From: Anna Zaks <ganna@apple.com>
Date: Mon, 28 Nov 2011 20:43:40 +0000 (+0000)
Subject: [analyzer] Add more simple taint tests.
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=3881c6907e3a18dca7878e06ef915e64021156b0;p=clang

[analyzer] Add more simple taint tests.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@145275 91177308-0d34-0410-b5e6-96231b3b80d8
---

diff --git a/test/Analysis/taint-generic.c b/test/Analysis/taint-generic.c
index 54229937d1..eeec8869b0 100644
--- a/test/Analysis/taint-generic.c
+++ b/test/Analysis/taint-generic.c
@@ -6,7 +6,7 @@ int getchar(void);
 #define BUFSIZE 10
 
 int Buffer[BUFSIZE];
-void bufferFoo1(void)
+void bufferScanfDirect(void)
 {
   int n;
   scanf("%d", &n);
@@ -23,11 +23,26 @@ void bufferScanfArithmetic1(int x) {
 void bufferScanfArithmetic2(int x) {
   int n;
   scanf("%d", &n);
-  int m = (n + 3) * x;
+  int m = 100 / (n + 3) * x;
   Buffer[m] = 1; // expected-warning {{Out of bound memory access }}
 }
 
+void bufferScanfAssignment(int x) {
+  int n;
+  scanf("%d", &n);
+  int m;
+  if (x > 0) {
+    m = n;
+    Buffer[m] = 1; // expected-warning {{Out of bound memory access }}
+  }
+}
+
 void scanfArg() {
   int t;
   scanf("%d", t); // expected-warning {{Pointer argument is expected}}
 }
+
+void bufferGetchar(int x) {
+  int m = getchar();
+  Buffer[m] = 1;  //expected-warning {{Out of bound memory access }}
+}