[clang] [Wunsafe-buffer-usage] Address some false positives in handling array indices that are decidably correct (PR #117370)

Reid Kleckner via cfe-commits Wed, 27 Nov 2024 10:26:25 -0800

================
@@ -439,8 +439,16 @@ AST_MATCHER(ArraySubscriptExpr, isSafeArraySubscript) {
       dyn_cast<StringLiteral>(Node.getBase()->IgnoreParenImpCasts());
----------------
rnk wrote:


There's a FIXME above about refactoring Sema::CheckArrayAccess to avoid 
duplication, and I'm trying to decide if that makes sense or not, or if we 
should just copy the logic.

It seems like the main behavior difference is that `Sema::CheckArrayAccess` 
doesn't go looking for a `Decl` with a `ConstantArray` type, it just looks at 
the type of any old expression, which means it doesn't warn on cases involving 
casts or other expressions with constant array type, like these:
```
int arr[1];
int oob() {return (*(int(*)[2])&arr)[1]; } // currently warns, should we keep 
warning or trust the cast?
int *arrayAddr()[1] { return &arr; }
int safe() { return (*arrayAddr())[0] } // currently warns, but should we warn?
```

https://github.com/llvm/llvm-project/pull/117370
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [Wunsafe-buffer-usage] Address some false positives in handling array indices that are decidably correct (PR #117370)

Reply via email to