[clang] [Clang][UnsafeBufferUsage] Warn about two-arg string_view constructors. (PR #180471)
Rohan Jacob-Rao via cfe-commits
cfe-commits at lists.llvm.org
Fri Feb 13 14:28:16 PST 2026
================
@@ -699,6 +699,45 @@ static bool isSafeSpanTwoParamConstruct(const CXXConstructExpr &Node,
return isPtrBufferSafe(Arg0, Arg1, Ctx);
}
+static bool isSafeStringViewTwoParamConstruct(const CXXConstructExpr &Node,
+ ASTContext &Ctx) {
+ const Expr *Arg0 = Node.getArg(0)->IgnoreParenImpCasts();
+ const Expr *Arg1 = Node.getArg(1)->IgnoreParenImpCasts();
+
+ // Pattern 1: String Literals (Safe if size <= length)
+ if (const auto *SL = dyn_cast<StringLiteral>(Arg0)) {
+ if (auto ArgSize = Arg1->getIntegerConstantExpr(Ctx)) {
+ if (ArgSize->getZExtValue() <= SL->getLength())
+ return true;
+ }
+ }
+
+ // Pattern 2: Constant Arrays (Safe if exact match)
+ QualType T0 = Arg0->getType().getCanonicalType();
+ if (const auto *CAT = Ctx.getAsConstantArrayType(T0)) {
+ if (auto ArgSize = Arg1->getIntegerConstantExpr(Ctx)) {
+ // Wrap CAT->getSize() in APSInt to match ArgSize's type
+ if (llvm::APSInt::compareValues(llvm::APSInt(CAT->getSize(), /*isUnsigned=*/true),
----------------
rohanjr wrote:
Is it also safe if the size argument is less than the array size?
https://github.com/llvm/llvm-project/pull/180471
More information about the cfe-commits
mailing list