[analyzer] CStringChecker: Remember to highlight the argument expression range.

When emitting a bug report, it is important to highlight which argument of the
call-expression is causing the problem.

Before:
warning: Null pointer argument in call to string comparison function
  strcmp(a, b);
  ^~~~~~~~~~~~

After:
warning: Null pointer argument in call to string comparison function
  strcmp(a, b);
  ^      ~

Affects other output modes as well, not just text.

Differential Revision: https://reviews.llvm.org/D50028

llvm-svn: 338333

diff --git a/clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp
index 278452e..12a576e 100644 (file)
--- a/clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp
+++ b/clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp
@@ -552,6 +552,7 @@ void CStringChecker::emitNullArgBug(CheckerContext &C, ProgramStateRef State,
 
     BuiltinBug *BT = static_cast<BuiltinBug *>(BT_Null.get());
     auto Report = llvm::make_unique<BugReport>(*BT, WarningMsg, N);
+    Report->addRange(S->getSourceRange());
     bugreporter::trackNullOrUndefValue(N, S, *Report);
     C.emitReport(std::move(Report));
   }

diff --git a/clang/test/Analysis/cstring-ranges.c b/clang/test/Analysis/cstring-ranges.c
new file mode 100644 (file)
index 0000000..4fcd7ea
--- /dev/null
+++ b/clang/test/Analysis/cstring-ranges.c
@@ -0,0 +1,15 @@
+// RUN: %clang_analyze_cc1 -analyzer-checker=unix.cstring -analyzer-output=text %s 2>&1 | FileCheck %s
+
+// This test verifies argument source range highlighting.
+// Otherwise we've no idea which of the arguments is null.
+
+char *strcpy(char *, const char *);
+
+void foo() {
+  char *a = 0, *b = 0;
+  strcpy(a, b);
+}
+
+// CHECK: warning: Null pointer argument in call to string copy function
+// CHECK-NEXT: strcpy(a, b);
+// CHECK-NEXT: ^      ~