From ce8ef16b1c58a304b7b59fad9836ad32d6ed020c Mon Sep 17 00:00:00 2001 From: Anna Zaks Date: Fri, 13 Jan 2012 00:56:48 +0000 Subject: [PATCH] [analyzer] RegionStoreManager::getBinding() should not crash when looking up value at a CodeTextRegion even when the type is not provided. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@148079 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/StaticAnalyzer/Core/RegionStore.cpp | 8 ++++++-- test/Analysis/string.c | 4 ++++ 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/lib/StaticAnalyzer/Core/RegionStore.cpp b/lib/StaticAnalyzer/Core/RegionStore.cpp index 5bd7d72675..f27c51880b 100644 --- a/lib/StaticAnalyzer/Core/RegionStore.cpp +++ b/lib/StaticAnalyzer/Core/RegionStore.cpp @@ -918,8 +918,12 @@ SVal RegionStoreManager::getBinding(Store store, Loc L, QualType T) { isa(MR) || isa(MR)) { if (T.isNull()) { - const SymbolicRegion *SR = cast(MR); - T = SR->getSymbol()->getType(Ctx); + if (const TypedRegion *TR = dyn_cast(MR)) + T = TR->getLocationType(); + else { + const SymbolicRegion *SR = cast(MR); + T = SR->getSymbol()->getType(Ctx); + } } MR = GetElementZeroRegion(MR, T); } diff --git a/test/Analysis/string.c b/test/Analysis/string.c index fcbe298a8f..d72abb349a 100644 --- a/test/Analysis/string.c +++ b/test/Analysis/string.c @@ -297,6 +297,10 @@ void strcpy_fn(char *x) { strcpy(x, (char*)&strcpy_fn); // expected-warning{{Argument to string copy function is the address of the function 'strcpy_fn', which is not a null-terminated string}} } +void strcpy_fn_const(char *x) { + strcpy(x, (const char*)&strcpy_fn); // expected-warning{{Argument to string copy function is the address of the function 'strcpy_fn', which is not a null-terminated string}} +} + void strcpy_effects(char *x, char *y) { char a = x[0]; -- 2.40.0