diff options
| author | Anna Zaks <ganna@apple.com> | 2011-12-06 23:12:27 +0000 |
|---|---|---|
| committer | Anna Zaks <ganna@apple.com> | 2011-12-06 23:12:27 +0000 |
| commit | c25efccc8b448341f1aa124bb6fcc37a72dc0a46 (patch) | |
| tree | 6970913705d29c650913f8730007d96f4f5105b2 /clang/lib/StaticAnalyzer/Core/SValBuilder.cpp | |
| parent | 8629c0a4d07f2247ca151174bbdb8f0efc778fab (diff) | |
| download | bcm5719-llvm-c25efccc8b448341f1aa124bb6fcc37a72dc0a46.tar.gz bcm5719-llvm-c25efccc8b448341f1aa124bb6fcc37a72dc0a46.zip | |
[analyzer] Propagate taint through NonLoc to NonLoc casts.
- Created a new SymExpr type - SymbolCast.
- SymbolCast is created when we don't know how to simplify a NonLoc to
NonLoc casts.
- A bit of code refactoring: introduced dispatchCast to have better
code reuse, remove a goto.
- Updated the test case to showcase the new taint flow.
llvm-svn: 145985
Diffstat (limited to 'clang/lib/StaticAnalyzer/Core/SValBuilder.cpp')
| -rw-r--r-- | clang/lib/StaticAnalyzer/Core/SValBuilder.cpp | 31 |
1 files changed, 12 insertions, 19 deletions
diff --git a/clang/lib/StaticAnalyzer/Core/SValBuilder.cpp b/clang/lib/StaticAnalyzer/Core/SValBuilder.cpp index 617e0ddc729..ff0a85a5723 100644 --- a/clang/lib/StaticAnalyzer/Core/SValBuilder.cpp +++ b/clang/lib/StaticAnalyzer/Core/SValBuilder.cpp @@ -56,6 +56,12 @@ NonLoc SValBuilder::makeNonLoc(const SymExpr *lhs, BinaryOperator::Opcode op, return nonloc::SymbolVal(SymMgr.getSymSymExpr(lhs, op, rhs, type)); } +NonLoc SValBuilder::makeNonLoc(const SymExpr *operand, + QualType fromTy, QualType toTy) { + assert(operand); + assert(!Loc::isLocType(toTy)); + return nonloc::SymbolVal(SymMgr.getCastSymbol(operand, fromTy, toTy)); +} SVal SValBuilder::convertToArrayIndex(SVal val) { if (val.isUnknownOrUndef()) @@ -220,21 +226,7 @@ SVal SValBuilder::evalCast(SVal val, QualType castTy, QualType originalTy) { if (!castTy->isVariableArrayType() && !originalTy->isVariableArrayType()) if (Context.hasSameUnqualifiedType(castTy, originalTy)) return val; - - // Check for casts to real or complex numbers. We don't handle these at all - // right now. - if (castTy->isFloatingType() || castTy->isAnyComplexType()) - return UnknownVal(); - // Check for casts from integers to integers. - if (castTy->isIntegerType() && originalTy->isIntegerType()) { - if (isa<Loc>(val)) - // This can be a cast to ObjC property of type int. - return evalCastFromLoc(cast<Loc>(val), castTy); - else - return evalCastFromNonLoc(cast<NonLoc>(val), castTy); - } - // Check for casts from pointers to integers. if (castTy->isIntegerType() && Loc::isLocType(originalTy)) return evalCastFromLoc(cast<Loc>(val), castTy); @@ -249,7 +241,7 @@ SVal SValBuilder::evalCast(SVal val, QualType castTy, QualType originalTy) { } return LV->getLoc(); } - goto DispatchCast; + return dispatchCast(val, castTy); } // Just pass through function and block pointers. @@ -323,8 +315,9 @@ SVal SValBuilder::evalCast(SVal val, QualType castTy, QualType originalTy) { return R ? SVal(loc::MemRegionVal(R)) : UnknownVal(); } -DispatchCast: - // All other cases. - return isa<Loc>(val) ? evalCastFromLoc(cast<Loc>(val), castTy) - : evalCastFromNonLoc(cast<NonLoc>(val), castTy); + // Check for casts from integers to integers. + if (castTy->isIntegerType() && originalTy->isIntegerType()) + return dispatchCast(val, castTy); + + return dispatchCast(val, castTy); } |
