[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

Balázs Kéri via cfe-commits Wed, 20 Mar 2024 10:21:10 -0700

================
@@ -1204,6 +1204,20 @@ void StreamChecker::evalGetdelim(const FnDescription 
*Desc,
         State->BindExpr(E.CE, C.getLocationContext(), RetVal);
     StateNotFailed =
         E.assumeBinOpNN(StateNotFailed, BO_GE, RetVal, E.getZeroVal(Call));
+    // The buffer size `*n` must be enough to hold the whole line, and
+    // greater than the return value, since it has to account for '\0'.
+    auto SizePtrSval = Call.getArgSVal(1);
+    auto NVal = getPointeeVal(SizePtrSval, State);
+    if (NVal) {
+      StateNotFailed = StateNotFailed->assume(
+          E.SVB
+              .evalBinOp(StateNotFailed, BO_GT, *NVal, RetVal,
+                         E.SVB.getConditionType())
+              .castAs<DefinedOrUnknownSVal>(),
+          true);
+      StateNotFailed =
+          StateNotFailed->BindExpr(E.CE, C.getLocationContext(), RetVal);
+    }
----------------
balazske wrote:


I do not see a test that checks for the relation between return value and the 
"size" value.

https://github.com/llvm/llvm-project/pull/83027
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

Reply via email to