[clang] [analyzer] Fix crash in Stream checker when using void pointers (PR #97199)

DonĂ¡t Nagy via cfe-commits cfe-commits at lists.llvm.org
Mon Jul 1 01:54:42 PDT 2024


https://github.com/NagyDonat requested changes to this pull request.

Unfortunately this PR is not a full solution, because e.g. the following test code still triggers the crash (if it is appended to the test file `stream.c`):
```c
struct zerosized {
    int foo[0];
};

void fread_zerosized(struct zerosized *buffer) {
  FILE *f = fopen("/tmp/foo.txt", "r");
  fread(buffer, 1, 1, f);
  fclose(f);
}
```

(I know that zero-sized arrays are not standard-compliant, but they are a widespread extension: e.g. both clang and gcc accept this `struct zerosized` with the default settings.)

Overall, I'd say that it's futile to try to recognize zero-sized types with a "canonical type equal to" check, so you should just check whether `ElemSizeInChars` is zero and do something based on that. (Either an early return, or you can say `ElemSizeInChars = 1` at that point if you think that that's the logically correct solution.)

`<bikeshedding>`This way you could also avoid the immediately invoked lambda in `getPointeeType` which is really ugly in my opinion.`</bikeshedding>`

https://github.com/llvm/llvm-project/pull/97199


More information about the cfe-commits mailing list