From 4c667d6141afc0aae6ab2b877903989ced0330b0 Mon Sep 17 00:00:00 2001 From: Steven Wu Date: Wed, 24 Sep 2014 04:37:33 +0000 Subject: [PATCH] Fix the argument index error of __builtin___memccpy_chk memccpy_check should have source and dest size at arg 3 and 4 rdar://18431336 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@218367 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/Sema/SemaChecking.cpp | 4 +++- test/Sema/builtin-object-size.c | 9 +++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/lib/Sema/SemaChecking.cpp b/lib/Sema/SemaChecking.cpp index 7462869306..5ea862cf88 100644 --- a/lib/Sema/SemaChecking.cpp +++ b/lib/Sema/SemaChecking.cpp @@ -365,7 +365,6 @@ Sema::CheckBuiltinFunctionCall(FunctionDecl *FDecl, unsigned BuiltinID, // check secure string manipulation functions where overflows // are detectable at compile time case Builtin::BI__builtin___memcpy_chk: - case Builtin::BI__builtin___memccpy_chk: case Builtin::BI__builtin___memmove_chk: case Builtin::BI__builtin___memset_chk: case Builtin::BI__builtin___strlcat_chk: @@ -375,6 +374,9 @@ Sema::CheckBuiltinFunctionCall(FunctionDecl *FDecl, unsigned BuiltinID, case Builtin::BI__builtin___stpncpy_chk: SemaBuiltinMemChkCall(*this, FDecl, TheCall, 2, 3); break; + case Builtin::BI__builtin___memccpy_chk: + SemaBuiltinMemChkCall(*this, FDecl, TheCall, 3, 4); + break; case Builtin::BI__builtin___snprintf_chk: case Builtin::BI__builtin___vsnprintf_chk: SemaBuiltinMemChkCall(*this, FDecl, TheCall, 1, 3); diff --git a/test/Sema/builtin-object-size.c b/test/Sema/builtin-object-size.c index e4b6560881..b1bda0652c 100644 --- a/test/Sema/builtin-object-size.c +++ b/test/Sema/builtin-object-size.c @@ -43,3 +43,12 @@ void f5(void) memcpy((char *)NULL + 0x10000, buf, 0x10); memcpy1((char *)NULL + 0x10000, buf, 0x10); // expected-error {{argument should be a value from 0 to 3}} } + +// rdar://18431336 +void f6(void) +{ + char b[5]; + char buf[10]; + __builtin___memccpy_chk (buf, b, '\0', sizeof(b), __builtin_object_size (buf, 0)); + __builtin___memccpy_chk (b, buf, '\0', sizeof(buf), __builtin_object_size (b, 0)); // expected-warning {{'__builtin___memccpy_chk' will always overflow destination buffer}} +} -- 2.40.0