On Fri, 2023-09-01 at 16:48 +0200, Benjamin Priour wrote:
> Patch has been updated as per your suggestions and successfully
> regstrapped
> on x86_64-linux-gnu.
>
> call_details::maybe_get_arg_region is now
> /* If argument IDX's svalue at the callsite is of pointer type,
> return the region it points to.
> Otherwise return NULL. */
>
> const region *
> call_details::deref_ptr_arg (unsigned idx) const
> {
> const svalue *ptr_sval = get_arg_svalue (idx);
> return m_model->deref_rvalue (ptr_sval, get_arg_tree (idx),
> m_ctxt);
> }
>
>
> New test is
>
> +
> +void test_binop ()
> +{
> + char *p = (char *) malloc (4);
> + if (!p)
> + return;
> + int32_t *i = ::new (p + 1) int32_t; /* { dg-warning "heap-based
> buffer
> overflow" } */
> + *i = 42; /* { dg-warning "heap-based buffer overflow" } */
> + free (p);
> +}
>
> Is it OK for trunk ?
> I didn't resend the whole patch as it otherwise was OK.
Yes, thanks.
Dave
