================
@@ -2515,6 +2517,53 @@ void CStringChecker::evalSprintfCommon(CheckerContext
&C, const CallEvent &Call,
C.addTransition(State);
}
+void CStringChecker::evalGetentropy(CheckerContext &C, const CallEvent &Call)
const {
+ DestinationArgExpr Buffer = {{Call.getArgExpr(0), 0}};
+ SizeArgExpr Size = {{Call.getArgExpr(1), 1}};
+ ProgramStateRef State = C.getState();
+ SValBuilder &SVB = C.getSValBuilder();
+ SVal MaxLength = SVB.makeIntVal(256, C.getASTContext().IntTy);
+
+ SVal SizeVal = C.getSVal(Size.Expression);
+ QualType SizeTy = Size.Expression->getType();
+
+ ProgramStateRef StateZeroSize, StateNonZeroSize;
+ std::tie(StateZeroSize, StateNonZeroSize) =
+ assumeZero(C, State, SizeVal, SizeTy);
+
+ if (StateZeroSize) {
+ StateZeroSize = State->BindExpr(Call.getOriginExpr(),
C.getLocationContext(),
----------------
NagyDonat wrote:
```suggestion
StateZeroSize = StateZeroSize->BindExpr(Call.getOriginExpr(),
C.getLocationContext(),
```
For the sake of consistency always avoid using "stale" state values, because
this leads to loss of information and inconsistencies.
The only situation where this is not important is the case when you perform a
dual assumption (an assume call that returns two state references, e.g. the
`assumeZero` above this) _and_ you checked that one of the two state references
is NULL. In that case the other returned state reference will be practically
equivalent to the state before the assumption (but even then there are some
little arcane details that may differ).
https://github.com/llvm/llvm-project/pull/83675
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
