xazax.hun added inline comments. ================ Comment at: cfe/trunk/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp:1738 @@ +1737,3 @@ + + const auto Msg = "Assuming " + Met->getParamDecl(0)->getName() + + ((Param == This) ? " == " : " != ") + "*this"; ---------------- getName will return a StringRef here. Contatenating const char * and StringRef will give you a Twine. So Msg will be a twine which refers to temporary objects. This will result in a use after free. You shoud convert the result of the concatenation (the Twine) to a std::string, to copy the data and avoid use after free.
Repository: rL LLVM https://reviews.llvm.org/D19311 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
