[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

Balazs Benics via cfe-commits Thu, 07 Mar 2024 04:41:53 -0800

Alejandro =?utf-8?q?Álvarez_Ayllón?Message-ID:
In-Reply-To: <llvm.org/llvm/llvm-project/pull/83...@github.com>


================
@@ -1196,6 +1342,11 @@ void StreamChecker::evalGetdelim(const FnDescription 
*Desc,
       E.isStreamEof() ? ErrorFEof : ErrorFEof | ErrorFError;
   StateFailed = E.setStreamState(
       StateFailed, StreamState::getOpened(Desc, NewES, !NewES.isFEof()));
+  // On failure, the content of the buffer is undefined.
+  if (auto NewLinePtr = getPointeeDefVal(Call.getArgSVal(0), State)) {
+    StateFailed = StateFailed->bindLoc(*NewLinePtr, UndefinedVal(),
+                                       C.getLocationContext());
+  }
----------------
steakhal wrote:

Did you test that reading from the line buffer after a `getdelim` fails, would 
trigger a "garbage read" sink?

https://github.com/llvm/llvm-project/pull/83027
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

Reply via email to