aboutsummaryrefslogtreecommitdiff
path: root/lib/Analysis/GRExprEngineInternalChecks.cpp
diff options
context:
space:
mode:
authorTed Kremenek <kremenek@apple.com>2008-07-31 20:31:27 +0000
committerTed Kremenek <kremenek@apple.com>2008-07-31 20:31:27 +0000
commit22bda887aacd0e591978541a799aa43835652ec9 (patch)
treee19ef6ff57d2547524aa12743529fe02cab3f0c8 /lib/Analysis/GRExprEngineInternalChecks.cpp
parent69c8f0aab655257e9e532d9d53756acf4f7a2d78 (diff)
Enhanced path-sensitive return-of-stack-address check to print out the name of the variable whose address was returned.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@54253 91177308-0d34-0410-b5e6-96231b3b80d8
Diffstat (limited to 'lib/Analysis/GRExprEngineInternalChecks.cpp')
-rw-r--r--lib/Analysis/GRExprEngineInternalChecks.cpp30
1 files changed, 21 insertions, 9 deletions
diff --git a/lib/Analysis/GRExprEngineInternalChecks.cpp b/lib/Analysis/GRExprEngineInternalChecks.cpp
index 853c6544e8..05c4400126 100644
--- a/lib/Analysis/GRExprEngineInternalChecks.cpp
+++ b/lib/Analysis/GRExprEngineInternalChecks.cpp
@@ -15,7 +15,7 @@
#include "clang/Analysis/PathSensitive/BugReporter.h"
#include "clang/Analysis/PathSensitive/GRExprEngine.h"
#include "llvm/Support/Compiler.h"
-
+#include <sstream>
using namespace clang;
@@ -42,9 +42,12 @@ class VISIBILITY_HIDDEN BuiltinBug : public BugTypeCacheLocation {
const char* name;
const char* desc;
public:
- BuiltinBug(const char* n, const char* d) : name(n), desc(d) {}
+ BuiltinBug(const char* n, const char* d = 0) : name(n), desc(d) {}
virtual const char* getName() const { return name; }
- virtual const char* getDescription() const { return desc; }
+ virtual const char* getDescription() const {
+ return desc ? desc : name;
+ }
+
virtual void EmitBuiltinWarnings(BugReporter& BR, GRExprEngine& Eng) = 0;
virtual void EmitWarnings(BugReporter& BR) {
EmitBuiltinWarnings(BR, cast<GRBugReporter>(BR).getEngine());
@@ -177,20 +180,29 @@ public:
class VISIBILITY_HIDDEN RetStack : public BuiltinBug {
public:
- RetStack() : BuiltinBug("return of stack address",
- "Address of stack-allocated variable returned.") {}
+ RetStack() : BuiltinBug("return of stack address") {}
virtual void EmitBuiltinWarnings(BugReporter& BR, GRExprEngine& Eng) {
for (GRExprEngine::ret_stackaddr_iterator I=Eng.ret_stackaddr_begin(),
End = Eng.ret_stackaddr_end(); I!=End; ++I) {
-
- // Generate a report for this bug.
- RangedBugReport report(*this, *I);
-
+
ExplodedNode<ValueState>* N = *I;
Stmt *S = cast<PostStmt>(N->getLocation()).getStmt();
Expr* E = cast<ReturnStmt>(S)->getRetValue();
assert (E && "Return expression cannot be NULL");
+
+ // Get the value associated with E.
+ lval::DeclVal V =
+ cast<lval::DeclVal>(Eng.getStateManager().GetRVal(N->getState(), E));
+
+ // Generate a report for this bug.
+ std::ostringstream os;
+ os << "Address of stack memory associated with local variable '"
+ << V.getDecl()->getName() << "' returned.";
+
+ std::string s = os.str();
+
+ RangedBugReport report(*this, N, s.c_str());
report.addRange(E->getSourceRange());
// Emit the warning.
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2025-09-04 04:21:56 +0000