 |
|
 |
|
| Files: |
1 |
|
Branches Taken: |
58.3% |
7 / 12 |
| Generated: |
2010-02-10 01:31 |
|
Branches Executed: |
100.0% |
12 / 12 |
| |
|
Line Coverage: |
87.0% |
20 / 23 |
| |
 |
|
 |
1 : //==- CheckSizeofPointer.cpp - Check for sizeof on pointers ------*- C++ -*-==//
2 : //
3 : // The LLVM Compiler Infrastructure
4 : //
5 : // This file is distributed under the University of Illinois Open Source
6 : // License. See LICENSE.TXT for details.
7 : //
8 : //===----------------------------------------------------------------------===//
9 : //
10 : // This file defines a check for unintended use of sizeof() on pointer
11 : // expressions.
12 : //
13 : //===----------------------------------------------------------------------===//
14 :
15 : #include "clang/Checker/BugReporter/BugReporter.h"
16 : #include "clang/AST/StmtVisitor.h"
17 : #include "clang/Checker/Checkers/LocalCheckers.h"
18 :
19 : using namespace clang;
20 :
21 : namespace {
22 : class WalkAST : public StmtVisitor<WalkAST> {
23 : BugReporter &BR;
24 :
25 : public:
26 1: WalkAST(BugReporter &br) : BR(br) {}
27 : void VisitSizeOfAlignOfExpr(SizeOfAlignOfExpr *E);
28 3: void VisitStmt(Stmt *S) { VisitChildren(S); }
29 : void VisitChildren(Stmt *S);
30 : };
31 : }
32 :
33 3: void WalkAST::VisitChildren(Stmt *S) {
3: branch 4 taken
3: branch 5 taken
34 6: for (Stmt::child_iterator I = S->child_begin(), E = S->child_end(); I!=E; ++I)
3: branch 1 taken
0: branch 2 not taken
35 3: if (Stmt *child = *I)
36 3: Visit(child);
37 3: }
38 :
39 : // CWE-467: Use of sizeof() on a Pointer Type
40 1: void WalkAST::VisitSizeOfAlignOfExpr(SizeOfAlignOfExpr *E) {
0: branch 1 not taken
1: branch 2 taken
41 1: if (!E->isSizeOf())
42 0: return;
43 :
44 : // If an explicit type is used in the code, usually the coder knows what he is
45 : // doing.
0: branch 1 not taken
1: branch 2 taken
46 1: if (E->isArgumentType())
47 0: return;
48 :
49 1: QualType T = E->getTypeOfArgument();
1: branch 2 taken
0: branch 3 not taken
50 1: if (T->isPointerType()) {
51 :
52 : // Many false positives have the form 'sizeof *p'. This is reasonable
53 : // because people know what they are doing when they intentionally
54 : // dereference the pointer.
55 1: Expr *ArgEx = E->getArgumentExpr();
0: branch 2 not taken
1: branch 3 taken
56 1: if (!isa<DeclRefExpr>(ArgEx->IgnoreParens()))
57 0: return;
58 :
59 1: SourceRange R = ArgEx->getSourceRange();
60 : BR.EmitBasicReport("Potential unintended use of sizeof() on pointer type",
61 : "Logic",
62 : "The code calls sizeof() on a pointer type. "
63 : "This can produce an unexpected result.",
64 1: E->getLocStart(), &R, 1);
65 : }
66 : }
67 :
68 1: void clang::CheckSizeofPointer(const Decl *D, BugReporter &BR) {
69 1: WalkAST walker(BR);
70 1: walker.Visit(D->getBody());
71 1: }
Generated: 2010-02-10 01:31 by zcov