrIdx.isNegative() we could immediately emit an error as that's a
+ // bug
+ if (ArrIdx.isNonNegative() &&
+ ArrIdx.getLimitedValue() < CATy->getLimitedSize())
+ return true;
+ }
+ }
+ }
+
+ return false;
+}
+
+AST_MATCHER(BinaryOperator, isSafePtrArithmetic) {
+ if (Node.getOpcode() != BinaryOperatorKind::BO_Add)
return false;
- if (!BaseDRE->getDecl())
+
+ const auto *LHSDRE =
----------------
ziqingluo-90 wrote:
For both the AST matchers, I'm just curious if we really need to make sure the left-hand side is a DRE? Could we just try to test if its' type is a constant array type regardless of its' expression kind?
https://github.com/llvm/llvm-project/pull/92432
More information about the cfe-commits
mailing list