summaryrefslogtreecommitdiffstats
path: root/clang/test/Analysis/taint-generic.c
diff options
context:
space:
mode:
authorAnna Zaks <ganna@apple.com>2012-01-20 20:28:31 +0000
committerAnna Zaks <ganna@apple.com>2012-01-20 20:28:31 +0000
commit8298af85a6da7b7b583b549eaa6ca1d16d2d34ec (patch)
tree49f6908f887f86d2eb8282a80137cf80a054fc44 /clang/test/Analysis/taint-generic.c
parent91f5a3f253a3d7282923e690cc47cbc8710a7928 (diff)
downloadbcm5719-llvm-8298af85a6da7b7b583b549eaa6ca1d16d2d34ec.tar.gz
bcm5719-llvm-8298af85a6da7b7b583b549eaa6ca1d16d2d34ec.zip
[analyzer] Add taint awareness to DivZeroChecker.
llvm-svn: 148566
Diffstat (limited to 'clang/test/Analysis/taint-generic.c')
-rw-r--r--clang/test/Analysis/taint-generic.c11
1 files changed, 8 insertions, 3 deletions
diff --git a/clang/test/Analysis/taint-generic.c b/clang/test/Analysis/taint-generic.c
index 47bdb4e4c9c..65e519e6ae3 100644
--- a/clang/test/Analysis/taint-generic.c
+++ b/clang/test/Analysis/taint-generic.c
@@ -1,4 +1,4 @@
-// RUN: %clang_cc1 -analyze -analyzer-checker=experimental.security.taint,experimental.security.ArrayBoundV2 -Wno-format-security -verify %s
+// RUN: %clang_cc1 -analyze -analyzer-checker=experimental.security.taint,core,experimental.security.ArrayBoundV2 -Wno-format-security -verify %s
int scanf(const char *restrict format, ...);
int getchar(void);
@@ -49,7 +49,7 @@ void bufferScanfArithmetic1(int x) {
void bufferScanfArithmetic2(int x) {
int n;
scanf("%d", &n);
- int m = 100 / (n + 3) * x;
+ int m = 100 - (n + 3) * x;
Buffer[m] = 1; // expected-warning {{Out of bound memory access }}
}
@@ -64,7 +64,7 @@ void bufferScanfAssignment(int x) {
}
void scanfArg() {
- int t;
+ int t = 0;
scanf("%d", t); // expected-warning {{conversion specifies type 'int *' but the argument has type 'int'}}
}
@@ -171,3 +171,8 @@ void testSocket() {
execl(buffer, "filename", 0); // no-warning
}
+int testDivByZero() {
+ int x;
+ scanf("%d", &x);
+ return 5/x; // expected-warning {{Division by a tainted value, possibly zero}}
+}
OpenPOWER on IntegriCloud