[clang] [analyzer] Fix crash when modelling 'getline' function in checkers (PR #145229)
Baranov Victor via cfe-commits
cfe-commits at lists.llvm.org
Tue Jun 24 10:57:28 PDT 2025
================
@@ -1518,14 +1518,19 @@ void MallocChecker::checkGetdelim(ProgramStateRef State, const CallEvent &Call,
if (!CE)
return;
- const auto LinePtr =
- getPointeeVal(Call.getArgSVal(0), State)->getAs<DefinedSVal>();
- const auto Size =
- getPointeeVal(Call.getArgSVal(1), State)->getAs<DefinedSVal>();
- if (!LinePtr || !Size || !LinePtr->getAsRegion())
+ const auto LinePtrOpt = getPointeeVal(Call.getArgSVal(0), State);
+ const auto SizeOpt = getPointeeVal(Call.getArgSVal(1), State);
+ if (!LinePtrOpt || !SizeOpt || LinePtrOpt->isUnknownOrUndef() ||
+ SizeOpt->isUnknownOrUndef())
----------------
vbvictor wrote:
UPD, I forgot about:
```cpp
const CallDescriptionMap<CheckFn> PostFnMap{
// NOTE: the following CallDescription also matches the C++ standard
// library function std::getline(); the callback will filter it out.
{{CDM::CLibrary, {"getline"}, 3}, &MallocChecker::checkGetdelim},
{{CDM::CLibrary, {"getdelim"}, 4}, &MallocChecker::checkGetdelim},
};
```
I suppose `CallDescriptionMap` would take care of it. We just need to make sure that we have extract correct types from arguments.
https://github.com/llvm/llvm-project/pull/145229
More information about the cfe-commits
mailing list