NoQ accepted this revision.
NoQ added a comment.
This revision is now accepted and ready to land.
I've been thinking if we could de-duplicate this whole set of branches that
computes the return value so that we didn't have to fix every bug twice. Maybe
move it to an auxiliary function.
================
Comment at: lib/StaticAnalyzer/Checkers/CStringChecker.cpp:1795
// copied element, or a pointer to the start of the destination buffer.
Result = (returnEnd ? UnknownVal() : DstVal);
} else {
----------------
Do we need to consider `returnEnd` on the short path as well?
================
Comment at: lib/StaticAnalyzer/Checkers/CStringChecker.cpp:1869-1875
if (returnPtr) {
// If this is a stpcpy-style copy, but we were unable to check for a buffer
// overflow, we still need a result. Conjure a return value.
if (returnEnd && Result.isUnknown()) {
Result = svalBuilder.conjureSymbolVal(nullptr, CE, LCtx, C.blockCount());
}
}
----------------
Do we need to do that on the short path as well?
Repository:
rC Clang
https://reviews.llvm.org/D47007
_______________________________________________
cfe-commits mailing list
[email protected]
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
