From: Anna Zaks Date: Fri, 17 Feb 2012 22:35:31 +0000 (+0000) Subject: [analyzer] Fix another false positive in the Malloc Checker, by making X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=f0dfc9c0f29fd82552896558c04043731d30b851;p=clang [analyzer] Fix another false positive in the Malloc Checker, by making it aware of CString APIs that return the input parameter. Malloc Checker needs to know how the 'strcpy' function is evaluated. Introduce the dependency on CStringChecker for that. CStringChecker knows all about these APIs. Addresses radar://10864450 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150846 91177308-0d34-0410-b5e6-96231b3b80d8 --- diff --git a/lib/StaticAnalyzer/Checkers/CStringChecker.cpp b/lib/StaticAnalyzer/Checkers/CStringChecker.cpp index 5ca813bcfd..eab7e89071 100644 --- a/lib/StaticAnalyzer/Checkers/CStringChecker.cpp +++ b/lib/StaticAnalyzer/Checkers/CStringChecker.cpp @@ -13,6 +13,7 @@ //===----------------------------------------------------------------------===// #include "ClangSACheckers.h" +#include "InterCheckerAPI.h" #include "clang/StaticAnalyzer/Core/Checker.h" #include "clang/StaticAnalyzer/Core/CheckerManager.h" #include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h" @@ -1924,3 +1925,7 @@ REGISTER_CHECKER(CStringNullArg) REGISTER_CHECKER(CStringOutOfBounds) REGISTER_CHECKER(CStringBufferOverlap) REGISTER_CHECKER(CStringNotNullTerm) + +void ento::registerCStringCheckerBasic(CheckerManager &Mgr) { + registerCStringNullArg(Mgr); +} diff --git a/lib/StaticAnalyzer/Checkers/InterCheckerAPI.h b/lib/StaticAnalyzer/Checkers/InterCheckerAPI.h new file mode 100644 index 0000000000..e35557f24b --- /dev/null +++ b/lib/StaticAnalyzer/Checkers/InterCheckerAPI.h @@ -0,0 +1,22 @@ +//==--- InterCheckerAPI.h ---------------------------------------*- C++ -*-==// +// +// The LLVM Compiler Infrastructure +// +// This file is distributed under the University of Illinois Open Source +// License. See LICENSE.TXT for details. +// +//===----------------------------------------------------------------------===// +// This file allows introduction of checker dependencies. It contains APIs for +// inter-checker communications. +//===----------------------------------------------------------------------===// + +#ifndef INTERCHECKERAPI_H_ +#define INTERCHECKERAPI_H_ +namespace clang { +namespace ento { + +/// Register the checker which evaluates CString API calls. +void registerCStringCheckerBasic(CheckerManager &Mgr); + +}} +#endif /* INTERCHECKERAPI_H_ */ diff --git a/lib/StaticAnalyzer/Checkers/MallocChecker.cpp b/lib/StaticAnalyzer/Checkers/MallocChecker.cpp index 1489aab320..38044d1aa9 100644 --- a/lib/StaticAnalyzer/Checkers/MallocChecker.cpp +++ b/lib/StaticAnalyzer/Checkers/MallocChecker.cpp @@ -13,6 +13,7 @@ //===----------------------------------------------------------------------===// #include "ClangSACheckers.h" +#include "InterCheckerAPI.h" #include "clang/StaticAnalyzer/Core/Checker.h" #include "clang/StaticAnalyzer/Core/CheckerManager.h" #include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h" @@ -1130,6 +1131,7 @@ MallocChecker::MallocBugVisitor::VisitNode(const ExplodedNode *N, #define REGISTER_CHECKER(name) \ void ento::register##name(CheckerManager &mgr) {\ + registerCStringCheckerBasic(mgr); \ mgr.registerChecker()->Filter.C##name = true;\ } diff --git a/test/Analysis/malloc.c b/test/Analysis/malloc.c index f475fee1b4..09f38e5a28 100644 --- a/test/Analysis/malloc.c +++ b/test/Analysis/malloc.c @@ -594,6 +594,26 @@ void doNotInvalidateWhenPassedToSystemCalls(char *s) { strcpy(p, s); // expected-warning {{leak}} } +// Rely on the CString checker evaluation of the strcpy API to convey that the result of strcpy is equal to p. +void symbolLostWithStrcpy(char *s) { + char *p = malloc(12); + p = strcpy(p, s); + free(p); +} + + +// The same test as the one above, but with what is actually generated on a mac. +static __inline char * +__inline_strcpy_chk (char *restrict __dest, const char *restrict __src) +{ + return __builtin___strcpy_chk (__dest, __src, __builtin_object_size (__dest, 2 > 1)); +} + +void symbolLostWithStrcpy_InlineStrcpyVersion(char *s) { + char *p = malloc(12); + p = ((__builtin_object_size (p, 0) != (size_t) -1) ? __builtin___strcpy_chk (p, s, __builtin_object_size (p, 2 > 1)) : __inline_strcpy_chk (p, s)); + free(p); +} // Below are the known false positives. // TODO: There should be no warning here. This one might be difficult to get rid of. @@ -627,13 +647,6 @@ static void *specialMalloc(int n){ return p;// expected-warning {{Memory is never released; potential memory leak}} } -// TODO: This is a false positve that should be fixed by making CString checker smarter. -void symbolLostWithStrcpy(char *s) { - char *p = malloc(12); - p = strcpy(p, s); - free(p);// expected-warning {{leak}} -} - // False negatives. // TODO: This requires tracking symbols stored inside the structs/arrays.