[LLVMbugs] [Bug 23695] New: Detect if realloc may return different pointer

bugzilla-daemon Fri, 29 May 2015 08:42:26 -0700

https://llvm.org/bugs/show_bug.cgi?id=23695


            Bug ID: 23695
           Summary: Detect if realloc may return different pointer
           Product: clang
           Version: 3.5
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P
         Component: Static Analyzer
          Assignee: [email protected]
          Reporter: [email protected]
                CC: [email protected]
    Classification: Unclassified

Suppose code from ndejs :) :

XXXX() {
   ...
   char* base = static_cast<char*>(realloc(buf->base, nread));
   xxx = Buffer::Use(env, base, nread);
}

It is obivous that buf->base MAY become garbage. So authors forgot to write
something like:


if (base == NULL)
    abort();
buf->base = base;


i.e. Clang should think that after successfull "realloc()", first argument may
point to undefined memory. Also, next code should be valid:

--------------------
retval = realloc(arg)
if (retval == NULL)
    return ERR;
if (retval != arg)
    arg = retval;

-------------------
But that code may generate memory leak (if arg was not NULL, and realloc
returns NULL)

retval = realloc(arg)
if (retval != arg)
    arg = retval;

------------------

-- 
You are receiving this mail because:
You are on the CC list for the bug.

_______________________________________________
LLVMbugs mailing list
[email protected]
http://lists.cs.uiuc.edu/mailman/listinfo/llvmbugs

[LLVMbugs] [Bug 23695] New: Detect if realloc may return different pointer

Reply via email to