Fix a crash in MallocOverflowSecurityChecker. Patch by Lei Zhang.

author Anna Zaks <ganna@apple.com>

Tue, 27 Sep 2011 22:25:01 +0000 (22:25 +0000)

committer Anna Zaks <ganna@apple.com>

Tue, 27 Sep 2011 22:25:01 +0000 (22:25 +0000)
author Anna Zaks <ganna@apple.com>
Tue, 27 Sep 2011 22:25:01 +0000 (22:25 +0000)
committer Anna Zaks <ganna@apple.com>
Tue, 27 Sep 2011 22:25:01 +0000 (22:25 +0000)
diff --git a/lib/StaticAnalyzer/Checkers/MallocOverflowSecurityChecker.cpp b/lib/StaticAnalyzer/Checkers/MallocOverflowSecurityChecker.cpp

index 983252c77109c2a07e09ef35a6b3934a9df8e350..0f6b621bf7c35a696de7427cf121b8ddb056b026 100644 (file)
--- a/lib/StaticAnalyzer/Checkers/MallocOverflowSecurityChecker.cpp
+++ b/lib/StaticAnalyzer/Checkers/MallocOverflowSecurityChecker.cpp
@@ -244,6 +244,8 @@ void MallocOverflowSecurityChecker::checkASTCodeBody(const Decl *D,
  
            // Get the name of the callee. If it's a builtin, strip off the prefix.
            IdentifierInfo *FnInfo = FD->getIdentifier();
+          if (!FnInfo)
+            return;
  
            if (FnInfo->isStr ("malloc") || FnInfo->isStr ("_MALLOC")) {
              if (TheCall->getNumArgs() == 1)
diff --git a/test/Analysis/malloc-overflow.cpp b/test/Analysis/malloc-overflow.cpp

new file mode 100644 (file)

index 0000000..c1ac6be
--- /dev/null
+++ b/test/Analysis/malloc-overflow.cpp
@@ -0,0 +1,11 @@
+// RUN: %clang_cc1 -analyze -analyzer-checker=experimental.security.MallocOverflow -verify %s
+
+class A {
+public:
+  A& operator<<(const A &a);
+};
+
+void f() {
+  A a = A(), b = A();
+  a << b;
+}
author	Anna Zaks <ganna@apple.com>
	Tue, 27 Sep 2011 22:25:01 +0000 (22:25 +0000)
committer	Anna Zaks <ganna@apple.com>
	Tue, 27 Sep 2011 22:25:01 +0000 (22:25 +0000)
lib/StaticAnalyzer/Checkers/MallocOverflowSecurityChecker.cpp		patch \| blob \| history
test/Analysis/malloc-overflow.cpp	[new file with mode: 0644]	patch \| blob