Author: Balazs Benics Date: 2021-10-13T10:50:26+02:00 New Revision: 7fc150309d27b0f98239bec758b895efda8c0481
URL: https://github.com/llvm/llvm-project/commit/7fc150309d27b0f98239bec758b895efda8c0481 DIFF: https://github.com/llvm/llvm-project/commit/7fc150309d27b0f98239bec758b895efda8c0481.diff LOG: [analyzer] Bifurcate on getenv() calls The `getenv()` function might return `NULL` just like any other function. However, in case of `getenv()` a state-split seems justified since the programmer should expect the failure of this function. `secure_getenv(const char *name)` behaves the same way but is not handled right now. Note that `std::getenv()` is also not handled. Reviewed By: martong Differential Revision: https://reviews.llvm.org/D111245 Added: Modified: clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp clang/test/Analysis/std-c-library-functions.c Removed: ################################################################################ diff --git a/clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp index e758b465af1b4..74adc5882bfbf 100644 --- a/clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp +++ b/clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp @@ -1433,6 +1433,14 @@ void StdLibraryFunctionsChecker::initFunctionSummaries( RetType{Ssize_tTy}), GetLineSummary); + // char *getenv(const char *name); + addToFunctionSummaryMap( + "getenv", Signature(ArgTypes{ConstCharPtrTy}, RetType{CharPtrTy}), + Summary(NoEvalCall) + .Case({NotNull(Ret)}) + .Case({NotNull(Ret)->negate()}) + .ArgConstraint(NotNull(ArgNo(0)))); + if (ModelPOSIX) { // long a64l(const char *str64); diff --git a/clang/test/Analysis/std-c-library-functions.c b/clang/test/Analysis/std-c-library-functions.c index 9288af9d43b8c..e1800ed390a86 100644 --- a/clang/test/Analysis/std-c-library-functions.c +++ b/clang/test/Analysis/std-c-library-functions.c @@ -254,3 +254,11 @@ void test_call_by_pointer() { f = ispunct; clang_analyzer_eval(f('A')); // expected-warning{{FALSE}} } + +char *getenv(const char *name); +void test_getenv() { + // getenv() bifurcates here. + clang_analyzer_eval(getenv("FOO") == 0); + // expected-warning@-1 {{TRUE}} + // expected-warning@-2 {{FALSE}} +} _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits