2017-03-04 02:02:02 +08:00
|
|
|
// RUN: %clang_analyze_cc1 -triple x86_64-apple-darwin10 -disable-free -analyzer-eagerly-assume -analyzer-checker=core,deadcode,alpha.security.taint,debug.TaintTest,debug.ExprInspection -verify %s
|
2012-05-17 00:01:07 +08:00
|
|
|
|
|
|
|
void clang_analyzer_eval(int);
|
2012-01-05 07:54:01 +08:00
|
|
|
|
|
|
|
// Note, we do need to include headers here, since the analyzer checks if the function declaration is located in a system header.
|
2012-09-12 09:11:10 +08:00
|
|
|
#include "Inputs/system-header-simulator.h"
|
2012-01-05 07:54:01 +08:00
|
|
|
|
|
|
|
// Test that system header does not invalidate the internal global.
|
|
|
|
int size_rdar9373039 = 1;
|
|
|
|
int rdar9373039() {
|
|
|
|
int x;
|
|
|
|
int j = 0;
|
|
|
|
|
|
|
|
for (int i = 0 ; i < size_rdar9373039 ; ++i)
|
|
|
|
x = 1;
|
|
|
|
|
|
|
|
// strlen doesn't invalidate the value of 'size_rdar9373039'.
|
|
|
|
int extra = (2 + strlen ("Clang") + ((4 - ((unsigned int) (2 + strlen ("Clang")) % 4)) % 4)) + (2 + strlen ("1.0") + ((4 - ((unsigned int) (2 + strlen ("1.0")) % 4)) % 4));
|
|
|
|
|
|
|
|
for (int i = 0 ; i < size_rdar9373039 ; ++i)
|
|
|
|
j += x; // no-warning
|
|
|
|
|
|
|
|
return j;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Test stdin does not get invalidated by a system call nor by an internal call.
|
|
|
|
void foo();
|
|
|
|
int stdinTest() {
|
|
|
|
int i = 0;
|
|
|
|
fscanf(stdin, "%d", &i);
|
|
|
|
foo();
|
|
|
|
int m = i; // expected-warning + {{tainted}}
|
|
|
|
fscanf(stdin, "%d", &i);
|
|
|
|
int j = i; // expected-warning + {{tainted}}
|
|
|
|
return m + j; // expected-warning + {{tainted}}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Test errno gets invalidated by a system call.
|
|
|
|
int testErrnoSystem() {
|
|
|
|
int i;
|
|
|
|
int *p = 0;
|
|
|
|
fscanf(stdin, "%d", &i);
|
|
|
|
if (errno == 0) {
|
|
|
|
fscanf(stdin, "%d", &i); // errno gets invalidated here.
|
|
|
|
return 5 / errno; // no-warning
|
|
|
|
}
|
2013-04-16 04:39:45 +08:00
|
|
|
|
|
|
|
errno = 0;
|
|
|
|
fscanf(stdin, "%d", &i); // errno gets invalidated here.
|
|
|
|
return 5 / errno; // no-warning
|
2012-01-05 07:54:01 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
// Test that errno gets invalidated by internal calls.
|
|
|
|
int testErrnoInternal() {
|
|
|
|
int i;
|
|
|
|
int *p = 0;
|
|
|
|
fscanf(stdin, "%d", &i);
|
|
|
|
if (errno == 0) {
|
|
|
|
foo(); // errno gets invalidated here.
|
|
|
|
return 5 / errno; // no-warning
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Test that const integer does not get invalidated.
|
|
|
|
const int x = 0;
|
|
|
|
int constIntGlob() {
|
|
|
|
const int *m = &x;
|
|
|
|
foo();
|
|
|
|
return 3 / *m; // expected-warning {{Division by zero}}
|
|
|
|
}
|
|
|
|
|
2013-02-13 11:11:06 +08:00
|
|
|
extern const int y;
|
2012-01-05 07:54:01 +08:00
|
|
|
int constIntGlobExtern() {
|
2013-02-13 11:11:06 +08:00
|
|
|
if (y == 0) {
|
2012-01-05 07:54:01 +08:00
|
|
|
foo();
|
2013-02-13 11:11:06 +08:00
|
|
|
return 5 / y; // expected-warning {{Division by zero}}
|
2012-01-05 07:54:01 +08:00
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
2012-05-17 00:01:07 +08:00
|
|
|
|
2013-02-13 11:11:06 +08:00
|
|
|
static void * const ptr = 0;
|
|
|
|
void constPtrGlob() {
|
|
|
|
clang_analyzer_eval(ptr == 0); // expected-warning{{TRUE}}
|
|
|
|
foo();
|
|
|
|
clang_analyzer_eval(ptr == 0); // expected-warning{{TRUE}}
|
|
|
|
}
|
|
|
|
|
|
|
|
static const int x2 = x;
|
|
|
|
void constIntGlob2() {
|
|
|
|
clang_analyzer_eval(x2 == 0); // expected-warning{{TRUE}}
|
|
|
|
foo();
|
|
|
|
clang_analyzer_eval(x2 == 0); // expected-warning{{TRUE}}
|
|
|
|
}
|
|
|
|
|
2012-05-17 00:01:07 +08:00
|
|
|
void testAnalyzerEvalIsPure() {
|
|
|
|
extern int someGlobal;
|
|
|
|
if (someGlobal == 0) {
|
|
|
|
clang_analyzer_eval(someGlobal == 0); // expected-warning{{TRUE}}
|
|
|
|
clang_analyzer_eval(someGlobal == 0); // expected-warning{{TRUE}}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2013-02-08 07:05:37 +08:00
|
|
|
// Test that static variables with initializers do not get reinitialized on
|
|
|
|
// recursive calls.
|
|
|
|
void Function2(void);
|
|
|
|
int *getPtr();
|
|
|
|
void Function1(void) {
|
|
|
|
static unsigned flag;
|
|
|
|
static int *p = 0;
|
|
|
|
if (!flag) {
|
|
|
|
flag = 1;
|
|
|
|
p = getPtr();
|
|
|
|
}
|
|
|
|
int m = *p; // no-warning: p is never null.
|
|
|
|
m++;
|
|
|
|
Function2();
|
|
|
|
}
|
|
|
|
void Function2(void) {
|
|
|
|
Function1();
|
|
|
|
}
|
|
|
|
|
|
|
|
void SetToNonZero(void) {
|
|
|
|
static int g = 5;
|
|
|
|
clang_analyzer_eval(g == 5); // expected-warning{{TRUE}}
|
|
|
|
}
|
|
|
|
|