// If the size is zero, there won't be any actual memory access, so
// just bind the return value to the destination buffer and return.
if (stateZeroSize) {
+ stateZeroSize = stateZeroSize->BindExpr(CE, destVal);
C.addTransition(stateZeroSize);
- if (IsMempcpy)
- state->BindExpr(CE, destVal);
- else
- state->BindExpr(CE, sizeVal);
- return;
}
// If the size can be nonzero, we have to check the other arguments.
if (stateNonZeroSize) {
+ state = stateNonZeroSize;
// Ensure the destination is not null. If it is NULL there will be a
// NULL pointer dereference.
memcpy(a, 0, 0); // no-warning
}
+void memcpy_unknown_size (size_t n) {
+ char a[4], b[4] = {1};
+ if (memcpy(a, b, n) != a)
+ (void)*(char*)0; // no-warning
+}
+
+void memcpy_unknown_size_warn (size_t n) {
+ char a[4];
+ if (memcpy(a, 0, n) != a) // expected-warning{{Null pointer argument in call to byte string function}}
+ (void)*(char*)0; // no-warning
+}
+
//===----------------------------------------------------------------------===
// mempcpy()
//===----------------------------------------------------------------------===
mempcpy(a, 0, 0); // no-warning
}
+void mempcpy_unknown_size_warn (size_t n) {
+ char a[4];
+ if (mempcpy(a, 0, n) != a) // expected-warning{{Null pointer argument in call to byte string function}}
+ (void)*(char*)0; // no-warning
+}
+
//===----------------------------------------------------------------------===
// memmove()
//===----------------------------------------------------------------------===
projects / clang / commitdiff