void evalFreopen(const CallEvent &Call, CheckerContext &C) const;
void evalFclose(const CallEvent &Call, CheckerContext &C) const;
void evalFseek(const CallEvent &Call, CheckerContext &C) const;
-
void checkArgNullStream(const CallEvent &Call, CheckerContext &C,
unsigned ArgI) const;
- bool checkNullStream(SVal SV, CheckerContext &C,
- ProgramStateRef &State) const;
- void checkFseekWhence(SVal SV, CheckerContext &C,
- ProgramStateRef &State) const;
- bool checkDoubleClose(const CallEvent &Call, CheckerContext &C,
- ProgramStateRef &State) const;
+
+ ProgramStateRef checkNullStream(SVal SV, CheckerContext &C,
+ ProgramStateRef State) const;
+ ProgramStateRef checkFseekWhence(SVal SV, CheckerContext &C,
+ ProgramStateRef State) const;
+ ProgramStateRef checkDoubleClose(const CallEvent &Call, CheckerContext &C,
+ ProgramStateRef State) const;
};
} // end anonymous namespace
return;
// Do not allow NULL as passed stream pointer.
// This is not specified in the man page but may crash on some system.
- checkNullStream(*StreamVal, C, State);
- // Check if error was generated.
- if (C.isDifferent())
+ State = checkNullStream(*StreamVal, C, State);
+ if (!State)
return;
SymbolRef StreamSym = StreamVal->getAsSymbol();
void StreamChecker::evalFclose(const CallEvent &Call, CheckerContext &C) const {
ProgramStateRef State = C.getState();
- if (checkDoubleClose(Call, C, State))
+ State = checkDoubleClose(Call, C, State);
+ if (State)
C.addTransition(State);
}
ProgramStateRef State = C.getState();
- bool StateChanged = checkNullStream(Call.getArgSVal(0), C, State);
- // Check if error was generated.
- if (C.isDifferent())
+ State = checkNullStream(Call.getArgSVal(0), C, State);
+ if (!State)
return;
- // Check the legality of the 'whence' argument of 'fseek'.
- checkFseekWhence(State->getSVal(AE2, C.getLocationContext()), C, State);
+ State =
+ checkFseekWhence(State->getSVal(AE2, C.getLocationContext()), C, State);
+ if (!State)
+ return;
- if (!C.isDifferent() && StateChanged)
- C.addTransition(State);
+ C.addTransition(State);
}
void StreamChecker::checkArgNullStream(const CallEvent &Call, CheckerContext &C,
unsigned ArgI) const {
ProgramStateRef State = C.getState();
- if (checkNullStream(Call.getArgSVal(ArgI), C, State))
+ State = checkNullStream(Call.getArgSVal(ArgI), C, State);
+ if (State)
C.addTransition(State);
}
-bool StreamChecker::checkNullStream(SVal SV, CheckerContext &C,
- ProgramStateRef &State) const {
+ProgramStateRef StreamChecker::checkNullStream(SVal SV, CheckerContext &C,
+ ProgramStateRef State) const {
Optional<DefinedSVal> DV = SV.getAs<DefinedSVal>();
if (!DV)
- return false;
+ return State;
ConstraintManager &CM = C.getConstraintManager();
ProgramStateRef StateNotNull, StateNull;
C.emitReport(std::make_unique<PathSensitiveBugReport>(
*BT_nullfp, BT_nullfp->getDescription(), N));
}
- return false;
- }
-
- if (StateNotNull) {
- State = StateNotNull;
- return true;
+ return nullptr;
}
- return false;
+ return StateNotNull;
}
-void StreamChecker::checkFseekWhence(SVal SV, CheckerContext &C,
- ProgramStateRef &State) const {
+// Check the legality of the 'whence' argument of 'fseek'.
+ProgramStateRef StreamChecker::checkFseekWhence(SVal SV, CheckerContext &C,
+ ProgramStateRef State) const {
Optional<nonloc::ConcreteInt> CI = SV.getAs<nonloc::ConcreteInt>();
if (!CI)
- return;
+ return State;
int64_t X = CI->getValue().getSExtValue();
if (X >= 0 && X <= 2)
- return;
+ return State;
if (ExplodedNode *N = C.generateNonFatalErrorNode(State)) {
if (!BT_illegalwhence)
"SEEK_SET, SEEK_END, or SEEK_CUR."));
C.emitReport(std::make_unique<PathSensitiveBugReport>(
*BT_illegalwhence, BT_illegalwhence->getDescription(), N));
+ return nullptr;
}
+
+ return State;
}
-bool StreamChecker::checkDoubleClose(const CallEvent &Call, CheckerContext &C,
- ProgramStateRef &State) const {
+ProgramStateRef StreamChecker::checkDoubleClose(const CallEvent &Call,
+ CheckerContext &C,
+ ProgramStateRef State) const {
SymbolRef Sym = Call.getArgSVal(0).getAsSymbol();
if (!Sym)
- return false;
+ return State;
const StreamState *SS = State->get<StreamMap>(Sym);
// If the file stream is not tracked, return.
if (!SS)
- return false;
+ return State;
// Check: Double close a File Descriptor could cause undefined behaviour.
// Conforming to man-pages
" closed. Cause undefined behaviour."));
C.emitReport(std::make_unique<PathSensitiveBugReport>(
*BT_doubleclose, BT_doubleclose->getDescription(), N));
+ return nullptr;
}
- return false;
+
+ return State;
}
// Close the File Descriptor.
State = State->set<StreamMap>(Sym, StreamState::getClosed());
- return true;
+ return State;
}
void StreamChecker::checkDeadSymbols(SymbolReaper &SymReaper,
projects / platform / upstream / llvm.git / commitdiff