llvmbot wrote:
<!--LLVM PR SUMMARY COMMENT--> @llvm/pr-subscribers-clang Author: None (guillem-bartrina-sonarsource) <details> <summary>Changes</summary> https://github.com/llvm/llvm-project/blob/main/clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp#L675-L678 mistakenly assumes that target expressions are of pointer type. `CheckOverlap` has multiple call sites, most of which do not verify this assumption. Therefore, the simplest solution is to verify it just before that point. --- Full diff: https://github.com/llvm/llvm-project/pull/160511.diff 2 Files Affected: - (modified) clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp (+4) - (modified) clang/test/Analysis/buffer-overlap.c (+16) ``````````diff diff --git a/clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp index 36f316df0c3ff..0ae784c000f60 100644 --- a/clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp +++ b/clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp @@ -672,6 +672,10 @@ ProgramStateRef CStringChecker::CheckOverlap(CheckerContext &C, ProgramStateRef stateTrue, stateFalse; + if (!First.Expression->getType()->isAnyPointerType() || + !Second.Expression->getType()->isAnyPointerType()) + return state; + // Assume different address spaces cannot overlap. if (First.Expression->getType()->getPointeeType().getAddressSpace() != Second.Expression->getType()->getPointeeType().getAddressSpace()) diff --git a/clang/test/Analysis/buffer-overlap.c b/clang/test/Analysis/buffer-overlap.c index 8414a764541e2..f3bd49b8b9ca0 100644 --- a/clang/test/Analysis/buffer-overlap.c +++ b/clang/test/Analysis/buffer-overlap.c @@ -96,3 +96,19 @@ void test_snprintf6() { char b[4] = {0}; snprintf(a, sizeof(a), "%s", b); // no-warning } + + +void memcpy(int dst, int src, size_t size); // expected-warning{{incompatible redeclaration of library function 'memcpy'}} expected-note{{'memcpy' is a builtin with type 'void *(void *, const void *, __size_t)' (aka 'void *(void *, const void *, unsigned long)')}} +void test_memcpy_proxy() { + memcpy(42, 42, 42); +} + +void strcpy(int dst, char *src); // expected-warning{{incompatible redeclaration of library function 'strcpy'}} expected-note{{'strcpy' is a builtin with type 'char *(char *, const char *)'}} +void test_strcpy_proxy() { + strcpy(42, (char *)42); +} + +void strxfrm(int dst, char *src, size_t size); // expected-warning{{incompatible redeclaration of library function 'strxfrm'}} expected-note{{'strxfrm' is a builtin with type '__size_t (char *, const char *, __size_t)' (aka 'unsigned long (char *, const char *, unsigned long)')}} +void test_strxfrm_proxy() { + strxfrm(42, (char *)42, 42); +} `````````` </details> https://github.com/llvm/llvm-project/pull/160511 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
