diff options
| author | David Malcolm <dmalcolm@redhat.com> | 2022-10-24 16:38:22 -0400 |
|---|---|---|
| committer | David Malcolm <dmalcolm@redhat.com> | 2022-10-24 16:38:22 -0400 |
| commit | 792f039fc37faa3446725a643c8018f084e8ccab (patch) | |
| tree | d6f5bfae9af0528c090314d46b2c14859640d221 /gcc/analyzer/engine.cc | |
| parent | 244021b6c1a7bdeb777874ddc2ebcecb95610ef1 (diff) | |
| download | gcc-792f039fc37faa3446725a643c8018f084e8ccab.zip gcc-792f039fc37faa3446725a643c8018f084e8ccab.tar.gz gcc-792f039fc37faa3446725a643c8018f084e8ccab.tar.bz2 | |
analyzer: handle "pipe" and "pipe2" [PR106300]
gcc/analyzer/ChangeLog:
PR analyzer/106300
* engine.cc (impl_region_model_context::get_fd_map): New.
* exploded-graph.h (impl_region_model_context::get_fd_map): New
decl.
* region-model-impl-calls.cc (region_model::impl_call_pipe): New.
* region-model.cc (region_model::update_for_int_cst_return): New,
based on...
(region_model::update_for_zero_return): ...this. Reimplement in
terms of the former.
(region_model::on_call_pre): Handle "pipe" and "pipe2".
(region_model::on_call_post): Likewise.
* region-model.h (region_model::impl_call_pipe): New decl.
(region_model::update_for_int_cst_return): New decl.
(region_model::mark_as_valid_fd): New decl.
(region_model_context::get_fd_map): New pure virtual fn.
(noop_region_model_context::get_fd_map): New.
(region_model_context_decorator::get_fd_map): New.
* sm-fd.cc: Include "analyzer/program-state.h".
(fd_state_machine::describe_state_change): Handle transitions from
start state to valid states.
(fd_state_machine::mark_as_valid_fd): New.
(fd_state_machine::on_stmt): Add missing return for "creat".
(region_model::mark_as_valid_fd): New.
gcc/ChangeLog:
PR analyzer/106300
* doc/invoke.texi (Static Analyzer Options): Add "pipe" and
"pipe2" to the list of functions the analyzer has hardcoded
knowledge of.
gcc/testsuite/ChangeLog:
PR analyzer/106300
* gcc.dg/analyzer/pipe-1.c: New test.
* gcc.dg/analyzer/pipe-glibc.c: New test.
* gcc.dg/analyzer/pipe-manpages.c: New test.
* gcc.dg/analyzer/pipe2-1.c: New test.
Signed-off-by: David Malcolm <dmalcolm@redhat.com>
Diffstat (limited to 'gcc/analyzer/engine.cc')
| -rw-r--r-- | gcc/analyzer/engine.cc | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/gcc/analyzer/engine.cc b/gcc/analyzer/engine.cc index 46bcaed..a664a99 100644 --- a/gcc/analyzer/engine.cc +++ b/gcc/analyzer/engine.cc @@ -229,6 +229,21 @@ impl_region_model_context::get_malloc_map (sm_state_map **out_smap, } bool +impl_region_model_context::get_fd_map (sm_state_map **out_smap, + const state_machine **out_sm, + unsigned *out_sm_idx) +{ + unsigned fd_sm_idx; + if (!m_ext_state.get_sm_idx_by_name ("file-descriptor", &fd_sm_idx)) + return false; + + *out_smap = m_new_state->m_checker_states[fd_sm_idx]; + *out_sm = &m_ext_state.get_sm (fd_sm_idx); + *out_sm_idx = fd_sm_idx; + return true; +} + +bool impl_region_model_context::get_taint_map (sm_state_map **out_smap, const state_machine **out_sm, unsigned *out_sm_idx) |