From 982a87ab74d8d050ae56164fcead7cf19038b077 Mon Sep 17 00:00:00 2001 From: "Manna, Soumi" Date: Thu, 22 Jun 2023 12:52:25 -0700 Subject: [PATCH] [CLANG] Fix potential null pointer dereference bugs This patch uses castAs instead of getAs which will assert if the type doesn't match and adds nullptr check if needed. Also this patch improves the codes and passes I.getData() instead of doing a lookup in dumpVarDefinitionName() since we're iterating over the same map in LocalVariableMap::dumpContex(). Reviewed By: aaron.ballman, aaronpuchert Differential Revision: https://reviews.llvm.org/D153033 --- clang/lib/AST/ASTContext.cpp | 3 +++ clang/lib/AST/MicrosoftMangle.cpp | 2 +- clang/lib/Analysis/ThreadSafety.cpp | 3 +-- clang/lib/Sema/SemaExpr.cpp | 3 ++- clang/lib/StaticAnalyzer/Checkers/StreamChecker.cpp | 10 ++++++---- 5 files changed, 13 insertions(+), 8 deletions(-) diff --git a/clang/lib/AST/ASTContext.cpp b/clang/lib/AST/ASTContext.cpp index 8fb62dd..dd040a3 100644 --- a/clang/lib/AST/ASTContext.cpp +++ b/clang/lib/AST/ASTContext.cpp @@ -10030,6 +10030,9 @@ static bool sameObjCTypeArgs(ASTContext &ctx, return false; ObjCTypeParamList *typeParams = iface->getTypeParamList(); + if (!typeParams) + return false; + for (unsigned i = 0, n = lhsArgs.size(); i != n; ++i) { if (ctx.hasSameType(lhsArgs[i], rhsArgs[i])) continue; diff --git a/clang/lib/AST/MicrosoftMangle.cpp b/clang/lib/AST/MicrosoftMangle.cpp index 1f9687e..9fede7b 100644 --- a/clang/lib/AST/MicrosoftMangle.cpp +++ b/clang/lib/AST/MicrosoftMangle.cpp @@ -2689,7 +2689,7 @@ void MicrosoftCXXNameMangler::mangleFunctionType(const FunctionType *T, // Copy constructor closure always takes an unqualified reference. mangleFunctionArgumentType(getASTContext().getLValueReferenceType( Proto->getParamType(0) - ->getAs() + ->castAs() ->getPointeeType(), /*SpelledAsLValue=*/true), Range); diff --git a/clang/lib/Analysis/ThreadSafety.cpp b/clang/lib/Analysis/ThreadSafety.cpp index ef7d2cf..087994e 100644 --- a/clang/lib/Analysis/ThreadSafety.cpp +++ b/clang/lib/Analysis/ThreadSafety.cpp @@ -502,9 +502,8 @@ public: for (Context::iterator I = C.begin(), E = C.end(); I != E; ++I) { const NamedDecl *D = I.getKey(); D->printName(llvm::errs()); - const unsigned *i = C.lookup(D); llvm::errs() << " -> "; - dumpVarDefinitionName(*i); + dumpVarDefinitionName(I.getData()); llvm::errs() << "\n"; } } diff --git a/clang/lib/Sema/SemaExpr.cpp b/clang/lib/Sema/SemaExpr.cpp index ba5077e..3d9c2b1 100644 --- a/clang/lib/Sema/SemaExpr.cpp +++ b/clang/lib/Sema/SemaExpr.cpp @@ -4955,7 +4955,8 @@ ExprResult Sema::ActOnArraySubscriptExpr(Scope *S, Expr *base, }; // The matrix subscript operator ([][])is considered a single operator. // Separating the index expressions by parenthesis is not allowed. - if (base->hasPlaceholderType(BuiltinType::IncompleteMatrixIdx) && + if (base && !base->getType().isNull() && + base->hasPlaceholderType(BuiltinType::IncompleteMatrixIdx) && !isa(base)) { Diag(base->getExprLoc(), diag::err_matrix_separate_incomplete_index) << SourceRange(base->getBeginLoc(), rbLoc); diff --git a/clang/lib/StaticAnalyzer/Checkers/StreamChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/StreamChecker.cpp index d2ddb5c..5081ff6 100644 --- a/clang/lib/StaticAnalyzer/Checkers/StreamChecker.cpp +++ b/clang/lib/StaticAnalyzer/Checkers/StreamChecker.cpp @@ -1204,10 +1204,12 @@ StreamChecker::reportLeaks(const SmallVector &LeakedSyms, // FIXME: Add a checker option to turn this uniqueing feature off. const ExplodedNode *StreamOpenNode = getAcquisitionSite(Err, LeakSym, C); assert(StreamOpenNode && "Could not find place of stream opening."); - PathDiagnosticLocation LocUsedForUniqueing = - PathDiagnosticLocation::createBegin( - StreamOpenNode->getStmtForDiagnostics(), C.getSourceManager(), - StreamOpenNode->getLocationContext()); + + PathDiagnosticLocation LocUsedForUniqueing; + if (const Stmt *StreamStmt = StreamOpenNode->getStmtForDiagnostics()) + LocUsedForUniqueing = PathDiagnosticLocation::createBegin( + StreamStmt, C.getSourceManager(), + StreamOpenNode->getLocationContext()); std::unique_ptr R = std::make_unique( -- 2.7.4