summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--clang/lib/StaticAnalyzer/Core/CallEvent.cpp5
-rw-r--r--clang/test/Analysis/Inputs/system-header-simulator-cxx.h9
-rw-r--r--clang/test/Analysis/malloc.cpp14
3 files changed, 28 insertions, 0 deletions
diff --git a/clang/lib/StaticAnalyzer/Core/CallEvent.cpp b/clang/lib/StaticAnalyzer/Core/CallEvent.cpp
index bd47e897c34..420e2a6b5c8 100644
--- a/clang/lib/StaticAnalyzer/Core/CallEvent.cpp
+++ b/clang/lib/StaticAnalyzer/Core/CallEvent.cpp
@@ -382,6 +382,11 @@ bool AnyFunctionCall::argumentsMayEscape() const {
if (II->isStr("funopen"))
return true;
+ // - __cxa_demangle - can reallocate memory and can return the pointer to
+ // the input buffer.
+ if (II->isStr("__cxa_demangle"))
+ return true;
+
StringRef FName = II->getName();
// - CoreFoundation functions that end with "NoCopy" can free a passed-in
diff --git a/clang/test/Analysis/Inputs/system-header-simulator-cxx.h b/clang/test/Analysis/Inputs/system-header-simulator-cxx.h
index b32d200364b..04f1000dbc3 100644
--- a/clang/test/Analysis/Inputs/system-header-simulator-cxx.h
+++ b/clang/test/Analysis/Inputs/system-header-simulator-cxx.h
@@ -240,3 +240,12 @@ void* operator new (std::size_t size, void* ptr) throw() { return ptr; };
void* operator new[] (std::size_t size, void* ptr) throw() { return ptr; };
void operator delete (void* ptr, void*) throw() {};
void operator delete[] (void* ptr, void*) throw() {};
+
+namespace __cxxabiv1 {
+extern "C" {
+extern char *__cxa_demangle(const char *mangled_name,
+ char *output_buffer,
+ size_t *length,
+ int *status);
+}}
+namespace abi = __cxxabiv1;
diff --git a/clang/test/Analysis/malloc.cpp b/clang/test/Analysis/malloc.cpp
index f24ccf58dc3..a8a79cac868 100644
--- a/clang/test/Analysis/malloc.cpp
+++ b/clang/test/Analysis/malloc.cpp
@@ -1,6 +1,8 @@
// RUN: %clang_cc1 -w -analyze -analyzer-checker=core,alpha.deadcode.UnreachableCode,alpha.core.CastSize,unix.Malloc,cplusplus.NewDelete -analyzer-store=region -verify %s
// RUN: %clang_cc1 -triple i386-unknown-linux-gnu -w -analyze -analyzer-checker=core,alpha.deadcode.UnreachableCode,alpha.core.CastSize,unix.Malloc,cplusplus.NewDelete -analyzer-store=region -verify %s
+#include "Inputs/system-header-simulator-cxx.h"
+
typedef __typeof(sizeof(int)) size_t;
void *malloc(size_t);
void free(void *);
@@ -125,3 +127,15 @@ namespace PR31226 {
p->m(); // no-crash // no-warning
}
}
+
+// Allow __cxa_demangle to escape.
+char* test_cxa_demangle(const char* sym) {
+ size_t funcnamesize = 256;
+ char* funcname = (char*)malloc(funcnamesize);
+ int status;
+ char* ret = abi::__cxa_demangle(sym, funcname, &funcnamesize, &status);
+ if (status == 0) {
+ funcname = ret;
+ }
+ return funcname; // no-warning
+}
OpenPOWER on IntegriCloud