summaryrefslogtreecommitdiffstats
path: root/clang/lib/StaticAnalyzer/Checkers/MacOSKeychainAPIChecker.cpp
Commit message (Collapse)AuthorAgeFilesLines
...
* [analyzer] Add a clone() method to BugReporterVisitor, so that we'll be able ↵Jordy Rose2012-03-241-1/+2
| | | | | | to reset diagnostic generation. llvm-svn: 153368
* [analyzer] Replace a static helper with existing logic. No functionality change.Jordy Rose2012-03-111-26/+18
| | | | llvm-svn: 152521
* [analyzer] Implement basic path diagnostic pruning based on "interesting" ↵Ted Kremenek2012-03-091-0/+12
| | | | | | | | | | | | | | | | | symbols and regions. Essentially, a bug centers around a story for various symbols and regions. We should only include the path diagnostic events that relate to those symbols and regions. The pruning is done by associating a set of interesting symbols and regions with a BugReporter, which can be modified at BugReport creation or by BugReporterVisitors. This patch reduces the diagnostics emitted in several of our test cases. I've vetted these as having desired behavior. The only regression is a missing null check diagnostic for the return value of realloc() in test/Analysis/malloc-plist.c. This will require some investigation to fix, and I have added a FIXME to the test case. llvm-svn: 152361
* [analyzer] Leaks should be uniqued by the allocation point in theAnna Zaks2012-02-281-5/+12
| | | | | | closest function context (Keychain API). llvm-svn: 151613
* [analyzer] KeyChainAPI: unique the leaks by allocation site.Anna Zaks2012-02-231-21/+60
| | | | | | (Very similar to the previous change in malloc.) llvm-svn: 151297
* [analyzer] Make KeyChainAPI checker inlining-aware.Anna Zaks2012-02-211-1/+11
| | | | llvm-svn: 151007
* Basic: import SmallString<> into clang namespaceDylan Noblesmith2012-02-051-3/+3
| | | | | | | (I was going to fix the TODO about DenseMap too, but that would break self-host right now. See PR11922.) llvm-svn: 149799
* Basic: import OwningPtr<> into clang namespaceDylan Noblesmith2012-02-051-1/+1
| | | | llvm-svn: 149798
* Move a method from IdentifierTable.h out of line and remove the SmallString ↵Benjamin Kramer2012-02-041-0/+1
| | | | | | | | include. Fix all the transitive include users. llvm-svn: 149783
* Change references to 'const ProgramState *' to typedef 'ProgramStateRef'.Ted Kremenek2012-01-261-11/+11
| | | | | | | | At this point this is largely cosmetic, but it opens the door to replace ProgramStateRef with a smart pointer that more eagerly acts in the role of reclaiming unused ProgramState objects. llvm-svn: 149081
* [analyzer] Rename Store::Retrieve() -> getBinding().Anna Zaks2012-01-121-1/+1
| | | | | | + all the other Retrieve..() methods + a comment for ElementRegion. llvm-svn: 148011
* [analyzer] Make the entries in 'Environment' context-sensitive by making ↵Ted Kremenek2012-01-061-4/+6
| | | | | | | | | | | | | | | | | | entries map from (Stmt*,LocationContext*) pairs to SVals instead of Stmt* to SVals. This is needed to support basic IPA via inlining. Without this, we cannot tell if a Stmt* binding is part of the current analysis scope (StackFrameContext) or part of a parent context. This change introduces an uglification of the use of getSVal(), and thus takes two steps forward and one step back. There are also potential performance implications of enlarging the Environment. Both can be addressed going forward by refactoring the APIs and optimizing the internal representation of Environment. This patch mainly introduces the functionality upon when we want to build upon (and clean up). llvm-svn: 147688
* [analyzer] Make KeychainAPI checker less aggressive. radar://10508828Anna Zaks2011-12-011-3/+5
| | | | | | We trigger an error if free is called after a possibly failed allocation. Do not trigger the error if we know that the buffer is not null. llvm-svn: 145584
* [analyzer] Refactor checkers to use helper function for getting callee Decl ↵Anna Zaks2011-12-011-9/+3
| | | | | | | | and name. We are getting name of the called function or it's declaration in a few checkers. Refactor them to use the helper function in the CheckerContext. llvm-svn: 145576
* [analyzer] Factor getCalleeName to the checker context.Anna Zaks2011-11-161-10/+1
| | | | | | | many checkers are trying to get a name of the callee when visiting a CallExpr, so provide a convenience API. llvm-svn: 144820
* [analyzer] Rename generateNode -> addTransition in CheckerContextAnna Zaks2011-10-261-10/+10
| | | | | | Also document addTransition methods. llvm-svn: 143059
* [analyzer] Simplify CheckerContextAnna Zaks2011-10-251-4/+4
| | | | | | | | | Remove dead members/parameters: ProgramState, respondsToCallback, autoTransition. Remove addTransition method since it's the same as generateNode. Maybe we should rename generateNode to genTransition (since a transition is always automatically generated)? llvm-svn: 142946
* [analyze] Convert EndOfPath callback to use CheckerContextAnna Zaks2011-10-251-8/+6
| | | | | | | | Get rid of the EndOfPathBuilder completely. Use the generic NodeBuilder to generate nodes. Enqueue the end of path frontier explicitly. llvm-svn: 142943
* [analyzer] Refactor: make PathDiagnosticLocation responsible for validation ↵Anna Zaks2011-09-151-1/+2
| | | | | | | | | of SourceLocations (commit 2 of ?): - Modify all PathDiagnosticLocation constructors that take Stmt to also requre LocationContext. - Add a constructor which should be used in case there is no valid statement/location (it will grab the location of the enclosing function). llvm-svn: 139763
* [analyzer] MacOSKeychainAPIChecker: Simplify getSymbolForRegion by using ↵Anna Zaks2011-08-291-7/+3
| | | | | | existing API. Thanks Jordy. llvm-svn: 138765
* Fix: Bug 10798 - [analyzer] Crash when analyzing ICU. (A slight improvement ↵Anna Zaks2011-08-291-1/+1
| | | | | | on the previous commit.) llvm-svn: 138762
* Fix bug 10797: Crash: "cast<Ty>() argument of incompatible type!" assert ↵Anna Zaks2011-08-291-2/+4
| | | | | | | | when analyzing ICU. Patch by Jean-Daniel Dupas. Thanks for spotting and fixing! llvm-svn: 138757
* [analyzer] MacOSKeychainAPIChecker: Cleanup AllocationState structure.Anna Zaks2011-08-251-11/+10
| | | | llvm-svn: 138535
* [analyzer] MacOSKeychainAPIChecker: Add the custom BugReport visitor(which ↵Anna Zaks2011-08-251-11/+16
| | | | | | highlights the allocation site) to all the relevant reports within the checker. llvm-svn: 138531
* [analyzer] Do not use references in std::pair.Anna Zaks2011-08-241-4/+4
| | | | llvm-svn: 138497
* [analyzer] Unbreak the release buildbot.Anna Zaks2011-08-241-2/+1
| | | | llvm-svn: 138493
* [analyzer] MacOSKeychainAPIChecker: Provide reacher diagnostic trace by ↵Anna Zaks2011-08-241-18/+73
| | | | | | pointing to the allocation site when reporting a leak. llvm-svn: 138479
* [analyzer] MacOSKeychainAPIChecker: Add reasoning about functions which ↵Anna Zaks2011-08-241-18/+59
| | | | | | MIGHT deallocate the memory region allocated with SecKeychain APIs. Specifically, when the buffer is passed to CFStringCreateWithBytesNoCopy along with a custom deallocator, which might potentially correctly release the memory. llvm-svn: 138417
* [analyzer] MacOSKeychainAPIChecker: Retrieve the memory region which we are ↵Anna Zaks2011-08-231-2/+8
| | | | | | tracking even when it's no longer a SymbolicRegion, for example, when it is cast to char*. llvm-svn: 138415
* Move creation of the deallocation mismatch report into a separate function ↵Anna Zaks2011-08-231-15/+32
| | | | | | for future reuse. llvm-svn: 138414
* [analyzer] MacOSKeychainAPIChecker: Users of KeyChain API often use free() ↵Anna Zaks2011-08-221-10/+18
| | | | | | to deallocate the password. Catch this error explicitly and generate the error message at the place where free() is called. llvm-svn: 138296
* Remove EnhancedBugReport and RangedBugReport - pull all the extra ↵Anna Zaks2011-08-171-9/+8
| | | | | | functionality they provided into their parent BugReport. The only functional changes are: made getRanges() non const - it adds default range to Ranges if none are supplied, made getStmt() private, which was another FIXME. llvm-svn: 137894
* MacOSKeychainAPIChecker: Do not report double allocation if first allocation ↵Anna Zaks2011-08-161-17/+19
| | | | | | returned an error. llvm-svn: 137720
* MacOSKeychainAPIChecker: The security API/memory leak checker should always ↵Anna Zaks2011-08-151-10/+17
| | | | | | generate regular nodes instead of sink nodes. llvm-svn: 137681
* Rename GRState to ProgramState, and cleanup some code formatting along the way.Ted Kremenek2011-08-151-15/+15
| | | | llvm-svn: 137665
* MacOSKeychainAPIChecker: Use llvm::SmallString instead of std::string (as ↵Anna Zaks2011-08-151-7/+7
| | | | | | per code review for r137523). llvm-svn: 137633
* MacOSKeychainAPIChecker: If the allocated data address entered as an ↵Anna Zaks2011-08-121-0/+5
| | | | | | enclosing function parameter, skip it to avoid false positives. llvm-svn: 137526
* MacOSKeychainAPIChecker: Anna Zaks2011-08-121-38/+150
| | | | | | | | Report errors earlier: on checkDeadSymbols() and clear the state after the symbol we are tracking goes out of scope. Also, perform lazy error checking. Instead of forcing the paths to be split depending one the return value of the allocator, make the return symbol depend on the allocated data symbol, which prolongs its life span to the time when the allocated data symbol becomes dead. llvm-svn: 137523
* MacOSKeychainAPIChecker: There is no need to use SymbolMetadata to represent ↵Anna Zaks2011-08-121-44/+70
| | | | | | | | the allocated data symbol, we can just use the symbol corresponding to the SymbolicRegion. This simplifies tracking of the symbol, for example, SymbolMetadata needs to go through extra hoops to stay alive. Make AllocationState internal to the MacOSKeychainAPIChecker class. llvm-svn: 137514
* KeychainAPI checker: Track SymbolMetadata instead of MemRegion in checker ↵Anna Zaks2011-08-051-15/+33
| | | | | | state so that we could clear the state on evalDeadSymbols; also track the return value. llvm-svn: 137003
* KeychainAPI checker: Generate an error on double allocation. Pull out ↵Anna Zaks2011-08-051-12/+47
| | | | | | getAsPointeeMemoryRegion so that it could be reused. llvm-svn: 136952
* KeychainAPI checker: Track additional pair of SecKeychain APIs. Also, keep ↵Anna Zaks2011-08-041-14/+45
| | | | | | exploring the transition on which a call to allocator function failed (to be able to find errors in examples like ErrorCodesFromDifferentAPISDoNotInterfere). llvm-svn: 136930
* KeychainAPI checker: Refactor to make it easier to add more ↵Anna Zaks2011-08-041-36/+67
| | | | | | allocator/deallocator API pairs. Add the allocator function ID to the checker state. Better comments. llvm-svn: 136889
* KeychainAPI checker: refactor to use early exit.Anna Zaks2011-08-041-50/+52
| | | | llvm-svn: 136852
* KeychainAPI checker: Add basic diagnostics. Track MemoryRegion istead of ↵Anna Zaks2011-08-041-16/+80
| | | | | | SymbolicRef since the address might not be a symbolic value in some cases, for example in fooOnlyFree() test. llvm-svn: 136851
* KeychainAPI checker: only check the paths on which the allocator function ↵Anna Zaks2011-08-021-1/+12
| | | | | | returned noErr. (+ minor cleanup) llvm-svn: 136694
* Add a skeleton for the Keychain Services API Checker. Register it as OSX ↵Anna Zaks2011-08-011-0/+160
experimental for now. Note, the checker still does not handle tracking of escaped values, taking into account the return value of the allocator functions, nor the actual bug reporting.. llvm-svn: 136659
OpenPOWER on IntegriCloud