diff options
| author | Jordan Rose <jordan_rose@apple.com> | 2013-08-19 16:27:34 +0000 |
|---|---|---|
| committer | Jordan Rose <jordan_rose@apple.com> | 2013-08-19 16:27:34 +0000 |
| commit | 60619a639b727af3e2a82801ad0626c6bfc75cbb (patch) | |
| tree | 7d463a4634cf4dc97d7d34fc20deb03212fa9da5 /clang/test | |
| parent | 5374c07ab92e2c78ccf43186383fc5e33835ebb8 (diff) | |
| download | bcm5719-llvm-60619a639b727af3e2a82801ad0626c6bfc75cbb.tar.gz bcm5719-llvm-60619a639b727af3e2a82801ad0626c6bfc75cbb.zip | |
[analyzer] Assume that strings are no longer than SIZE_MAX/4.
This keeps the analyzer from making silly assumptions, like thinking
strlen(foo)+1 could wrap around to 0. This fixes PR16558.
Patch by Karthik Bhat!
llvm-svn: 188680
Diffstat (limited to 'clang/test')
| -rw-r--r-- | clang/test/Analysis/malloc.c | 32 | ||||
| -rw-r--r-- | clang/test/Analysis/string.c | 6 |
2 files changed, 36 insertions, 2 deletions
diff --git a/clang/test/Analysis/malloc.c b/clang/test/Analysis/malloc.c index 83946c83a88..2e5213e3746 100644 --- a/clang/test/Analysis/malloc.c +++ b/clang/test/Analysis/malloc.c @@ -1216,6 +1216,38 @@ void testReallocEscaped(void **memory) { } } +// PR16558 +void *smallocNoWarn(size_t size) { + if (size == 0) { + return malloc(1); // this branch is never called + } + else { + return malloc(size); + } +} + +char *dupstrNoWarn(const char *s) { + const int len = strlen(s); + char *p = (char*) smallocNoWarn(len + 1); + strcpy(p, s); // no-warning + return p; +} + +void *smallocWarn(size_t size) { + if (size == 2) { + return malloc(1); + } + else { + return malloc(size); + } +} + +char *dupstrWarn(const char *s) { + const int len = strlen(s); + char *p = (char*) smallocWarn(len + 1); + strcpy(p, s); // expected-warning{{String copy function overflows destination buffer}} + return p; +} // ---------------------------------------------------------------------------- // False negatives. diff --git a/clang/test/Analysis/string.c b/clang/test/Analysis/string.c index 6cf52f7a557..9fd3efb5c2d 100644 --- a/clang/test/Analysis/string.c +++ b/clang/test/Analysis/string.c @@ -430,11 +430,12 @@ void strcat_unknown_src_length(char *src, int offset) { // length for the "before" strlen, we won't be able to set one for "after". void strcat_too_big(char *dst, char *src) { + // We assume this can never actually happen, so we don't get a warning. if (strlen(dst) != (((size_t)0) - 2)) return; if (strlen(src) != 2) return; - strcat(dst, src); // expected-warning{{This expression will create a string whose length is too big to be represented as a size_t}} + strcat(dst, src); } @@ -653,11 +654,12 @@ void strncat_unknown_limit(float limit) { } void strncat_too_big(char *dst, char *src) { + // We assume this will never actually happen, so we don't get a warning. if (strlen(dst) != (((size_t)0) - 2)) return; if (strlen(src) != 2) return; - strncat(dst, src, 2); // expected-warning{{This expression will create a string whose length is too big to be represented as a size_t}} + strncat(dst, src, 2); } void strncat_zero(char *src) { |
