diff options
| author | Malavika Samak <malavika.samak@gmail.com> | 2024-01-02 15:41:00 -0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-01-02 15:41:00 -0800 |
| commit | 7122f55c639a00e719b6088249f4fca1810cf04c (patch) | |
| tree | 1cb5c7b2be94e024ed3d1062a06a2a26d059a7d3 /clang/lib/Sema/AnalysisBasedWarnings.cpp | |
| parent | e32b1d15f7a23ccd271764bb31c84d91c9dcddbb (diff) | |
| download | llvm-7122f55c639a00e719b6088249f4fca1810cf04c.zip llvm-7122f55c639a00e719b6088249f4fca1810cf04c.tar.gz llvm-7122f55c639a00e719b6088249f4fca1810cf04c.tar.bz2 | |
[-Wunsafe-buffer-usage] Warning for unsafe invocation of span::data (#75650)
…-Wunsafe-buffer-usage,
there maybe accidental re-introduction of new OutOfBound accesses into
the code bases. One such case is invoking span::data() method on a span
variable to retrieve a pointer, which is then cast to a larger type and
dereferenced. Such dereferences can introduce OutOfBound accesses.
To address this, a new WarningGadget is being introduced to warn against
such invocations.
---------
Co-authored-by: MalavikaSamak <malavika2@apple.com>
Diffstat (limited to 'clang/lib/Sema/AnalysisBasedWarnings.cpp')
| -rw-r--r-- | clang/lib/Sema/AnalysisBasedWarnings.cpp | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/clang/lib/Sema/AnalysisBasedWarnings.cpp b/clang/lib/Sema/AnalysisBasedWarnings.cpp index 0947e8b..9eb1df5 100644 --- a/clang/lib/Sema/AnalysisBasedWarnings.cpp +++ b/clang/lib/Sema/AnalysisBasedWarnings.cpp @@ -2226,8 +2226,8 @@ public: UnsafeBufferUsageReporter(Sema &S, bool SuggestSuggestions) : S(S), SuggestSuggestions(SuggestSuggestions) {} - void handleUnsafeOperation(const Stmt *Operation, - bool IsRelatedToDecl) override { + void handleUnsafeOperation(const Stmt *Operation, bool IsRelatedToDecl, + ASTContext &Ctx) override { SourceLocation Loc; SourceRange Range; unsigned MsgParam = 0; @@ -2261,6 +2261,18 @@ public: // note_unsafe_buffer_operation doesn't have this mode yet. assert(!IsRelatedToDecl && "Not implemented yet!"); MsgParam = 3; + } else if (const auto *ECE = dyn_cast<ExplicitCastExpr>(Operation)) { + QualType destType = ECE->getType(); + const uint64_t dSize = + Ctx.getTypeSize(destType.getTypePtr()->getPointeeType()); + if (const auto *CE = dyn_cast<CXXMemberCallExpr>(ECE->getSubExpr())) { + QualType srcType = CE->getType(); + const uint64_t sSize = + Ctx.getTypeSize(srcType.getTypePtr()->getPointeeType()); + if (sSize >= dSize) + return; + } + MsgParam = 4; } Loc = Operation->getBeginLoc(); Range = Operation->getSourceRange(); |