[analyzer] Add FIXMEs for alpha.unix.cstring.OutOfBounds false positives.

Caused by incorrect strlcat() modeling in r332303,
cf. https://bugs.llvm.org/show_bug.cgi?id=37687#c8

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@359237 91177308-0d34-0410-b5e6-96231b3b80d8

diff --git a/lib/StaticAnalyzer/Checkers/CStringChecker.cpp b/lib/StaticAnalyzer/Checkers/CStringChecker.cpp
index fe11e54883b2a31b7f02735baad79ca2fb520b48..73a5d58d9eeabeec8ea50ad425cac0bfd1f410d9 100644 (file)
--- a/lib/StaticAnalyzer/Checkers/CStringChecker.cpp
+++ b/lib/StaticAnalyzer/Checkers/CStringChecker.cpp
@@ -1528,6 +1528,10 @@ void CStringChecker::evalStrlcat(CheckerContext &C, const CallExpr *CE) const {
   if (CE->getNumArgs() < 3)
     return;
 
+  // FIXME: strlcat() uses a different rule for bound checking, i.e. 'n' means
+  // a different thing as compared to strncat(). This currently causes
+  // false positives in the alpha string bound checker.
+
   //char *strlcat(char *s1, const char *s2, size_t n);
   evalStrcpyCommon(C, CE,
                    /* returnEnd = */ false,

diff --git a/test/Analysis/bsd-string.c b/test/Analysis/bsd-string.c
index bca42ca8964343cd8af1772da3867e87587d93fc..4fbfd48ad8aeff2ee99050d1b0728a8e05d9f107 100644 (file)
--- a/test/Analysis/bsd-string.c
+++ b/test/Analysis/bsd-string.c
@@ -15,6 +15,7 @@ void f1() {
 void f2() {
   char buf[5];
   strlcpy(buf, "abcd", sizeof(buf)); // expected-no-warning
+  // FIXME: This should not warn. The string is safely truncated.
   strlcat(buf, "efgh", sizeof(buf)); // expected-warning{{Size argument is greater than the free space in the destination buffer}}
 }