maxjhandsome
/
llvm-project
forked from OSchip/llvm-project
1
0
Fork 0
Code Issues Pull Requests Packages Releases Wiki Activity

[analyzer] ConditionBRVisitor: Fix HTML PathDiagnosticPopUpPieces 

Summary:
A condition could be a multi-line expression where we create the highlight
in separated chunks. PathDiagnosticPopUpPiece is not made for that purpose,
it cannot be added to multiple lines because we have only one ending part
which contains all the notes. So that it cannot have multiple endings and
therefore this patch narrows down the ranges of the highlight to the given
interesting variable of the condition. It prevents HTML-breaking injections.

Reviewed By: NoQ

Differential Revision: https://reviews.llvm.org/D65663

llvm-svn: 368382
This commit is contained in:
Csaba Dabis 2019-08-09 02:20:44 +00:00
parent 1861f4ea25
commit 124ef7fce4
7 changed files with 141 additions and 100 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
clang/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp
View File

@ -2335,12 +2335,12 @@ std::shared_ptr<PathDiagnosticPiece> ConditionBRVisitor::VisitTrueTest(
// Check if the field name of the MemberExprs is ambiguous. Example:
// " 'a.d' is equal to 'h.d' " in 'test/Analysis/null-deref-path-notes.cpp'.
bool IsSameFieldName = false;
if (const auto *LhsME =
dyn_cast<MemberExpr>(BExpr->getLHS()->IgnoreParenCasts()))
if (const auto *RhsME =
dyn_cast<MemberExpr>(BExpr->getRHS()->IgnoreParenCasts()))
IsSameFieldName = LhsME->getMemberDecl()->getName() ==
RhsME->getMemberDecl()->getName();
const auto *LhsME = dyn_cast<MemberExpr>(BExpr->getLHS()->IgnoreParenCasts());
const auto *RhsME = dyn_cast<MemberExpr>(BExpr->getRHS()->IgnoreParenCasts());
if (LhsME && RhsME)
IsSameFieldName =
LhsME->getMemberDecl()->getName() == RhsME->getMemberDecl()->getName();
SmallString<128> LhsString, RhsString;
{
@ -2410,16 +2410,31 @@ std::shared_ptr<PathDiagnosticPiece> ConditionBRVisitor::VisitTrueTest(
Out << (shouldInvert ? LhsString : RhsString);
const LocationContext *LCtx = N->getLocationContext();
PathDiagnosticLocation Loc(Cond, BRC.getSourceManager(), LCtx);
const SourceManager &SM = BRC.getSourceManager();
// Convert 'field ...' to 'Field ...' if it is a MemberExpr.
std::string Message = Out.str();
Message[0] = toupper(Message[0]);
// If we know the value create a pop-up note.
if (!IsAssuming)
return std::make_shared<PathDiagnosticPopUpPiece>(Loc, Message);
// If we know the value create a pop-up note to the value part of 'BExpr'.
if (!IsAssuming) {
PathDiagnosticLocation Loc;
if (!shouldInvert) {
if (LhsME && LhsME->getMemberLoc().isValid())
Loc = PathDiagnosticLocation(LhsME->getMemberLoc(), SM);
else
Loc = PathDiagnosticLocation(BExpr->getLHS(), SM, LCtx);
} else {
if (RhsME && RhsME->getMemberLoc().isValid())
Loc = PathDiagnosticLocation(RhsME->getMemberLoc(), SM);
else
Loc = PathDiagnosticLocation(BExpr->getRHS(), SM, LCtx);
}
return std::make_shared<PathDiagnosticPopUpPiece>(Loc, Message);
}
PathDiagnosticLocation Loc(Cond, SM, LCtx);
auto event = std::make_shared<PathDiagnosticEventPiece>(Loc, Message);
if (shouldPrune.hasValue())
event->setPrunable(shouldPrune.getValue());
@ -2472,12 +2487,14 @@ std::shared_ptr<PathDiagnosticPiece> ConditionBRVisitor::VisitTrueTest(
return nullptr;
const LocationContext *LCtx = N->getLocationContext();
PathDiagnosticLocation Loc(Cond, BRC.getSourceManager(), LCtx);
// If we know the value create a pop-up note.
if (!IsAssuming)
// If we know the value create a pop-up note to the 'DRE'.
if (!IsAssuming) {
PathDiagnosticLocation Loc(DRE, BRC.getSourceManager(), LCtx);
return std::make_shared<PathDiagnosticPopUpPiece>(Loc, Out.str());
}
PathDiagnosticLocation Loc(Cond, BRC.getSourceManager(), LCtx);
auto event = std::make_shared<PathDiagnosticEventPiece>(Loc, Out.str());
const ProgramState *state = N->getState().get();
if (const MemRegion *R = state->getLValue(VD, LCtx).getAsRegion()) {
@ -2505,11 +2522,17 @@ std::shared_ptr<PathDiagnosticPiece> ConditionBRVisitor::VisitTrueTest(
return nullptr;
const LocationContext *LCtx = N->getLocationContext();
PathDiagnosticLocation Loc(Cond, BRC.getSourceManager(), LCtx);
PathDiagnosticLocation Loc;
// If we know the value create a pop-up note to the member of the MemberExpr.
if (!IsAssuming && ME->getMemberLoc().isValid())
Loc = PathDiagnosticLocation(ME->getMemberLoc(), BRC.getSourceManager());
else
Loc = PathDiagnosticLocation(Cond, BRC.getSourceManager(), LCtx);
if (!Loc.isValid() || !Loc.asLocation().isValid())
return nullptr;
// If we know the value create a pop-up note.
if (!IsAssuming)
return std::make_shared<PathDiagnosticPopUpPiece>(Loc, Out.str());

9
clang/lib/StaticAnalyzer/Core/HTMLDiagnostics.cpp
View File

@ -612,7 +612,7 @@ HandlePopUpPieceStartTag(Rewriter &R,
for (const auto &Range : PopUpRanges) {
html::HighlightRange(R, Range.getBegin(), Range.getEnd(), "",
"<table class='variable_popup'><tbody>",
/*IsTokenRange=*/false);
/*IsTokenRange=*/true);
}
}
@ -644,12 +644,11 @@ static void HandlePopUpPieceEndTag(Rewriter &R,
Out << "</tbody></table></span>";
html::HighlightRange(R, Range.getBegin(), Range.getEnd(),
"<span class='variable'>", Buf.c_str(),
/*IsTokenRange=*/false);
// Otherwise inject just the new row at the end of the range.
/*IsTokenRange=*/true);
} else {
// Otherwise inject just the new row at the end of the range.
html::HighlightRange(R, Range.getBegin(), Range.getEnd(), "", Buf.c_str(),
/*IsTokenRange=*/false);
/*IsTokenRange=*/true);
}
}

4
clang/test/Analysis/Inputs/expected-plists/cxx-for-range.cpp.plist
View File

@ -191,7 +191,7 @@
</dict>
<dict>
<key>line</key><integer>11</integer>
<key>col</key><integer>14</integer>
<key>col</key><integer>9</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
@ -515,7 +515,7 @@
</dict>
<dict>
<key>line</key><integer>11</integer>
<key>col</key><integer>14</integer>
<key>col</key><integer>9</integer>
<key>file</key><integer>0</integer>
</dict>
</array>

163
clang/test/Analysis/Inputs/expected-plists/edges-new.mm.plist
View File

@ -2727,7 +2727,7 @@
</dict>
<dict>
<key>line</key><integer>146</integer>
<key>col</key><integer>13</integer>
<key>col</key><integer>8</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
@ -2949,7 +2949,7 @@
</dict>
<dict>
<key>line</key><integer>146</integer>
<key>col</key><integer>13</integer>
<key>col</key><integer>8</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
@ -3929,7 +3929,7 @@
</dict>
<dict>
<key>line</key><integer>178</integer>
<key>col</key><integer>14</integer>
<key>col</key><integer>9</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
@ -4185,7 +4185,7 @@
</dict>
<dict>
<key>line</key><integer>178</integer>
<key>col</key><integer>14</integer>
<key>col</key><integer>9</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
@ -4281,7 +4281,7 @@
</dict>
<dict>
<key>line</key><integer>181</integer>
<key>col</key><integer>14</integer>
<key>col</key><integer>9</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
@ -8087,7 +8087,7 @@
<key>location</key>
<dict>
<key>line</key><integer>267</integer>
<key>col</key><integer>18</integer>
<key>col</key><integer>19</integer>
<key>file</key><integer>0</integer>
</dict>
<key>ranges</key>
@ -8095,7 +8095,7 @@
<array>
<dict>
<key>line</key><integer>267</integer>
<key>col</key><integer>18</integer>
<key>col</key><integer>19</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
@ -8119,12 +8119,12 @@
<array>
<dict>
<key>line</key><integer>267</integer>
<key>col</key><integer>18</integer>
<key>col</key><integer>19</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
<key>line</key><integer>267</integer>
<key>col</key><integer>18</integer>
<key>col</key><integer>22</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
@ -11983,12 +11983,12 @@
<array>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>14</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
@ -12000,7 +12000,7 @@
<key>location</key>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<key>ranges</key>
@ -12008,7 +12008,7 @@
<array>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
@ -12032,12 +12032,12 @@
<array>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>14</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
@ -12244,12 +12244,12 @@
<array>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>14</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
@ -12261,7 +12261,7 @@
<key>location</key>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<key>ranges</key>
@ -12269,7 +12269,7 @@
<array>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
@ -12293,12 +12293,12 @@
<array>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>14</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
@ -12571,12 +12571,12 @@
<array>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>14</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
@ -12588,7 +12588,7 @@
<key>location</key>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<key>ranges</key>
@ -12596,7 +12596,7 @@
<array>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
@ -12620,12 +12620,12 @@
<array>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>14</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
@ -13128,12 +13128,12 @@
<array>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>14</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
@ -13145,7 +13145,7 @@
<key>location</key>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<key>ranges</key>
@ -13153,7 +13153,7 @@
<array>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
@ -13177,12 +13177,12 @@
<array>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>14</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
@ -13752,12 +13752,12 @@
<array>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>14</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
@ -13769,7 +13769,7 @@
<key>location</key>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<key>ranges</key>
@ -13777,7 +13777,7 @@
<array>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
@ -13801,12 +13801,12 @@
<array>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>14</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
@ -15295,12 +15295,12 @@
<array>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>14</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
@ -15312,7 +15312,7 @@
<key>location</key>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<key>ranges</key>
@ -15320,7 +15320,7 @@
<array>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
@ -15344,12 +15344,12 @@
<array>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>14</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
@ -16965,12 +16965,12 @@
<array>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>14</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
@ -16982,7 +16982,7 @@
<key>location</key>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<key>ranges</key>
@ -16990,7 +16990,7 @@
<array>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
@ -17014,12 +17014,12 @@
<array>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>14</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
@ -18860,12 +18860,12 @@
<array>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>14</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
@ -18877,7 +18877,7 @@
<key>location</key>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<key>ranges</key>
@ -18885,7 +18885,7 @@
<array>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
@ -18909,12 +18909,12 @@
<array>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>10</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
<key>line</key><integer>457</integer>
<key>col</key><integer>9</integer>
<key>col</key><integer>14</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
@ -22243,6 +22243,40 @@
</dict>
</array>
</dict>
<dict>
<key>kind</key><string>control</string>
<key>edges</key>
<array>
<dict>
<key>start</key>
<array>
<dict>
<key>line</key><integer>587</integer>
<key>col</key><integer>11</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
<key>line</key><integer>587</integer>
<key>col</key><integer>11</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
<key>end</key>
<array>
<dict>
<key>line</key><integer>587</integer>
<key>col</key><integer>11</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
<key>line</key><integer>587</integer>
<key>col</key><integer>11</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
</dict>
</array>
</dict>
<dict>
<key>kind</key><string>pop-up</string>
<key>location</key>
@ -22251,21 +22285,6 @@
<key>col</key><integer>11</integer>
<key>file</key><integer>0</integer>
</dict>
<key>ranges</key>
<array>
<array>
<dict>
<key>line</key><integer>587</integer>
<key>col</key><integer>11</integer>
<key>file</key><integer>0</integer>
</dict>
<dict>
<key>line</key><integer>587</integer>
<key>col</key><integer>16</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
</array>
<key>extended_message</key>
<string>Field &apos;b&apos; is equal to 2</string>
<key>message</key>

2
clang/test/Analysis/Inputs/expected-plists/inline-plist.c.plist
View File

@ -548,7 +548,7 @@
</dict>
<dict>
<key>line</key><integer>45</integer>
<key>col</key><integer>12</integer>
<key>col</key><integer>7</integer>
<key>file</key><integer>0</integer>
</dict>
</array>

2
clang/test/Analysis/Inputs/expected-plists/objc-radar17039661.m.plist
View File

@ -836,7 +836,7 @@
</dict>
<dict>
<key>line</key><integer>38</integer>
<key>col</key><integer>37</integer>
<key>col</key><integer>20</integer>
<key>file</key><integer>0</integer>
</dict>
</array>

8
clang/test/Analysis/Inputs/expected-plists/plist-output.m.plist
View File

@ -2513,7 +2513,7 @@
</dict>
<dict>
<key>line</key><integer>96</integer>
<key>col</key><integer>13</integer>
<key>col</key><integer>8</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
@ -2735,7 +2735,7 @@
</dict>
<dict>
<key>line</key><integer>96</integer>
<key>col</key><integer>13</integer>
<key>col</key><integer>8</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
@ -3554,7 +3554,7 @@
</dict>
<dict>
<key>line</key><integer>127</integer>
<key>col</key><integer>14</integer>
<key>col</key><integer>9</integer>
<key>file</key><integer>0</integer>
</dict>
</array>
@ -3776,7 +3776,7 @@
</dict>
<dict>
<key>line</key><integer>127</integer>
<key>col</key><integer>14</integer>
<key>col</key><integer>9</integer>
<key>file</key><integer>0</integer>
</dict>
</array>