[clang] [Wunsafe-buffer-usage] Address some false positives in handling array indices that are decidably correct (PR #117370)
Reid Kleckner via cfe-commits
cfe-commits at lists.llvm.org
Wed Nov 27 10:15:51 PST 2024
================
@@ -439,8 +439,16 @@ AST_MATCHER(ArraySubscriptExpr, isSafeArraySubscript) {
dyn_cast<StringLiteral>(Node.getBase()->IgnoreParenImpCasts());
----------------
rnk wrote:
There's a FIXME above about refactoring Sema::CheckArrayAccess to avoid duplication, and I'm trying to decide if that makes sense or not, or if we should just copy the logic.
It seems like the main behavior difference is that `Sema::CheckArrayAccess` doesn't go looking for a `Decl` with a `ConstantArray` type, it just looks at the type of any old expression, which means it doesn't warn on cases involving casts or other expressions with constant array type, like these:
```
int arr[1];
int oob() {return (*(int(*)[2])&arr)[1]; } // currently warns, should we keep warning or trust the cast?
int *arrayAddr()[1] { return &arr; }
int safe() { return (*arrayAddr())[0] } // currently warns, but should we warn?
```
https://github.com/llvm/llvm-project/pull/117370
More information about the cfe-commits
mailing list