From d5978a909d068b01cd2cb8ede2cffe84d3312741 Mon Sep 17 00:00:00 2001
From: George Karpenkov <ekarpenkov@apple.com>
Date: Mon, 14 Jan 2019 18:54:48 +0000
Subject: [PATCH] [analyzer] [PR39792] false positive on strcpy targeting
 struct members

Patch by Pierre van Houtryve.

Differential Revision: https://reviews.llvm.org/D55226

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@351097 91177308-0d34-0410-b5e6-96231b3b80d8
---
 .../Checkers/CheckSecuritySyntaxOnly.cpp           | 14 +++++++-------
 test/Analysis/security-syntax-checks.m             |  5 +++++
 2 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp b/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp
index 4a73810a6f..163ca9d855 100644
--- a/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp
+++ b/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp
@@ -651,14 +651,14 @@ void WalkAST::checkCall_strcpy(const CallExpr *CE, const FunctionDecl *FD) {
 
   const auto *Target = CE->getArg(0)->IgnoreImpCasts(),
              *Source = CE->getArg(1)->IgnoreImpCasts();
-  if (const auto *DeclRef = dyn_cast<DeclRefExpr>(Target))
-    if (const auto *Array = dyn_cast<ConstantArrayType>(DeclRef->getType())) {
-      uint64_t ArraySize = BR.getContext().getTypeSize(Array) / 8;
-      if (const auto *String = dyn_cast<StringLiteral>(Source)) {
-        if (ArraySize >= String->getLength() + 1)
-          return;
-      }
+
+  if (const auto *Array = dyn_cast<ConstantArrayType>(Target->getType())) {
+    uint64_t ArraySize = BR.getContext().getTypeSize(Array) / 8;
+    if (const auto *String = dyn_cast<StringLiteral>(Source)) {
+      if (ArraySize >= String->getLength() + 1)
+        return;
     }
+  }
 
   // Issue a warning.
   PathDiagnosticLocation CELoc =
diff --git a/test/Analysis/security-syntax-checks.m b/test/Analysis/security-syntax-checks.m
index 2c569727ad..1fd00dffe4 100644
--- a/test/Analysis/security-syntax-checks.m
+++ b/test/Analysis/security-syntax-checks.m
@@ -177,6 +177,11 @@ void test_strcpy_safe() {
   strcpy(x, "abcd");
 }
 
+void test_strcpy_safe_2() {
+  struct {char s1[100];} s;
+  strcpy(s.s1, "hello");
+}
+
 //===----------------------------------------------------------------------===
 // strcat()
 //===----------------------------------------------------------------------===
-- 
2.40.0