c: When checking on validity of sizeof passed as size of

argument to be memset, check for its type to be complete before calling Context.getTypeSize(PointeeTy) to prevent crash. // rdar://13081751. llvm-svn: 173872
2013-01-30 01:12:44 +00:00 · 2013-01-30 01:12:44 +00:00 · 4d365ba9b9
parent c6c2375317
commit 4d365ba9b9
2 changed files with 17 additions and 1 deletions
--- a/clang/lib/Sema/SemaChecking.cpp
+++ b/clang/lib/Sema/SemaChecking.cpp
@ -3253,7 +3253,8 @@ void Sema::CheckMemaccessArguments(const CallExpr *Call,
          if (const UnaryOperator *UnaryOp = dyn_cast<UnaryOperator>(Dest))
            if (UnaryOp->getOpcode() == UO_AddrOf)
              ActionIdx = 1; // If its an address-of operator, just remove it.
-          if (Context.getTypeSize(PointeeTy) == Context.getCharWidth())
+          if (!PointeeTy->isIncompleteType() &&
+              (Context.getTypeSize(PointeeTy) == Context.getCharWidth()))
            ActionIdx = 2; // If the pointee's size is sizeof(char),
                           // suggest an explicit length.

--- a/clang/test/Sema/memset-invalid-1.c
+++ b/clang/test/Sema/memset-invalid-1.c
@ -0,0 +1,15 @@
+// RUN: %clang_cc1 -fsyntax-only %s -verify
+// rdar://13081751
+
+typedef __SIZE_TYPE__ size_t;
+void *memset(void*, int, size_t);
+
+typedef struct __incomplete *incomplete;
+
+void mt_query_for_domain(const char *domain)
+{
+	incomplete	query = 0;
+	memset(query, 0, sizeof(query)); // expected-warning {{'memset' call operates on objects of type 'struct __incomplete' while the size is based on a different type 'incomplete'}} \
+	// expected-note {{did you mean to dereference the argument to 'sizeof' (and multiply it by the number of elements)?}}
+}
+