File: issue-55019.cpp

package info (click to toggle)

llvm-toolchain-19 1%3A19.1.7-3

links: PTS, VCS
area: main
in suites: forky, sid, trixie
size: 1,998,520 kB
sloc: cpp: 6,951,680; ansic: 1,486,157; asm: 913,598; python: 232,024; f90: 80,126; objc: 75,281; lisp: 37,276; pascal: 16,990; sh: 10,009; ml: 5,058; perl: 4,724; awk: 3,523; makefile: 3,167; javascript: 2,504; xml: 892; fortran: 664; cs: 573

file content (89 lines) | stat: -rw-r--r-- 2,722 bytes

parent folder | download | duplicates (10)

// Refer issue 55019 for more details.
// A supplemental test case of pr22954.c for other functions modeled in
// the CStringChecker.

// RUN: %clang_analyze_cc1 %s -verify \
// RUN:   -analyzer-checker=core \
// RUN:   -analyzer-checker=unix \
// RUN:   -analyzer-checker=debug.ExprInspection

#include "Inputs/system-header-simulator.h"
#include "Inputs/system-header-simulator-cxx.h"

void *malloc(size_t);
void free(void *);

struct mystruct {
  void *ptr;
  char arr[4];
};

void clang_analyzer_dump(const void *);

// CStringChecker::memsetAux
void fmemset() {
  mystruct x;
  x.ptr = malloc(1);
  clang_analyzer_dump(x.ptr); // expected-warning {{HeapSymRegion}}
  memset(x.arr, 0, sizeof(x.arr));
  clang_analyzer_dump(x.ptr); // expected-warning {{HeapSymRegion}}
  free(x.ptr);                // no-leak-warning
}

// CStringChecker::evalCopyCommon
void fmemcpy() {
  mystruct x;
  x.ptr = malloc(1);
  clang_analyzer_dump(x.ptr); // expected-warning {{HeapSymRegion}}
  memcpy(x.arr, "hi", 2);
  clang_analyzer_dump(x.ptr); // expected-warning {{HeapSymRegion}}
  free(x.ptr);                // no-leak-warning
}

// CStringChecker::evalStrcpyCommon
void fstrcpy() {
  mystruct x;
  x.ptr = malloc(1);
  clang_analyzer_dump(x.ptr); // expected-warning {{HeapSymRegion}}
  strcpy(x.arr, "hi");
  clang_analyzer_dump(x.ptr); // expected-warning {{HeapSymRegion}}
  free(x.ptr);                // no-leak-warning
}

void fstrncpy() {
  mystruct x;
  x.ptr = malloc(1);
  clang_analyzer_dump(x.ptr); // expected-warning {{HeapSymRegion}}
  strncpy(x.arr, "hi", sizeof(x.arr));
  clang_analyzer_dump(x.ptr); // expected-warning {{HeapSymRegion}}
  free(x.ptr);                // no-leak-warning
}

// CStringChecker::evalStrsep
void fstrsep() {
  mystruct x;
  x.ptr = malloc(1);
  clang_analyzer_dump(x.ptr); // expected-warning {{HeapSymRegion}}
  char *p = x.arr;
  (void)strsep(&p, "x");
  clang_analyzer_dump(x.ptr); // expected-warning {{HeapSymRegion}}
  free(x.ptr);                // no-leak-warning
}

// CStringChecker::evalStdCopyCommon
void fstdcopy() {
  mystruct x;
  x.ptr = new char;
  clang_analyzer_dump(x.ptr); // expected-warning {{HeapSymRegion}}

  const char *p = "x";
  std::copy(p, p + 1, x.arr);

  // FIXME: As we currently cannot know whether the copy overflows, the checker
  // invalidates the entire `x` object. When the copy size through iterators
  // can be correctly modeled, we can then update the verify direction from
  // SymRegion to HeapSymRegion as this std::copy call never overflows and
  // hence the pointer `x.ptr` shall not be invalidated.
  clang_analyzer_dump(x.ptr);       // expected-warning {{SymRegion}}
  delete static_cast<char*>(x.ptr); // no-leak-warning
}