intel/llvm
1
0
Fork 0
mirror of https://github.com/intel/llvm.git synced 2026-01-26 12:26:52 +08:00
Code Issues Packages Projects Releases Wiki Activity

[analyzer] Fix a false positive in the CFArrayCreate check that surfaces

Browse Source 
the the code like this (due to x and &x being the same value but
different size):

void* x[] = { ptr1, ptr2, ptr3 };
CFArrayCreate(NULL, (const void **) &x, count, NULL);

llvm-svn: 149579
This commit is contained in:
Anna Zaks
2012-02-02 01:30:08 +00:00
parent 84f6dcf2b5
commit 699f55b98c
2 changed files with 29 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
clang/lib/StaticAnalyzer/Checkers/ObjCContainersASTChecker.cpp
View File

@@ -48,8 +48,17 @@ class WalkAST : public StmtVisitor<WalkAST> {
// The type could be either a pointer or array.
const Type *TP = T.getTypePtr();
QualType PointeeT = TP->getPointeeType();
if (!PointeeT.isNull())
if (!PointeeT.isNull()) {
// If the type is a pointer to an array, check the size of the array
// elements. To avoid false positives coming from assumption that the
// values x and &x are equal when x is an array.
if (const Type *TElem = PointeeT->getArrayElementTypeNoTypeQual())
if (isPointerSize(TElem))
return true;
// Else, check the pointee size.
return isPointerSize(PointeeT.getTypePtr());
}
if (const Type *TElem = TP->getArrayElementTypeNoTypeQual())
return isPointerSize(TElem);

19
clang/test/Analysis/CFContainers.mm
View File

@@ -164,3 +164,22 @@ void TestGetCount(CFArrayRef A, CFIndex sIndex, CFIndex badIndex) {
const void *s1 = CFArrayGetValueAtIndex(A, sIndex);
const void *s2 = CFArrayGetValueAtIndex(A, sCount);// expected-warning {{Index is out of bounds}}
}
typedef void* XX[3];
void TestPointerToArray(int *elems, void *p1, void *p2, void *p3, unsigned count, void* fn[], char cp[]) {
void* x[] = { p1, p2, p3 };
CFArrayCreate(0, (const void **) &x, count, 0); // no warning
void* y[] = { p1, p2, p3 };
CFArrayCreate(0, (const void **) y, count, 0); // no warning
XX *z = &x;
CFArrayCreate(0, (const void **) z, count, 0); // no warning
CFArrayCreate(0, (const void **) &fn, count, 0); // false negative
CFArrayCreate(0, (const void **) fn, count, 0); // no warning
CFArrayCreate(0, (const void **) cp, count, 0); // expected-warning {{The first argument to 'CFArrayCreate' must be a C array of pointer-sized}}
char cc[] = { 0, 2, 3 };
CFArrayCreate(0, (const void **) &cc, count, 0); // expected-warning {{The first argument to 'CFArrayCreate' must be a C array of pointer-sized}}
CFArrayCreate(0, (const void **) cc, count, 0); // expected-warning {{The first argument to 'CFArrayCreate' must be a C array of pointer-sized}}
}