Author: george.karpenkov Date: Mon Jan 14 10:54:48 2019 New Revision: 351097
URL: http://llvm.org/viewvc/llvm-project?rev=351097&view=rev Log: [analyzer] [PR39792] false positive on strcpy targeting struct members Patch by Pierre van Houtryve. Differential Revision: https://reviews.llvm.org/D55226 Modified: cfe/trunk/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp cfe/trunk/test/Analysis/security-syntax-checks.m Modified: cfe/trunk/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp?rev=351097&r1=351096&r2=351097&view=diff ============================================================================== --- cfe/trunk/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp (original) +++ cfe/trunk/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp Mon Jan 14 10:54:48 2019 @@ -651,14 +651,14 @@ void WalkAST::checkCall_strcpy(const Cal const auto *Target = CE->getArg(0)->IgnoreImpCasts(), *Source = CE->getArg(1)->IgnoreImpCasts(); - if (const auto *DeclRef = dyn_cast<DeclRefExpr>(Target)) - if (const auto *Array = dyn_cast<ConstantArrayType>(DeclRef->getType())) { - uint64_t ArraySize = BR.getContext().getTypeSize(Array) / 8; - if (const auto *String = dyn_cast<StringLiteral>(Source)) { - if (ArraySize >= String->getLength() + 1) - return; - } + + if (const auto *Array = dyn_cast<ConstantArrayType>(Target->getType())) { + uint64_t ArraySize = BR.getContext().getTypeSize(Array) / 8; + if (const auto *String = dyn_cast<StringLiteral>(Source)) { + if (ArraySize >= String->getLength() + 1) + return; } + } // Issue a warning. PathDiagnosticLocation CELoc = Modified: cfe/trunk/test/Analysis/security-syntax-checks.m URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/security-syntax-checks.m?rev=351097&r1=351096&r2=351097&view=diff ============================================================================== --- cfe/trunk/test/Analysis/security-syntax-checks.m (original) +++ cfe/trunk/test/Analysis/security-syntax-checks.m Mon Jan 14 10:54:48 2019 @@ -177,6 +177,11 @@ void test_strcpy_safe() { strcpy(x, "abcd"); } +void test_strcpy_safe_2() { + struct {char s1[100];} s; + strcpy(s.s1, "hello"); +} + //===----------------------------------------------------------------------=== // strcat() //===----------------------------------------------------------------------=== _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
