[clang] [Clang] Fix potential null pointer dereference in retain cycle detection (PR #95192)
via cfe-commits
cfe-commits at lists.llvm.org
Tue Jun 11 21:19:06 PDT 2024
https://github.com/smanna12 updated https://github.com/llvm/llvm-project/pull/95192
>From 6852bd6773c13dd9e573df460e74e2b7306c63f0 Mon Sep 17 00:00:00 2001
From: "Manna, Soumi" <soumi.manna at intel.com>
Date: Tue, 11 Jun 2024 19:52:03 -0700
Subject: [PATCH 1/3] [Clang] Fix potential null pointer dereference in retain
cycle detection
This patch resolves a static analyzer bug where `S.getCurMethodDecl()` could return `nullptr` when calling getSelfDecl(() and was being dereferenced without a null check. The fix introduces a check for a non-null return value before accessing `getSelfDecl()` to ensure safe dereferencing.
This change prevents undefined behavior in scenarios where the current method declaration is not available, thus enhancing the robustness of the retain cycle detection logic.
---
clang/lib/Sema/SemaObjC.cpp | 14 +++++++++-----
1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/clang/lib/Sema/SemaObjC.cpp b/clang/lib/Sema/SemaObjC.cpp
index d396258cfc7d1..69c78f034bd43 100644
--- a/clang/lib/Sema/SemaObjC.cpp
+++ b/clang/lib/Sema/SemaObjC.cpp
@@ -848,12 +848,16 @@ static bool findRetainCycleOwner(Sema &S, Expr *e, RetainCycleOwner &owner) {
owner.Indirect = true;
if (pre->isSuperReceiver()) {
- owner.Variable = S.getCurMethodDecl()->getSelfDecl();
- if (!owner.Variable)
+ if (const auto *CurMethodDecl = S.getCurMethodDecl()) {
+ owner.Variable = CurMethodDecl()->getSelfDecl();
+ if (!owner.Variable)
+ return false;
+ owner.Loc = pre->getLocation();
+ owner.Range = pre->getSourceRange();
+ return true;
+ } else {
return false;
- owner.Loc = pre->getLocation();
- owner.Range = pre->getSourceRange();
- return true;
+ }
}
e = const_cast<Expr *>(
cast<OpaqueValueExpr>(pre->getBase())->getSourceExpr());
>From dcf371b72e3d1fbfdeaa6658aebdcdabc7b6f4ae Mon Sep 17 00:00:00 2001
From: "Manna, Soumi" <soumi.manna at intel.com>
Date: Tue, 11 Jun 2024 20:08:45 -0700
Subject: [PATCH 2/3] Fix build errors
---
clang/lib/Sema/SemaObjC.cpp | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/clang/lib/Sema/SemaObjC.cpp b/clang/lib/Sema/SemaObjC.cpp
index 69c78f034bd43..65e297b3b1249 100644
--- a/clang/lib/Sema/SemaObjC.cpp
+++ b/clang/lib/Sema/SemaObjC.cpp
@@ -849,7 +849,7 @@ static bool findRetainCycleOwner(Sema &S, Expr *e, RetainCycleOwner &owner) {
owner.Indirect = true;
if (pre->isSuperReceiver()) {
if (const auto *CurMethodDecl = S.getCurMethodDecl()) {
- owner.Variable = CurMethodDecl()->getSelfDecl();
+ owner.Variable = CurMethodDecl->getSelfDecl();
if (!owner.Variable)
return false;
owner.Loc = pre->getLocation();
>From 969d0a85dd0516e914b4d9fad00c9350f5009a2e Mon Sep 17 00:00:00 2001
From: "Manna, Soumi" <soumi.manna at intel.com>
Date: Tue, 11 Jun 2024 21:18:28 -0700
Subject: [PATCH 3/3] Add new bug
---
clang/lib/Sema/SemaObjC.cpp | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/clang/lib/Sema/SemaObjC.cpp b/clang/lib/Sema/SemaObjC.cpp
index 65e297b3b1249..4b951ea536034 100644
--- a/clang/lib/Sema/SemaObjC.cpp
+++ b/clang/lib/Sema/SemaObjC.cpp
@@ -1173,9 +1173,13 @@ void SemaObjC::checkRetainCycles(ObjCMessageExpr *msg) {
return;
} else {
assert(msg->getReceiverKind() == ObjCMessageExpr::SuperInstance);
- owner.Variable = SemaRef.getCurMethodDecl()->getSelfDecl();
- owner.Loc = msg->getSuperLoc();
- owner.Range = msg->getSuperLoc();
+ if (const auto *CurMethodDecl = SemaRef.getCurMethodDecl()) {
+ owner.Variable = CurMethodDecl->getSelfDecl();
+ owner.Loc = msg->getSuperLoc();
+ owner.Range = msg->getSuperLoc();
+ } else {
+ return;
+ }
}
// Check whether the receiver is captured by any of the arguments.
More information about the cfe-commits
mailing list