summaryrefslogtreecommitdiffstats
path: root/clang/test/Analysis/malloc.c
diff options
context:
space:
mode:
authorJordan Rose <jordan_rose@apple.com>2013-08-19 16:27:34 +0000
committerJordan Rose <jordan_rose@apple.com>2013-08-19 16:27:34 +0000
commit60619a639b727af3e2a82801ad0626c6bfc75cbb (patch)
tree7d463a4634cf4dc97d7d34fc20deb03212fa9da5 /clang/test/Analysis/malloc.c
parent5374c07ab92e2c78ccf43186383fc5e33835ebb8 (diff)
downloadbcm5719-llvm-60619a639b727af3e2a82801ad0626c6bfc75cbb.tar.gz
bcm5719-llvm-60619a639b727af3e2a82801ad0626c6bfc75cbb.zip
[analyzer] Assume that strings are no longer than SIZE_MAX/4.
This keeps the analyzer from making silly assumptions, like thinking strlen(foo)+1 could wrap around to 0. This fixes PR16558. Patch by Karthik Bhat! llvm-svn: 188680
Diffstat (limited to 'clang/test/Analysis/malloc.c')
-rw-r--r--clang/test/Analysis/malloc.c32
1 files changed, 32 insertions, 0 deletions
diff --git a/clang/test/Analysis/malloc.c b/clang/test/Analysis/malloc.c
index 83946c83a88..2e5213e3746 100644
--- a/clang/test/Analysis/malloc.c
+++ b/clang/test/Analysis/malloc.c
@@ -1216,6 +1216,38 @@ void testReallocEscaped(void **memory) {
}
}
+// PR16558
+void *smallocNoWarn(size_t size) {
+ if (size == 0) {
+ return malloc(1); // this branch is never called
+ }
+ else {
+ return malloc(size);
+ }
+}
+
+char *dupstrNoWarn(const char *s) {
+ const int len = strlen(s);
+ char *p = (char*) smallocNoWarn(len + 1);
+ strcpy(p, s); // no-warning
+ return p;
+}
+
+void *smallocWarn(size_t size) {
+ if (size == 2) {
+ return malloc(1);
+ }
+ else {
+ return malloc(size);
+ }
+}
+
+char *dupstrWarn(const char *s) {
+ const int len = strlen(s);
+ char *p = (char*) smallocWarn(len + 1);
+ strcpy(p, s); // expected-warning{{String copy function overflows destination buffer}}
+ return p;
+}
// ----------------------------------------------------------------------------
// False negatives.
OpenPOWER on IntegriCloud