[clang] [analyzer] Refine invalidation caused by `fread` (PR #93408)
DonĂ¡t Nagy via cfe-commits
cfe-commits at lists.llvm.org
Mon May 27 05:01:05 PDT 2024
================
@@ -717,18 +717,71 @@ const ExplodedNode *StreamChecker::getAcquisitionSite(const ExplodedNode *N,
return nullptr;
}
+/// Invalidate only the requested elements instead of the whole buffer.
+/// This is basically a refinement of the more generic 'escapeArgs' or
+/// the plain old 'invalidateRegions'.
+/// This only works if the \p StartIndex and \p Count are concrete or
+/// perfectly-constrained.
+static ProgramStateRef
+escapeByStartIndexAndCount(ProgramStateRef State, CheckerContext &C,
+ const CallEvent &Call, const MemRegion *Buffer,
+ QualType ElemType, SVal StartIndex, SVal Count) {
+ if (!llvm::isa_and_nonnull<SubRegion>(Buffer))
+ return State;
----------------
NagyDonat wrote:
I'd slightly prefer a `dyn_cast_or_null` instead of this `isa` check that's eventually followed by a bare `cast`.
https://github.com/llvm/llvm-project/pull/93408
More information about the cfe-commits
mailing list