[clang] [analyzer] Harden security.cert.env.InvalidPtr checker fn matching (PR #88536)
iillyyaa wrote: @steakhal, thank you for the quick turnaround with the fix! > @iillyyaa, do you wish this crash fix to be backported to clang-18? Or you > are fine with only having it in clang-19? A backport for the next point release of 18 would be very much appreciated. We are using the scarthgap branch of openembedded meta-clang layer, which has clang-18. Since that is an LTS branch, I expect that we will be using clang-18 for a while. Thanks again! https://github.com/llvm/llvm-project/pull/88536 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[clang] [analyzer] Harden security.cert.env.InvalidPtr checker fn matching (PR #88536)
@@ -205,8 +210,12 @@ void InvalidPtrChecker::postPreviousReturnInvalidatingCall( CE, LCtx, CE->getType(), C.blockCount()); State = State->BindExpr(CE, LCtx, RetVal); + const auto *SymRegOfRetVal = + dyn_cast_or_null(RetVal.getAsRegion()); + if (!SymRegOfRetVal) +return; + // Remember to this region. - const auto *SymRegOfRetVal = cast(RetVal.getAsRegion()); const MemRegion *MR = SymRegOfRetVal->getBaseRegion(); iillyyaa wrote: If this (and the corresponding clang/test/Analysis/invalid-ptr-checker.cpp test) were put into a separate commit from the CDM::CLibrary changes, then this commit would be more easily back-ported into llvm:release/18.x branch. I cannot tell how critical the CDM::CLibrary change is, but I have confirmed that the crash I had originally reported in https://github.com/llvm/llvm-project/issues/88181 is fixed with just the highlighted change when applied to clang18. https://github.com/llvm/llvm-project/pull/88536 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[clang] [analyzer] Harden security.cert.env.InvalidPtr checker fn matching (PR #88536)
@@ -205,8 +210,12 @@ void InvalidPtrChecker::postPreviousReturnInvalidatingCall( CE, LCtx, CE->getType(), C.blockCount()); State = State->BindExpr(CE, LCtx, RetVal); + const auto *SymRegOfRetVal = + dyn_cast_or_null(RetVal.getAsRegion()); + if (!SymRegOfRetVal) +return; + // Remember to this region. - const auto *SymRegOfRetVal = cast(RetVal.getAsRegion()); const MemRegion *MR = SymRegOfRetVal->getBaseRegion(); iillyyaa wrote: And, again, thank you for such a quick turnaround. Just the availability of this patch has unblocked our development. https://github.com/llvm/llvm-project/pull/88536 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
