vendor/clang/clang-trunk-r256633

author: Dimitry Andric <dim@FreeBSD.org> 2015-12-30 11:49:41 +0000
committer: Dimitry Andric <dim@FreeBSD.org> 2015-12-30 11:49:41 +0000
commit: 45b533945f0851ec234ca846e1af5ee1e4df0b6e (patch)
tree: 0a5b74c0b9ca73aded34df95c91fcaf3815230d8 /test/Analysis/malloc-overflow2.c
parent: 7e86edd64bfae4e324224452e4ea879b3371a4bd (diff)
1 files changed, 36 insertions, 0 deletions
diff --git a/test/Analysis/malloc-overflow2.c b/test/Analysis/malloc-overflow2.c
new file mode 100644
index 0000000000000..83a2c02213b20
--- /dev/null
+++ b/test/Analysis/malloc-overflow2.c
@@ -0,0 +1,36 @@
+// RUN: %clang_cc1 -triple x86_64-unknown-unknown -analyze -analyzer-checker=alpha.security.MallocOverflow,unix -verify %s
+
+typedef __typeof__(sizeof(int)) size_t;
+extern void *malloc(size_t);
+extern void free(void *ptr);
+
+void *malloc(unsigned long s);
+
+struct table {
+  int nentry;
+  unsigned *table;
+  unsigned offset_max;
+};
+
+static int table_build(struct table *t) {
+
+  t->nentry = ((t->offset_max >> 2) + 31) / 32;
+  t->table = (unsigned *)malloc(sizeof(unsigned) * t->nentry); // expected-warning {{the computation of the size of the memory allocation may overflow}}
+
+  int n;
+  n = 10000;
+  int *p = malloc(sizeof(int) * n); // no-warning
+
+  free(p);
+  return t->nentry;
+}
+
+static int table_build_1(struct table *t) {
+  t->nentry = (sizeof(struct table) * 2 + 31) / 32;
+  t->table = (unsigned *)malloc(sizeof(unsigned) * t->nentry); // no-warning
+  return t->nentry;
+}
+
+void *f(int n) {
+  return malloc(n * 0 * sizeof(int)); // expected-warning {{Call to 'malloc' has an allocation size of 0 bytes}}
+}
author	Dimitry Andric <dim@FreeBSD.org>	2015-12-30 11:49:41 +0000
committer	Dimitry Andric <dim@FreeBSD.org>	2015-12-30 11:49:41 +0000
commit	45b533945f0851ec234ca846e1af5ee1e4df0b6e (patch)
tree	0a5b74c0b9ca73aded34df95c91fcaf3815230d8 /test/Analysis/malloc-overflow2.c
parent	7e86edd64bfae4e324224452e4ea879b3371a4bd (diff)