return ValMgr.makeIntVal(CAT->getSize(), false);
}
- // Clients can use ordinary variables as if they were arrays. These
- // essentially are arrays of size 1.
- return ValMgr.makeIntVal(1, false);
+ // Clients can reinterpret ordinary variables as arrays, possibly of
+ // another type. The width is rounded down to ensure that an access is
+ // entirely within bounds.
+ CharUnits VarSize = getContext().getTypeSizeInChars(T);
+ CharUnits EleSize = getContext().getTypeSizeInChars(EleTy);
+ return ValMgr.makeIntVal(VarSize / EleSize, false);
}
}
// RUN: %clang_cc1 -analyzer-check-objc-mem -analyze -analyzer-experimental-internal-checks -analyzer-store=basic -verify %s
// RUN: %clang_cc1 -analyzer-check-objc-mem -analyze -analyzer-experimental-internal-checks -analyzer-store=region -verify %s
-// XFAIL: *
//===----------------------------------------------------------------------===//
// This file tests cases where we should not flag out-of-bounds warnings.
long x = 0;
char *y = (char*) &x;
char c = y[0] + y[1] + y[2]; // no-warning
+ short *z = (short*) &x;
+ short s = z[0] + z[1]; // no-warning
}
int *p = malloc(12);
p[3] = 4; // expected-warning{{Access out-of-bound array element (buffer overflow)}}
}
+
+struct three_words {
+ int c[3];
+};
+
+struct seven_words {
+ int c[7];
+};
+
+void f3() {
+ struct three_words a, *p;
+ p = &a;
+ p[0] = a; // no-warning
+ p[1] = a; // expected-warning{{Access out-of-bound array element (buffer overflow)}}
+}
+
+void f4() {
+ struct seven_words c;
+ struct three_words a, *p = (struct three_words *)&c;
+ p[0] = a; // no-warning
+ p[1] = a; // no-warning
+ p[2] = a; // expected-warning{{Access out-of-bound array element (buffer overflow)}}
+}
projects / clang / commitdiff