diff options
| -rw-r--r-- | lib/StaticAnalyzer/Core/SimpleSValBuilder.cpp | 3 | ||||
| -rw-r--r-- | test/Analysis/misc-ps-region-store.cpp | 19 |
2 files changed, 21 insertions, 1 deletions
diff --git a/lib/StaticAnalyzer/Core/SimpleSValBuilder.cpp b/lib/StaticAnalyzer/Core/SimpleSValBuilder.cpp index d6062eaa90..5d80251151 100644 --- a/lib/StaticAnalyzer/Core/SimpleSValBuilder.cpp +++ b/lib/StaticAnalyzer/Core/SimpleSValBuilder.cpp @@ -873,7 +873,8 @@ SVal SimpleSValBuilder::evalBinOpLN(const GRState *state, QualType elementType; if (const ElementRegion *elemReg = dyn_cast<ElementRegion>(region)) { - index = evalBinOpNN(state, BO_Add, elemReg->getIndex(), rhs, + assert(op == BO_Add || op == BO_Sub); + index = evalBinOpNN(state, op, elemReg->getIndex(), rhs, getArrayIndexType()); superR = elemReg->getSuperRegion(); elementType = elemReg->getElementType(); diff --git a/test/Analysis/misc-ps-region-store.cpp b/test/Analysis/misc-ps-region-store.cpp index aaf1381099..1846bdb397 100644 --- a/test/Analysis/misc-ps-region-store.cpp +++ b/test/Analysis/misc-ps-region-store.cpp @@ -360,3 +360,22 @@ int test_invalidate_class() { return y.x; // no-warning } +// Test correct pointer arithmetic using 'p--'. This is to warn that we +// were loading beyond the written characters in buf. +char *RDar9269695(char *dst, unsigned int n) +{ + char buff[40], *p; + + p = buff; + do + *p++ = '0' + n % 10; + while (n /= 10); + + do + *dst++ = *--p; // no-warning + while (p != buff); + + return dst; +} + + |