Add support for calloc() in MallocChecker. Patch by Jordy Rose, with my
modification.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@105264 91177308-0d34-0410-b5e6-96231b3b80d8
diff --git a/test/Analysis/malloc.c b/test/Analysis/malloc.c
index fe24bc1..3d59d34 100644
--- a/test/Analysis/malloc.c
+++ b/test/Analysis/malloc.c
@@ -77,3 +77,35 @@
buf[1] = 'c'; // not crash
}
+// This tests that malloc() buffers are undefined by default
+char mallocGarbage () {
+ char *buf = malloc(2);
+ char result = buf[1]; // expected-warning{{undefined}}
+ free(buf);
+ return result;
+}
+
+// This tests that calloc() buffers need to be freed
+void callocNoFree () {
+ char *buf = calloc(2,2);
+ return; // expected-warning{{never released}}
+}
+
+// These test that calloc() buffers are zeroed by default
+char callocZeroesGood () {
+ char *buf = calloc(2,2);
+ char result = buf[3]; // no-warning
+ if (buf[1] == 0) {
+ free(buf);
+ }
+ return result; // no-warning
+}
+
+char callocZeroesBad () {
+ char *buf = calloc(2,2);
+ char result = buf[3]; // no-warning
+ if (buf[1] != 0) {
+ free(buf);
+ }
+ return result; // expected-warning{{never released}}
+}
diff --git a/test/Analysis/outofbound.c b/test/Analysis/outofbound.c
index e1ff66c..2d09d8d 100644
--- a/test/Analysis/outofbound.c
+++ b/test/Analysis/outofbound.c
@@ -2,6 +2,7 @@
typedef __typeof(sizeof(int)) size_t;
void *malloc(size_t);
+void *calloc(size_t, size_t);
char f1() {
char* s = "abcd";
@@ -36,3 +37,9 @@
p[1] = a; // no-warning
p[2] = a; // expected-warning{{Access out-of-bound array element (buffer overflow)}}
}
+
+void f5() {
+ char *p = calloc(2,2);
+ p[3] = '.'; // no-warning
+ p[4] = '!'; // expected-warning{{out-of-bound}}
+}
diff --git a/test/Analysis/undef-buffers.c b/test/Analysis/undef-buffers.c
new file mode 100644
index 0000000..4c5beb3
--- /dev/null
+++ b/test/Analysis/undef-buffers.c
@@ -0,0 +1,32 @@
+// RUN: %clang_cc1 -analyze -analyzer-experimental-internal-checks -analyzer-check-objc-mem -analyzer-experimental-checks -analyzer-store=region -verify %s
+typedef __typeof(sizeof(int)) size_t;
+void *malloc(size_t);
+void free(void *);
+
+char stackBased1 () {
+ char buf[2];
+ buf[0] = 'a';
+ return buf[1]; // expected-warning{{Undefined}}
+}
+
+char stackBased2 () {
+ char buf[2];
+ buf[1] = 'a';
+ return buf[0]; // expected-warning{{Undefined}}
+}
+
+char heapBased1 () {
+ char *buf = malloc(2);
+ buf[0] = 'a';
+ char result = buf[1]; // expected-warning{{undefined}}
+ free(buf);
+ return result;
+}
+
+char heapBased2 () {
+ char *buf = malloc(2);
+ buf[1] = 'a';
+ char result = buf[0]; // expected-warning{{undefined}}
+ free(buf);
+ return result;
+}