diff options
| author | Anna Zaks <ganna@apple.com> | 2011-12-14 00:55:58 +0000 |
|---|---|---|
| committer | Anna Zaks <ganna@apple.com> | 2011-12-14 00:55:58 +0000 |
| commit | d6bb3227de1af821261b631b63812369f789b675 (patch) | |
| tree | 58ec081358566c43690b0a6d81e1adeba9ab85e1 /clang/lib/StaticAnalyzer/Core/ProgramState.cpp | |
| parent | 8f92ce6e39086ffed1c3f93187e2e1b64bb7b49f (diff) | |
| download | bcm5719-llvm-d6bb3227de1af821261b631b63812369f789b675.tar.gz bcm5719-llvm-d6bb3227de1af821261b631b63812369f789b675.zip | |
[analyzer] Mark getenv output as tainted.
Also, allow adding taint to a region (not only a symbolic value).
llvm-svn: 146532
Diffstat (limited to 'clang/lib/StaticAnalyzer/Core/ProgramState.cpp')
| -rw-r--r-- | clang/lib/StaticAnalyzer/Core/ProgramState.cpp | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/clang/lib/StaticAnalyzer/Core/ProgramState.cpp b/clang/lib/StaticAnalyzer/Core/ProgramState.cpp index 43b0b3e9423..af038c6f0f5 100644 --- a/clang/lib/StaticAnalyzer/Core/ProgramState.cpp +++ b/clang/lib/StaticAnalyzer/Core/ProgramState.cpp @@ -654,8 +654,15 @@ bool ProgramState::scanReachableSymbols(const MemRegion * const *I, const ProgramState* ProgramState::addTaint(const Stmt *S, TaintTagType Kind) const { SymbolRef Sym = getSVal(S).getAsSymbol(); - assert(Sym && "Cannot add taint to statements whose value is not a symbol"); - return addTaint(Sym, Kind); + if (Sym) + return addTaint(Sym, Kind); + + const MemRegion *R = getSVal(S).getAsRegion(); + if (const SymbolicRegion *SR = dyn_cast_or_null<SymbolicRegion>(R)) + return addTaint(SR->getSymbol(), Kind); + + // Cannot add taint, so just return the state. + return this; } const ProgramState* ProgramState::addTaint(SymbolRef Sym, |
