Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://clang.llvm.org/doxygen/ArrayBoundCheckerV2_8cpp_source.html below:

clang: lib/StaticAnalyzer/Checkers/ArrayBoundCheckerV2.cpp Source File

;

std::optional<QualType> determineElementType(

*

,

*ASE = dyn_cast<ArraySubscriptExpr>(

);

*SubscriptBaseReg =

.getSVal(ASE->getBase()).getAsRegion();

(!SubscriptBaseReg)

(isa<ElementRegion>(SubscriptBaseReg->

()))

ASE->getType();

std::optional<int64_t>

determineElementSize(

std::optional<QualType>

,

&

) {

.getASTContext().getTypeSizeInChars(*T).getQuantity();

StateUpdateReporter {

ByteOffsetVal;

std::optional<QualType> ElementType;

std::optional<int64_t> ElementSize;

AssumedNonNegative =

;

std::optional<NonLoc> AssumedUpperBound = std::nullopt;

: Reg(R), ByteOffsetVal(ByteOffsVal),

ElementType(determineElementType(

,

)),

ElementSize(determineElementSize(ElementType,

)) {}

recordNonNegativeAssumption() { AssumedNonNegative =

; }

recordUpperBoundAssumption(

UpperBoundVal) {

AssumedUpperBound = UpperBoundVal;

assumedNonNegative() {

AssumedNonNegative; }

providesInformationAboutInteresting(

Sym,

providesInformationAboutInteresting(

SV,

providesInformationAboutInteresting(SV.

(), BR);

ArrayBoundCheckerV2 :

<check::PostStmt<ArraySubscriptExpr>,

check::PostStmt<UnaryOperator>,

check::PostStmt<MemberExpr>> {

BT{

,

};

Offset, std::optional<NonLoc> Extent,

IsTaintBug =

)

;

performCheck(

,

);

(

->getOpcode() == UO_Deref)

performCheck(

,

);

performCheck(

->getBase(),

);

std::optional<std::pair<const SubRegion *, NonLoc>>

dyn_cast_or_null<ElementRegion>(Location.

());

Delta = EvalBinOp(BO_Mul, *Index, Size);

Offset = EvalBinOp(BO_Add, *Offset, *Delta);

CurRegion = dyn_cast_or_null<ElementRegion>(OwnerRegion);

std::make_pair(OwnerRegion, *Offset);

std::pair<NonLoc, nonloc::ConcreteInt>

llvm::APSInt &extentVal = extent.

();

(SymVal && SymVal->isExpression()) {

(

*SIE = dyn_cast<SymIntExpr>(SymVal->getSymbol())) {

(SIE->getOpcode()) {

((extentVal % constant) != 0)

std::pair<NonLoc, nonloc::ConcreteInt>(offset, extent);

svalBuilder.

(extentVal / constant), svalBuilder);

svalBuilder.

(extentVal - constant), svalBuilder);

std::pair<NonLoc, nonloc::ConcreteInt>(offset, extent);

MaxV && MaxV->isNegative();

std::pair<ProgramStateRef, ProgramStateRef>

{

, State};

{State,

};

{

, State};

BelowThreshold =

State->assume(*BelowThreshold);

{

,

};

(StringRef Name = FR->getDecl()->getName(); !Name.empty())

formatv(

, Name);

;

(isa<AllocaRegion>(Region))

;

(isa<SymbolicRegion>(Region) &&

;

(isa<StringRegion>(Region))

;

;

ConcreteVal->getValue()->tryExtValue();

std::string RegName =

(Region), OffsetStr =

;

OffsetStr = formatv(

, ConcreteOffset);

formatv(

, RegName),

formatv(

, RegName, OffsetStr)};

std::optional<int64_t> &Val2, int64_t Divisor) {

Val1HasRemainder = Val1 && *Val1 % Divisor;

Val2HasRemainder = Val2 && *Val2 % Divisor;

(!Val1HasRemainder && !Val2HasRemainder) {

AlsoMentionUnderflow) {

assert(EReg &&

);

ElemType = EReg->getElementType();

UseByteOffsets = !

(OffsetN, ExtentN, ElemSize);

*OffsetOrIndex = UseByteOffsets ?

:

;

llvm::raw_svector_ostream Out(Buf);

Out <<

;

(!ExtentN && !UseByteOffsets)

Out <<

<< ElemType.

() <<

;

Out << RegName <<

;

(AlsoMentionUnderflow) {

Out <<

<< OffsetOrIndex;

}

(OffsetN) {

Out << OffsetOrIndex <<

<< *OffsetN;

Out <<

<< OffsetOrIndex;

Out <<

;

Out <<

<< ElemType.

() <<

;

{formatv(

,

AlsoMentionUnderflow ?

:

,

AlsoMentionUnderflow) {

{formatv(

,

RegName, OffsetName),

formatv(

,

AlsoMentionUnderflow ?

:

)};

(!AssumedNonNegative && !AssumedUpperBound)

getMessage(BR);

ShouldReportNonNegative = AssumedNonNegative;

(!providesInformationAboutInteresting(ByteOffsetVal, BR)) {

(AssumedUpperBound &&

providesInformationAboutInteresting(*AssumedUpperBound, BR)) {

ShouldReportNonNegative =

;

UseIndex =

ElementSize &&

(OffsetN, ExtentN, *ElementSize);

llvm::raw_svector_ostream Out(Buf);

Out <<

<< OffsetN <<

;

}

(AssumedUpperBound) {

Out <<

;

Out <<

<< OffsetN <<

;

(ShouldReportNonNegative) {

Out <<

;

(AssumedUpperBound) {

(ShouldReportNonNegative)

Out <<

;

Out << *ExtentN <<

;

(UseIndex && ElementType)

Out <<

<< ElementType->getAsString()

<<

;

Out <<

;

std::string(Out.str());

StateUpdateReporter::providesInformationAboutInteresting(

(isa<SymSymExpr>(PartSym))

Location =

.getSVal(

);

(isFromCtypeMacro(

,

.getASTContext()))

std::optional<std::pair<const SubRegion *, NonLoc>> &RawOffset =

[Reg, ByteOffset] = *RawOffset;

StateUpdateReporter SUR(Reg, ByteOffset,

,

);

(!(isa<SymbolicRegion>(Reg) && isa<UnknownSpaceRegion>(Space))) {

(PrecedesLowerBound) {

(!WithinLowerBound) {

reportOOB(

, PrecedesLowerBound, Msgs, ByteOffset, std::nullopt);

SUR.recordNonNegativeAssumption();

(WithinLowerBound)

State = WithinLowerBound;

(

KnownSize =

.getAs<

>()) {

AlsoMentionUnderflow = SUR.assumedNonNegative();

[WithinUpperBound, ExceedsUpperBound] =

(ExceedsUpperBound) {

(!WithinUpperBound) {

(isIdiomaticPastTheEndPtr(

, ExceedsUpperBound, ByteOffset,

.addTransition(ExceedsUpperBound, SUR.createNoteTag(

));

Location, AlsoMentionUnderflow);

reportOOB(

, ExceedsUpperBound, Msgs, ByteOffset, KnownSize);

*OffsetName =

;

(

*ASE = dyn_cast<ArraySubscriptExpr>(

))

(

(State, ASE->getIdx(),

.getLocationContext()))

OffsetName =

;

Messages Msgs =

(Reg, OffsetName, AlsoMentionUnderflow);

reportOOB(

, ExceedsUpperBound, Msgs, ByteOffset, KnownSize,

SUR.recordUpperBoundAssumption(*KnownSize);

(WithinUpperBound)

State = WithinUpperBound;

.addTransition(State, SUR.createNoteTag(

));

Val,

MarkTaint) {

Offset, std::optional<NonLoc> Extent,

IsTaintBug

)

{

BR = std::make_unique<PathSensitiveBugReport>(

IsTaintBug ? TaintBT : BT, Msgs.Short, Msgs.Full, ErrorNode);

markPartsInteresting(*BR, ErrorState, Offset, IsTaintBug);

markPartsInteresting(*BR, ErrorState, *Extent, IsTaintBug);

.emitReport(std::move(BR));

ArrayBoundCheckerV2::isFromCtypeMacro(

*S,

&ACtx) {

(!

.isMacroID())

(MacroName.size() < 7 || MacroName[0] !=

|| MacroName[1] !=

)

((MacroName ==

) || (MacroName ==

) ||

(MacroName ==

) || (MacroName ==

) ||

(MacroName ==

) || (MacroName ==

) ||

(MacroName ==

) || (MacroName ==

) ||

(MacroName ==

) || (MacroName ==

) ||

(MacroName ==

) || (MacroName ==

));

ArrayBoundCheckerV2::isInAddressOf(

*S,

&ACtx) {

(Parents.

())

S = Parents[0].get<

>();

}

(isa_and_nonnull<ParenExpr, ImplicitCastExpr>(S));

*UnaryOp = dyn_cast_or_null<UnaryOperator>(S);

UnaryOp && UnaryOp->getOpcode() == UO_AddrOf;

ArrayBoundCheckerV2::isIdiomaticPastTheEndPtr(

*

,

(isa<ArraySubscriptExpr>(

) && isInAddressOf(

,

.getASTContext())) {

State, Offset, Limit,

.getSValBuilder(),

);

EqualsToThreshold && !NotEqualToThreshold;

ento::shouldRegisterArrayBoundCheckerV2(

&mgr) {

static std::pair< ProgramStateRef, ProgramStateRef > compareValueToThreshold(ProgramStateRef State, NonLoc Value, NonLoc Threshold, SValBuilder &SVB, bool CheckEquality=false)

static Messages getExceedsMsgs(ASTContext &ACtx, const SubRegion *Region, NonLoc Offset, NonLoc Extent, SVal Location, bool AlsoMentionUnderflow)

static std::optional< std::pair< const SubRegion *, NonLoc > > computeOffset(ProgramStateRef State, SValBuilder &SVB, SVal Location)

For a given Location that can be represented as a symbolic expression Arr[Idx] (or perhaps Arr[Idx1][...

static Messages getTaintMsgs(const SubRegion *Region, const char *OffsetName, bool AlsoMentionUnderflow)

static bool isNegative(SValBuilder &SVB, ProgramStateRef State, NonLoc Value)

static std::string getRegionName(const SubRegion *Region)

static std::optional< int64_t > getConcreteValue(NonLoc SV)

static Messages getPrecedesMsgs(const SubRegion *Region, NonLoc Offset)

static bool isUnsigned(SValBuilder &SVB, NonLoc Value)

static std::pair< NonLoc, nonloc::ConcreteInt > getSimplifiedOffsets(NonLoc offset, nonloc::ConcreteInt extent, SValBuilder &svalBuilder)

static bool tryDividePair(std::optional< int64_t > &Val1, std::optional< int64_t > &Val2, int64_t Divisor)

Try to divide Val1 and Val2 (in place) by Divisor and return true if it can be performed (Divisor is ...

Holds long-lived AST nodes (such as types and decls) that can be referred to throughout the semantic ...

SourceManager & getSourceManager()

ParentMapContext & getParentMapContext()

Returns the dynamic AST node parent map context.

const LangOptions & getLangOpts() const

CharUnits getTypeSizeInChars(QualType T) const

Return the size of the specified (complete) type T, in characters.

ArraySubscriptExpr - [C99 6.5.2.1] Array Subscripting.

QuantityType getQuantity() const

getQuantity - Get the raw integer representation of this quantity.

Container for either a single DynTypedNode or for an ArrayRef to DynTypedNode.

This represents one expression.

static StringRef getImmediateMacroName(SourceLocation Loc, const SourceManager &SM, const LangOptions &LangOpts)

Retrieve the name of the immediate macro expansion.

MemberExpr - [C99 6.5.2.3] Structure and Union Members.

DynTypedNodeList getParents(const NodeT &Node)

Returns the parents of the given node (within the traversal scope).

A (possibly-)qualified type.

static std::string getAsString(SplitQualType split, const PrintingPolicy &Policy)

Encodes a location in the source.

Stmt - This represents one statement.

bool isIncompleteType(NamedDecl **Def=nullptr) const

Types are partitioned into 3 broad categories (C99 6.2.5p1): object types, function types,...

bool isUnsignedIntegerType() const

Return true if this is an integer type that is unsigned, according to C99 6.2.5p6 [which returns true...

UnaryOperator - This represents the unary-expression's (except sizeof and alignof),...

A record of the "type" of an APSInt, used for conversions.

llvm::APSInt convert(const llvm::APSInt &Value) const LLVM_READONLY

Convert and return a new APSInt with the given value, but this type's bit width and signedness.

Template implementation for all binary symbolic expressions.

CHECKER * registerChecker(AT &&... Args)

Used to register checkers.

ElementRegion is used to represent both array elements and casts.

QualType getElementType() const

MemRegion - The root abstract class for all memory regions.

LLVM_ATTRIBUTE_RETURNS_NONNULL const MemSpaceRegion * getMemorySpace() const

LLVM_ATTRIBUTE_RETURNS_NONNULL const MemRegion * StripCasts(bool StripBaseAndDerivedCasts=true) const

std::string getDescriptiveName(bool UseQuotes=true) const

Get descriptive name for memory region.

const RegionTy * getAs() const

MemSpaceRegion - A memory region that represents a "memory space"; for example, the set of global var...

The tag upon which the TagVisitor reacts.

void markInteresting(SymbolRef sym, bugreporter::TrackingKind TKind=bugreporter::TrackingKind::Thorough)

Marks a symbol as interesting.

bool isInteresting(SymbolRef sym) const

NonLoc makeArrayIndex(uint64_t idx)

ASTContext & getContext()

nonloc::ConcreteInt makeIntVal(const IntegerLiteral *integer)

QualType getArrayIndexType() const

virtual SVal evalBinOpNN(ProgramStateRef state, BinaryOperator::Opcode op, NonLoc lhs, NonLoc rhs, QualType resultTy)=0

Create a new value which represents a binary expression with two non- location operands.

QualType getConditionType() const

virtual const llvm::APSInt * getMaxValue(ProgramStateRef state, SVal val)=0

Tries to get the maximal possible (integer) value of a given SVal.

NonLoc makeZeroArrayIndex()

SVal - This represents a symbolic expression, which can be either an L-value or an R-value.

SymbolRef getAsSymbol(bool IncludeBaseRegions=false) const

If this SVal wraps a symbol return that SymbolRef.

std::optional< T > getAs() const

Convert to the specified SVal type, returning std::nullopt if this SVal is not of the desired type.

const MemRegion * getAsRegion() const

SubRegion - A region that subsets another larger region.

LLVM_ATTRIBUTE_RETURNS_NONNULL const MemRegion * getSuperRegion() const

llvm::iterator_range< symbol_iterator > symbols() const

Value representing integer constant.

APSIntPtr getValue() const

Represents symbolic expression that isn't a location.

const char *const TaintedData

std::vector< SymbolRef > getTaintedSymbols(ProgramStateRef State, const Stmt *S, const LocationContext *LCtx, TaintTagType Kind=TaintTagGeneric)

Returns the tainted Symbols for a given Statement and state.

bool isTainted(ProgramStateRef State, const Stmt *S, const LocationContext *LCtx, TaintTagType Kind=TaintTagGeneric)

Check if the statement has a tainted value in the given state.

DefinedOrUnknownSVal getDynamicExtent(ProgramStateRef State, const MemRegion *MR, SValBuilder &SVB)

The JSON file list parser is used to communicate input to InstallAPI.

const FunctionProtoType * T

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4