diff options
author | Artem Dergachev <artem.dergachev@gmail.com> | 2018-01-12 22:12:11 +0000 |
---|---|---|
committer | Artem Dergachev <artem.dergachev@gmail.com> | 2018-01-12 22:12:11 +0000 |
commit | bdecb5f0d423364d024597699ffd3838cea08035 (patch) | |
tree | 389c1001910fc779b5189bf1bc2acddb961923e6 /lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp | |
parent | 3fb45fcca06352aeb81acf80f292e8f6a1ca2339 (diff) | |
download | clang-bdecb5f0d423364d024597699ffd3838cea08035.tar.gz |
[analyzer] Don't flag strcpy of string literals into sufficiently large buffers.
In the security package, we have a simple syntactic check that warns about
strcpy() being insecure, due to potential buffer overflows.
Suppress that check's warning in the trivial situation when the source is an
immediate null-terminated string literal and the target is an immediate
sufficiently large buffer.
Patch by AndrĂ¡s Leitereg!
Differential Revision: https://reviews.llvm.org/D41384
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@322410 91177308-0d34-0410-b5e6-96231b3b80d8
Diffstat (limited to 'lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp')
-rw-r--r-- | lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp b/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp index 6dbacad7f2..62831be26e 100644 --- a/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp +++ b/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp @@ -510,6 +510,17 @@ void WalkAST::checkCall_strcpy(const CallExpr *CE, const FunctionDecl *FD) { if (!checkCall_strCommon(CE, FD)) return; + const auto *Target = CE->getArg(0)->IgnoreImpCasts(), + *Source = CE->getArg(1)->IgnoreImpCasts(); + if (const auto *DeclRef = dyn_cast<DeclRefExpr>(Target)) + if (const auto *Array = dyn_cast<ConstantArrayType>(DeclRef->getType())) { + uint64_t ArraySize = BR.getContext().getTypeSize(Array) / 8; + if (const auto *String = dyn_cast<StringLiteral>(Source)) { + if (ArraySize >= String->getLength() + 1) + return; + } + } + // Issue a warning. PathDiagnosticLocation CELoc = PathDiagnosticLocation::createBegin(CE, BR.getSourceManager(), AC); |