https://github.com/guillem-bartrina-sonarsource updated
https://github.com/llvm/llvm-project/pull/160511
>From 6cba4d49309ee7b4c920384de010d948e92d35cc Mon Sep 17 00:00:00 2001
From: guillem-bartrina-sonarsource <guillem.bartr...@sonarsource.com>
Date: Wed, 24 Sep 2025 12:29:07 +0200
Subject: [PATCH 1/3] [analyzer] CStringChecker: bail out when arguments of
copy function are not pointers
---
.../StaticAnalyzer/Checkers/CStringChecker.cpp | 4 ++++
clang/test/Analysis/buffer-overlap.c | 16 ++++++++++++++++
2 files changed, 20 insertions(+)
diff --git a/clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp
b/clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp
index 36f316df0c3ff..0ae784c000f60 100644
--- a/clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp
+++ b/clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp
@@ -672,6 +672,10 @@ ProgramStateRef
CStringChecker::CheckOverlap(CheckerContext &C,
ProgramStateRef stateTrue, stateFalse;
+ if (!First.Expression->getType()->isAnyPointerType() ||
+ !Second.Expression->getType()->isAnyPointerType())
+ return state;
+
// Assume different address spaces cannot overlap.
if (First.Expression->getType()->getPointeeType().getAddressSpace() !=
Second.Expression->getType()->getPointeeType().getAddressSpace())
diff --git a/clang/test/Analysis/buffer-overlap.c
b/clang/test/Analysis/buffer-overlap.c
index 8414a764541e2..f3bd49b8b9ca0 100644
--- a/clang/test/Analysis/buffer-overlap.c
+++ b/clang/test/Analysis/buffer-overlap.c
@@ -96,3 +96,19 @@ void test_snprintf6() {
char b[4] = {0};
snprintf(a, sizeof(a), "%s", b); // no-warning
}
+
+
+void memcpy(int dst, int src, size_t size); // expected-warning{{incompatible
redeclaration of library function 'memcpy'}} expected-note{{'memcpy' is a
builtin with type 'void *(void *, const void *, __size_t)' (aka 'void *(void *,
const void *, unsigned long)')}}
+void test_memcpy_proxy() {
+ memcpy(42, 42, 42);
+}
+
+void strcpy(int dst, char *src); // expected-warning{{incompatible
redeclaration of library function 'strcpy'}} expected-note{{'strcpy' is a
builtin with type 'char *(char *, const char *)'}}
+void test_strcpy_proxy() {
+ strcpy(42, (char *)42);
+}
+
+void strxfrm(int dst, char *src, size_t size); //
expected-warning{{incompatible redeclaration of library function 'strxfrm'}}
expected-note{{'strxfrm' is a builtin with type '__size_t (char *, const char
*, __size_t)' (aka 'unsigned long (char *, const char *, unsigned long)')}}
+void test_strxfrm_proxy() {
+ strxfrm(42, (char *)42, 42);
+}
>From 7b314273b2414d6f255add38779f3957274a11a6 Mon Sep 17 00:00:00 2001
From: guillem-bartrina-sonarsource <guillem.bartr...@sonarsource.com>
Date: Thu, 25 Sep 2025 21:28:02 +0200
Subject: [PATCH 2/3] Apply test improvements
---
clang/test/Analysis/buffer-overlap-alt.c | 23 +++++++++++++++++++++++
clang/test/Analysis/buffer-overlap.c | 16 ----------------
2 files changed, 23 insertions(+), 16 deletions(-)
create mode 100644 clang/test/Analysis/buffer-overlap-alt.c
diff --git a/clang/test/Analysis/buffer-overlap-alt.c
b/clang/test/Analysis/buffer-overlap-alt.c
new file mode 100644
index 0000000000000..4830f4e9691d8
--- /dev/null
+++ b/clang/test/Analysis/buffer-overlap-alt.c
@@ -0,0 +1,23 @@
+// RUN: %clang_analyze_cc1 -verify %s -Wno-incompatible-library-redeclaration \
+// RUN: -analyzer-checker=alpha.unix.cstring.BufferOverlap
+// expected-no-diagnostics
+
+typedef typeof(sizeof(int)) size_t;
+
+void memcpy(int dst, int src, size_t size);
+
+void test_memcpy_proxy() {
+ memcpy(42, 42, 42); // no-crash
+}
+
+void strcpy(int dst, char *src);
+
+void test_strcpy_proxy() {
+ strcpy(42, (char *)42); // no-crash
+}
+
+void strxfrm(int dst, char *src, size_t size);
+
+void test_strxfrm_proxy() {
+ strxfrm(42, (char *)42, 42); // no-crash
+}
diff --git a/clang/test/Analysis/buffer-overlap.c
b/clang/test/Analysis/buffer-overlap.c
index f3bd49b8b9ca0..8414a764541e2 100644
--- a/clang/test/Analysis/buffer-overlap.c
+++ b/clang/test/Analysis/buffer-overlap.c
@@ -96,19 +96,3 @@ void test_snprintf6() {
char b[4] = {0};
snprintf(a, sizeof(a), "%s", b); // no-warning
}
-
-
-void memcpy(int dst, int src, size_t size); // expected-warning{{incompatible
redeclaration of library function 'memcpy'}} expected-note{{'memcpy' is a
builtin with type 'void *(void *, const void *, __size_t)' (aka 'void *(void *,
const void *, unsigned long)')}}
-void test_memcpy_proxy() {
- memcpy(42, 42, 42);
-}
-
-void strcpy(int dst, char *src); // expected-warning{{incompatible
redeclaration of library function 'strcpy'}} expected-note{{'strcpy' is a
builtin with type 'char *(char *, const char *)'}}
-void test_strcpy_proxy() {
- strcpy(42, (char *)42);
-}
-
-void strxfrm(int dst, char *src, size_t size); //
expected-warning{{incompatible redeclaration of library function 'strxfrm'}}
expected-note{{'strxfrm' is a builtin with type '__size_t (char *, const char
*, __size_t)' (aka 'unsigned long (char *, const char *, unsigned long)')}}
-void test_strxfrm_proxy() {
- strxfrm(42, (char *)42, 42);
-}
>From aabc2f7a311fee459ce73052855771195420aa6b Mon Sep 17 00:00:00 2001
From: guillem-bartrina-sonarsource <guillem.bartr...@sonarsource.com>
Date: Thu, 25 Sep 2025 21:39:08 +0200
Subject: [PATCH 3/3] Add esoteric test
---
clang/test/Analysis/buffer-overlap.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/clang/test/Analysis/buffer-overlap.c
b/clang/test/Analysis/buffer-overlap.c
index 8414a764541e2..defb17a62ae0b 100644
--- a/clang/test/Analysis/buffer-overlap.c
+++ b/clang/test/Analysis/buffer-overlap.c
@@ -96,3 +96,10 @@ void test_snprintf6() {
char b[4] = {0};
snprintf(a, sizeof(a), "%s", b); // no-warning
}
+
+void* memcpy(void* dest, const void* src, size_t count);
+
+void test_memcpy_esoteric() {
+label:
+ memcpy((char *)&&label, (const char *)memcpy, 1);
+}
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
