Eliminates an assert in the strncpy/strncat checker caused by not validating a cast was successful. If the value of an argument was unknown, the cast would result in a NULL pointer which was later being dereferenced.

This fixes Bugzilla #9806. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@130422 91177308-0d34-0410-b5e6-96231b3b80d8
author: Lenny Maiorani <lenny@colorado.edu> 2011-04-28 18:59:43 +0000
committer: Lenny Maiorani <lenny@colorado.edu> 2011-04-28 18:59:43 +0000
commit: 508c627db67ea4b53439fbcd688145f24d9c0400 (patch)
tree: c2a889733f19d795d8045d089813e37487232864 /lib/StaticAnalyzer/Checkers/CStringChecker.cpp
parent: 3b4d490b09347e0b68ec0511ddfae79dfaba77a6 (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/lib/StaticAnalyzer/Checkers/CStringChecker.cpp b/lib/StaticAnalyzer/Checkers/CStringChecker.cpp
index 8e9c7899b0..534b887f3b 100644
--- a/lib/StaticAnalyzer/Checkers/CStringChecker.cpp
+++ b/lib/StaticAnalyzer/Checkers/CStringChecker.cpp
@@ -1017,8 +1017,15 @@ void CStringChecker::evalStrcpyCommon(CheckerContext &C, const CallExpr *CE,
     const Expr *lenExpr = CE->getArg(2);
     SVal lenVal = state->getSVal(lenExpr);
 
+    // Cast the length to a NonLoc SVal. If it is not a NonLoc then give up.
     NonLoc *strLengthNL = dyn_cast<NonLoc>(&strLength);
+    if (!strLengthNL)
+      return;
+
+    // Cast the max length to a NonLoc SVal. If it is not a NonLoc then give up.
     NonLoc *lenValNL = dyn_cast<NonLoc>(&lenVal);
+    if (!lenValNL)
+      return;
 
     QualType cmpTy = C.getSValBuilder().getContext().IntTy;
     const GRState *stateTrue, *stateFalse;
author	Lenny Maiorani <lenny@colorado.edu>	2011-04-28 18:59:43 +0000
committer	Lenny Maiorani <lenny@colorado.edu>	2011-04-28 18:59:43 +0000
commit	508c627db67ea4b53439fbcd688145f24d9c0400 (patch)
tree	c2a889733f19d795d8045d089813e37487232864 /lib/StaticAnalyzer/Checkers/CStringChecker.cpp
parent	3b4d490b09347e0b68ec0511ddfae79dfaba77a6 (diff)