[PATCH] D51385: [analyzer] InnerPointerChecker: Fix a segfault.

Thu, 30 Aug 2018 11:46:31 -0700 

This revision was automatically updated to reflect the committed changes.
Closed by commit rC341092: [analyzer] InnerPointerChecker: Fix a segfault when 
checking symbolic strings. (authored by dergachev, committed by ).

Changed prior to commit:
  https://reviews.llvm.org/D51385?vs=162963&id=163385#toc

Repository:
  rC Clang

https://reviews.llvm.org/D51385

Files:
  lib/StaticAnalyzer/Checkers/InnerPointerChecker.cpp
  test/Analysis/inner-pointer.cpp


Index: test/Analysis/inner-pointer.cpp
===================================================================
--- test/Analysis/inner-pointer.cpp
+++ test/Analysis/inner-pointer.cpp
@@ -424,3 +424,7 @@
   *(void **)&b = c() + 1;
   *b = a; // no-crash
 }
+
+void checkReference(std::string &s) {
+  const char *c = s.c_str();
+}
Index: lib/StaticAnalyzer/Checkers/InnerPointerChecker.cpp
===================================================================
--- lib/StaticAnalyzer/Checkers/InnerPointerChecker.cpp
+++ lib/StaticAnalyzer/Checkers/InnerPointerChecker.cpp
@@ -211,8 +211,11 @@
   ProgramStateRef State = C.getState();
 
   if (const auto *ICall = dyn_cast<CXXInstanceCall>(&Call)) {
+    // TODO: Do we need these to be typed?
     const auto *ObjRegion = dyn_cast_or_null<TypedValueRegion>(
         ICall->getCXXThisVal().getAsRegion());
+    if (!ObjRegion)
+      return;
 
     if (Call.isCalled(CStrFn) || Call.isCalled(DataFn)) {
       SVal RawPtr = Call.getReturnValue();



Index: test/Analysis/inner-pointer.cpp
===================================================================
--- test/Analysis/inner-pointer.cpp
+++ test/Analysis/inner-pointer.cpp
@@ -424,3 +424,7 @@
   *(void **)&b = c() + 1;
   *b = a; // no-crash
 }
+
+void checkReference(std::string &s) {
+  const char *c = s.c_str();
+}
Index: lib/StaticAnalyzer/Checkers/InnerPointerChecker.cpp
===================================================================
--- lib/StaticAnalyzer/Checkers/InnerPointerChecker.cpp
+++ lib/StaticAnalyzer/Checkers/InnerPointerChecker.cpp
@@ -211,8 +211,11 @@
   ProgramStateRef State = C.getState();
 
   if (const auto *ICall = dyn_cast<CXXInstanceCall>(&Call)) {
+    // TODO: Do we need these to be typed?
     const auto *ObjRegion = dyn_cast_or_null<TypedValueRegion>(
         ICall->getCXXThisVal().getAsRegion());
+    if (!ObjRegion)
+      return;
 
     if (Call.isCalled(CStrFn) || Call.isCalled(DataFn)) {
       SVal RawPtr = Call.getReturnValue();

_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

Reply via email to