[analyzer] Fix a false positive in Secure Keychain API checker.

Better handle the blacklisting of known bad deallocators when symbol
escapes through a call to CFStringCreateWithBytesNoCopy.

Addresses radar://12702952.

llvm-svn: 171770

1 files changed, 19 insertions, 0 deletions

diff --git a/clang/test/Analysis/keychainAPI.m b/clang/test/Analysis/keychainAPI.m
index 6eca8003d93..4fc48c066f9 100644
--- a/clang/test/Analysis/keychainAPI.m
+++ b/clang/test/Analysis/keychainAPI.m
@@ -305,6 +305,25 @@ void DellocWithCFStringCreate4(CFAllocatorRef alloc) {
   }
 }
 
+static CFAllocatorRef gKeychainDeallocator = 0;
+
+static CFAllocatorRef GetKeychainDeallocator() {  
+  return gKeychainDeallocator;
+}
+
+CFStringRef DellocWithCFStringCreate5(CFAllocatorRef alloc) {
+  unsigned int *ptr = 0;
+  OSStatus st = 0;
+  UInt32 length;
+  void *bytes;
+  char * x;
+  st = SecKeychainItemCopyContent(2, ptr, ptr, &length, &bytes);
+  if (st == noErr) {
+    return CFStringCreateWithBytesNoCopy(alloc, bytes, length, 5, 0, GetKeychainDeallocator()); // no-warning
+  }
+  return 0;
+}
+
 void radar10508828() {
   UInt32 pwdLen = 0;
   void*  pwdBytes = 0;