summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAnna Zaks <ganna@apple.com>2011-08-12 22:47:22 +0000
committerAnna Zaks <ganna@apple.com>2011-08-12 22:47:22 +0000
commit59d741fec6436268fe5c476f168ab6a7d00fa9d9 (patch)
tree5fbcafe4c56d3e4891c51eb5cdc1d7db69231afc
parent2325474368447c526ab9483f4ed88e6a0d2054e2 (diff)
downloadbcm5719-llvm-59d741fec6436268fe5c476f168ab6a7d00fa9d9.tar.gz
bcm5719-llvm-59d741fec6436268fe5c476f168ab6a7d00fa9d9.zip
MacOSKeychainAPIChecker: If the allocated data address entered as an enclosing function parameter, skip it to avoid false positives.
llvm-svn: 137526
Diffstat
-rw-r--r--clang/lib/StaticAnalyzer/Checkers/MacOSKeychainAPIChecker.cpp5
-rw-r--r--clang/test/Analysis/keychainAPI.m11
2 files changed, 16 insertions, 0 deletions
diff --git a/clang/lib/StaticAnalyzer/Checkers/MacOSKeychainAPIChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/MacOSKeychainAPIChecker.cpp
index d955f4bdb52..1663252cdd3 100644
--- a/clang/lib/StaticAnalyzer/Checkers/MacOSKeychainAPIChecker.cpp
+++ b/clang/lib/StaticAnalyzer/Checkers/MacOSKeychainAPIChecker.cpp
@@ -349,6 +349,11 @@ void MacOSKeychainAPIChecker::checkPostStmt(const CallExpr *CE,
return;
const Expr *ArgExpr = CE->getArg(FunctionsToTrack[idx].Param);
+ // If the argument entered as an enclosing function parameter, skip it to
+ // avoid false positives.
+ if (isEnclosingFunctionParam(ArgExpr))
+ return;
+
if (SymbolRef V = getAsPointeeSymbol(ArgExpr, C)) {
// If the argument points to something that's not a symbolic region, it
// can be:
diff --git a/clang/test/Analysis/keychainAPI.m b/clang/test/Analysis/keychainAPI.m
index be9d74c31e2..74834ab5d5c 100644
--- a/clang/test/Analysis/keychainAPI.m
+++ b/clang/test/Analysis/keychainAPI.m
@@ -133,6 +133,17 @@ void* returnContent() {
return outData;
} // no-warning
+// Password was passed in as an argument and does nt have to be deleted.
+OSStatus getPasswordAndItem(void** password, UInt32* passwordLength) {
+ OSStatus err;
+ SecKeychainItemRef item;
+ err = SecKeychainFindGenericPassword(0, 3, "xx",
+ 3, "xx",
+ passwordLength, password,
+ &item);
+ return err;
+} // no-warning
+
int apiMismatch(SecKeychainItemRef itemRef,
SecKeychainAttributeInfo *info,
SecItemClass *itemClass) {
OpenPOWER on IntegriCloud