From: Ted Kremenek Date: Mon, 17 Mar 2008 22:17:56 +0000 (+0000) Subject: Fix integer overflow bug when processing switch statements. X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=14a1140c9f4e20b12a54db8745b74699b9872cd2;p=clang Fix integer overflow bug when processing switch statements. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@48469 91177308-0d34-0410-b5e6-96231b3b80d8 --- diff --git a/lib/Analysis/GRExprEngine.cpp b/lib/Analysis/GRExprEngine.cpp index d27c41c4ef..08c7113cab 100644 --- a/lib/Analysis/GRExprEngine.cpp +++ b/lib/Analysis/GRExprEngine.cpp @@ -288,13 +288,14 @@ void GRExprEngine::ProcessSwitch(SwitchNodeBuilder& builder) { assert (V1 <= V2); } - else V2 = V1; + else + V2 = V1; // FIXME: Eventually we should replace the logic below with a range // comparison, rather than concretize the values within the range. // This should be easy once we have "ranges" for NonLVals. - do { + do { nonlval::ConcreteInt CaseVal(BasicVals.getValue(V1)); RVal Res = EvalBinOp(BinaryOperator::EQ, CondV, CaseVal); @@ -323,10 +324,14 @@ void GRExprEngine::ProcessSwitch(SwitchNodeBuilder& builder) { if (isFeasible) DefaultSt = StNew; - // Concretize the next value in the range. + // Concretize the next value in the range. + if (V1 == V2) + break; + ++V1; + assert (V1 < V2); - } while (V1 < V2); + } while (true); } // If we reach here, than we know that the default branch is