[analyzer] CString Checker: Do not split the path unless the user
specifically checks for equality to null. Enforcing this general practice, which keeps the analyzer less noisy, in the CString Checker. This change suppresses "Assigned value is garbage or undefined" warning in the added test case. llvm-svn: 156085
This commit is contained in:
parent
673e085a1c
commit
b3b56bb960
|
@ -901,9 +901,10 @@ void CStringChecker::evalCopyCommon(CheckerContext &C,
|
|||
|
||||
// If the size is zero, there won't be any actual memory access, so
|
||||
// just bind the return value to the destination buffer and return.
|
||||
if (stateZeroSize) {
|
||||
if (stateZeroSize && !stateNonZeroSize) {
|
||||
stateZeroSize = stateZeroSize->BindExpr(CE, LCtx, destVal);
|
||||
C.addTransition(stateZeroSize);
|
||||
return;
|
||||
}
|
||||
|
||||
// If the size can be nonzero, we have to check the other arguments.
|
||||
|
|
|
@ -428,3 +428,13 @@ void bcopy2 () {
|
|||
|
||||
bcopy(src, dst, 4); // expected-warning{{overflow}}
|
||||
}
|
||||
|
||||
void *malloc(size_t);
|
||||
void free(void *);
|
||||
char radar_11125445_memcopythenlogfirstbyte(const char *input, size_t length) {
|
||||
char *bytes = malloc(sizeof(char) * (length + 1));
|
||||
memcpy(bytes, input, length);
|
||||
char x = bytes[0]; // no warning
|
||||
free(bytes);
|
||||
return x;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue