[LLVMbugs] [Bug 19661] New: strcmp call modifies constant value in adjacent struct

Tue May 6 04:02:03 PDT 2014

http://llvm.org/bugs/show_bug.cgi?id=19661

            Bug ID: 19661
           Summary: strcmp call modifies constant value in adjacent struct
           Product: clang
           Version: 3.4
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P
         Component: Static Analyzer
          Assignee: kremenek at apple.com
          Reporter: pspacek at redhat.com
                CC: llvmbugs at cs.uiuc.edu
    Classification: Unclassified

Created attachment 12482
  --> http://llvm.org/bugs/attachment.cgi?id=12482&action=edit
minimal test case

Static analyzer thinks that strcmp() modifies memory adjacent to strcmp()
parameters. The problem doesn't happen if I use strcasecmp() instead of
strcmp(). Please see attached minimal example and report file.

Excerpt:

18    switch (setting->type) {
        Control jumps to 'case ST_STRING:' at line 19
19    case ST_STRING:
20        /* strcmp triggers the error */
21        if (strcmp(setting->value_char, value) == 0)
        Taking false branch
22        /* but strcasecmp doesn't trigger the error! */
23        //if (strcasecmp(setting->value_char, value) == 0)
24        return 1;
25    break;
...

33    switch (setting->type) {
    Control jumps to 'case ST_UNSIGNED_INTEGER:' at line 37

Apparently, analyzer thinks that setting->type was changed in strcmp() call.

Please see attached files for structure definitions etc.

Have a nice day!

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20140506/f563dee0/attachment.html>