From: Ted Kremenek Date: Tue, 28 Aug 2007 17:02:55 +0000 (+0000) Subject: Fixed return-of-stack-address checker to correctly handle stack/global X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=e8c600f9fedf2cfd69cdd2cb4bde4a9b39ce2873;p=clang Fixed return-of-stack-address checker to correctly handle stack/global variables that have a pointer type, or arrays that contain pointers. This fixes a crash on the following code: int *h[3]; int **foo(int i) { return &(h[i]); } This bug was reported by Keith Bauer (thanks!). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@41546 91177308-0d34-0410-b5e6-96231b3b80d8 --- diff --git a/Sema/SemaChecking.cpp b/Sema/SemaChecking.cpp index c027fa794c..5569f48653 100644 --- a/Sema/SemaChecking.cpp +++ b/Sema/SemaChecking.cpp @@ -427,8 +427,8 @@ Sema::CheckReturnStackAddr(Expr *RetValExp, QualType lhsType, /// of a stack variable or (2) is something we cannot determine leads to /// the address of a stack variable based on such local checking. /// -/// EvalAddr processes expressions that are pointers, and EvalVal handles -/// expressions that are rvalues or variable references. +/// EvalAddr processes expressions that are pointers that are used as +/// references (and not L-values). EvalVal handles all other values. /// At the base case of the recursion is a check for a DeclRefExpr* in /// the refers to a stack variable. /// @@ -550,9 +550,10 @@ static DeclRefExpr* EvalAddr(Expr *E) { /// See the comments for EvalAddr for more details. static DeclRefExpr* EvalVal(Expr *E) { - // We should only be called for evaluating non-pointer expressions. - assert (!E->getType()->isPointerType() && "EvalVal doesn't work on pointers"); - + // We should only be called for evaluating non-pointer expressions, or + // expressions with a pointer type that are not used as references but instead + // are l-values (e.g., DeclRefExpr with a pointer type). + // Our "symbolic interpreter" is just a dispatch off the currently // viewed AST node. We then recursively traverse the AST by calling // EvalAddr and EvalVal appropriately.