From 379b6394d9ca254593b77ec3c0028e6d820715e4 Mon Sep 17 00:00:00 2001 From: Balazs Benics Date: Thu, 26 Aug 2021 15:29:32 +0200 Subject: [PATCH] Revert "[analyzer] Extend the documentation of MallocOverflow" This reverts commit 6097a41924584b613153237d8e66e9660001ce7d. --- clang/docs/analyzer/checkers.rst | 29 +---------------------------- 1 file changed, 1 insertion(+), 28 deletions(-) diff --git a/clang/docs/analyzer/checkers.rst b/clang/docs/analyzer/checkers.rst index 66c540e..9a74dff 100644 --- a/clang/docs/analyzer/checkers.rst +++ b/clang/docs/analyzer/checkers.rst @@ -2154,14 +2154,7 @@ Warn about buffer overflows (newer checker). alpha.security.MallocOverflow (C) """"""""""""""""""""""""""""""""" -Check for overflows in the arguments to ``malloc()``. -It tries to catch ``malloc(n * c)`` patterns, where: - - ``n``: a variable or member access of an object - - ``c``: a constant foldable integral - -This checker was designed for code audits, so expect false-positive reports. -One is supposed to silence this checker by ensuring proper bounds checking on -the variable in question using e.g. an ``assert()`` or a branch. +Check for overflows in the arguments to malloc(). .. code-block:: c @@ -2175,26 +2168,6 @@ the variable in question using e.g. an ``assert()`` or a branch. void *p = malloc(n * sizeof(int)); // no warning } - void test3(int n) { - assert(n <= 100 && "Contract violated."); - void *p = malloc(n * sizeof(int)); // no warning - } - -Limitations: - - The checker won't warn for variables involved in explicit casts, - since that might limit the variable's domain. - E.g.: ``(unsigned char)int x`` would limit the domain to ``[0,255]``. - The checker will miss the true-positive cases when the explicit cast would - not tighten the domain to prevent the overflow in the subsequent - multiplication operation. - - - If the variable ``n`` participates in a comparison anywhere in the enclosing - function's scope, even after the ``malloc()``, the report will be still - suppressed. - - - It is an AST-based checker, thus it does not make use of the - path-sensitive taint-analysis. - .. _alpha-security-MmapWriteExec: alpha.security.MmapWriteExec (C) -- 2.7.4