r284335 - [analyzer] Make MallocChecker more robust against custom redeclarations

Devin Coughlin via cfe-commits Sun, 16 Oct 2016 10:35:29 -0700

Author: dcoughlin
Date: Sun Oct 16 12:26:06 2016
New Revision: 284335

URL: http://llvm.org/viewvc/llvm-project?rev=284335&view=rev
Log:
[analyzer] Make MallocChecker more robust against custom redeclarations


Add additional checking to MallocChecker to avoid crashing when memory
routines have unexpected numbers of arguments. You wouldn't expect to see much
of this in normal code (-Wincompatible-library-redeclaration warns on this),
but, for example, CMake tests can generate these.

This is PR30616.

rdar://problem/28631974

Added:
    cfe/trunk/test/Analysis/malloc-custom.c
Modified:
    cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp

Modified: cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp?rev=284335&r1=284334&r2=284335&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp Sun Oct 16 12:26:06 
2016
@@ -778,6 +778,8 @@ void MallocChecker::checkPostStmt(const
           State = MallocMemAux(C, CE, CE->getArg(0), UndefinedVal(), State);
       }
     } else if (FunI == II_kmalloc) {
+      if (CE->getNumArgs() < 1)
+        return;
       llvm::Optional<ProgramStateRef> MaybeState =
         performKernelMalloc(CE, C, State);
       if (MaybeState.hasValue())
@@ -807,6 +809,8 @@ void MallocChecker::checkPostStmt(const
     } else if (FunI == II_strndup) {
       State = MallocUpdateRefState(C, CE, State);
     } else if (FunI == II_alloca || FunI == II_win_alloca) {
+      if (CE->getNumArgs() < 1)
+        return;
       State = MallocMemAux(C, CE, CE->getArg(0), UndefinedVal(), State,
                            AF_Alloca);
       State = ProcessZeroAllocation(C, CE, 0, State);

Added: cfe/trunk/test/Analysis/malloc-custom.c
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/malloc-custom.c?rev=284335&view=auto
==============================================================================
--- cfe/trunk/test/Analysis/malloc-custom.c (added)
+++ cfe/trunk/test/Analysis/malloc-custom.c Sun Oct 16 12:26:06 2016
@@ -0,0 +1,32 @@
+// RUN: %clang_cc1 -analyze -analyzer-checker=core,unix.Malloc 
-Wno-incompatible-library-redeclaration -verify %s
+
+// Various tests to make the the analyzer is robust against custom
+// redeclarations of memory routines.
+//
+// You wouldn't expect to see much of this in normal code, but, for example,
+// CMake tests can generate these.
+
+// expected-no-diagnostics
+
+char alloca();
+char malloc();
+char realloc();
+char kmalloc();
+char valloc();
+char calloc();
+
+char free();
+char kfree();
+
+void testCustomArgumentlessAllocation() {
+  alloca(); // no-crash
+  malloc(); // no-crash
+  realloc(); // no-crash
+  kmalloc(); // no-crash
+  valloc(); // no-crash
+  calloc(); // no-crash
+
+  free(); // no-crash
+  kfree(); // no-crash
+}
+


_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r284335 - [analyzer] Make MallocChecker more robust against custom redeclarations

Reply via email to