diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/StaticAnalyzer/Checkers/CStringChecker.cpp | 9 | ||||
| -rw-r--r-- | lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp | 5 | ||||
| -rw-r--r-- | lib/StaticAnalyzer/Core/SValBuilder.cpp | 2 |
3 files changed, 11 insertions, 5 deletions
diff --git a/lib/StaticAnalyzer/Checkers/CStringChecker.cpp b/lib/StaticAnalyzer/Checkers/CStringChecker.cpp index ff9d8689f6..49d8bf5388 100644 --- a/lib/StaticAnalyzer/Checkers/CStringChecker.cpp +++ b/lib/StaticAnalyzer/Checkers/CStringChecker.cpp @@ -532,10 +532,11 @@ const ProgramState *CStringChecker::checkAdditionOverflow(CheckerContext &C, const llvm::APSInt &maxValInt = BVF.getMaxValue(sizeTy); NonLoc maxVal = svalBuilder.makeIntVal(maxValInt); - SVal maxMinusRight = svalBuilder.evalBinOpNN(state, BO_Sub, maxVal, right, - sizeTy); - - if (maxMinusRight.isUnknownOrUndef()) { + SVal maxMinusRight; + if (isa<nonloc::ConcreteInt>(right)) { + maxMinusRight = svalBuilder.evalBinOpNN(state, BO_Sub, maxVal, right, + sizeTy); + } else { // Try switching the operands. (The order of these two assignments is // important!) maxMinusRight = svalBuilder.evalBinOpNN(state, BO_Sub, maxVal, left, diff --git a/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp b/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp index c8e54efb67..76405a2db2 100644 --- a/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp +++ b/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp @@ -77,6 +77,11 @@ SymbolRef GenericTaintChecker::getPointedToSymbol(CheckerContext &C, bool IssueWarning) const { const ProgramState *State = C.getState(); SVal AddrVal = State->getSVal(Arg->IgnoreParenCasts()); + + // TODO: Taint is not going to propagate? + if (AddrVal.isUnknownOrUndef()) + return 0; + Loc *AddrLoc = dyn_cast<Loc>(&AddrVal); if (!AddrLoc && !IssueWarning) diff --git a/lib/StaticAnalyzer/Core/SValBuilder.cpp b/lib/StaticAnalyzer/Core/SValBuilder.cpp index cc2a8cb4d6..5eabbbeaaa 100644 --- a/lib/StaticAnalyzer/Core/SValBuilder.cpp +++ b/lib/StaticAnalyzer/Core/SValBuilder.cpp @@ -183,7 +183,7 @@ SVal SValBuilder::makeGenericVal(const ProgramState *State, if (const nonloc::ConcreteInt *lInt = dyn_cast<nonloc::ConcreteInt>(&LHS)) { symRHS = RHS.getAsSymExpr(); - return makeNonLoc(symRHS, Op, lInt->getValue(), ResultTy); + return makeNonLoc(lInt->getValue(), Op, symRHS, ResultTy); } symLHS = LHS.getAsSymExpr(); |