projects / platform / upstream / llvm.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f5a812c)
[analyzer] GenericTaint: Don't expect CallEvent to always have a Decl.
authorArtem Dergachev <artem.dergachev@gmail.com>
Mon, 20 Apr 2020 12:30:30 +0000 (15:30 +0300)
committerArtem Dergachev <artem.dergachev@gmail.com>
Mon, 20 Apr 2020 12:31:43 +0000 (15:31 +0300)
This isn't the case when the callee is completely unknown,
eg. when it is a symbolic function pointer.

clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp patch | blob | history
clang/test/Analysis/taint-generic.c patch | blob | history

diff --git a/clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp
index 1f3e749..c06d2fc 100644 (file)
--- a/clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp
+++ b/clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp
@@ -110,7 +110,9 @@ private:
 
     static Optional<FunctionData> create(const CallEvent &Call,
                                          const CheckerContext &C) {
-      assert(Call.getDecl());
+      if (!Call.getDecl())
+        return None;
+
       const FunctionDecl *FDecl = Call.getDecl()->getAsFunction();
       if (!FDecl || (FDecl->getKind() != Decl::Function &&
                      FDecl->getKind() != Decl::CXXMethod))
diff --git a/clang/test/Analysis/taint-generic.c b/clang/test/Analysis/taint-generic.c
index a299501..1cc1913 100644 (file)
--- a/clang/test/Analysis/taint-generic.c
+++ b/clang/test/Analysis/taint-generic.c
@@ -390,3 +390,7 @@ void testConfigurationSinks() {
   mySink(1, 2, x);
   // expected-warning@-1 {{Untrusted data is passed to a user-defined sink}}
 }
+
+void testUnknownFunction(void (*foo)(void)) {
+  foo(); // no-crash
+}
Domain: System / Toolchain;