[analyzer] Do not crash in the visitor when the function is given more arguments than it has parameters

rdar://40335545

Differential Revision: https://reviews.llvm.org/D48107

llvm-svn: 334560

2 files changed, 16 insertions, 1 deletions

diff --git a/clang/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp b/clang/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp
index 3cac6cb3284..fceb3f094ca 100644
--- a/clang/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp
+++ b/clang/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp
@@ -286,7 +286,7 @@ public:
     }
 
     ArrayRef<ParmVarDecl *> parameters = getCallParameters(Call);
-    for (unsigned I = 0, E = Call->getNumArgs(); I != E; ++I) {
+    for (unsigned I = 0; I < Call->getNumArgs() && I < parameters.size(); ++I) {
       const ParmVarDecl *PVD = parameters[I];
       SVal S = Call->getArgSVal(I);
       unsigned IndirectionLevel = 1;
diff --git a/clang/test/Analysis/diagnostics/no-store-func-path-notes.cpp b/clang/test/Analysis/diagnostics/no-store-func-path-notes.cpp
index a704c14c251..b96dc4cf2a8 100644
--- a/clang/test/Analysis/diagnostics/no-store-func-path-notes.cpp
+++ b/clang/test/Analysis/diagnostics/no-store-func-path-notes.cpp
@@ -145,3 +145,18 @@ int usepointerreference() {
   return s.x; // expected-warning{{Undefined or garbage value returned to caller}}
               // expected-note@-1{{Undefined or garbage value returned to caller}}
 }
+
+void *has_no_argument_and_returns_null(void) {
+  return 0;
+}
+
+void rdar40335545() {
+    int local; // expected-note{{}}
+    void (*takes_int_ptr_argument)(int *) = (void (*)(int*))has_no_argument_and_returns_null;
+
+    takes_int_ptr_argument(&local); // no-crash
+
+    int useLocal = local; //expected-warning{{}}
+                          //expected-note@-1{{}}
+    (void)useLocal;
+}