Gitiles
Code Review Sign In
gerrit-public.fairphone.software / toolchain / llvm-project / 00bb397b0dc79fcad27bfe63456a2100039706f2 / . / clang / test / Analysis / bsd-string.c
blob: e4119058507fcf568aab4f9d9df198f9f3abf08e [file] [log] [blame]
Artem Dergachevf450dd62019-12-13 17:59:36 -0800[diff] [blame]1// RUN: %clang_analyze_cc1 -w -verify %s \
Kristof Umann8cffa842019-05-23 15:49:04 +0000[diff] [blame]2// RUN: -analyzer-checker=core \
3// RUN: -analyzer-checker=unix.cstring.NullArg \
4// RUN: -analyzer-checker=alpha.unix.cstring \
5// RUN: -analyzer-checker=debug.ExprInspection
Artem Dergachevc1984372018-05-14 22:32:24 +0000[diff] [blame]6
7#define NULL ((void *)0)
8
9typedef __typeof(sizeof(int)) size_t;
10size_t strlcpy(char *dst, const char *src, size_t n);
11size_t strlcat(char *dst, const char *src, size_t n);
Artem Dergachevacac5402019-11-07 15:58:01 -0800[diff] [blame]12size_t strlen(const char *s);
Artem Dergachevc1984372018-05-14 22:32:24 +0000[diff] [blame]13void clang_analyzer_eval(int);
14
15void f1() {
16 char overlap[] = "123456789";
17 strlcpy(overlap, overlap + 1, 3); // expected-warning{{Arguments must not be overlapping buffers}}
18}
19
20void f2() {
21 char buf[5];
Artem Dergachevacac5402019-11-07 15:58:01 -0800[diff] [blame]22 size_t len;
23 len = strlcpy(buf, "abcd", sizeof(buf)); // expected-no-warning
24 clang_analyzer_eval(len == 4); // expected-warning{{TRUE}}
25 len = strlcat(buf, "efgh", sizeof(buf)); // expected-no-warning
26 clang_analyzer_eval(len == 8); // expected-warning{{TRUE}}
Artem Dergachevc1984372018-05-14 22:32:24 +0000[diff] [blame]27}
28
29void f3() {
30 char dst[2];
31 const char *src = "abdef";
Balazs Benics30e5c7e2020-04-09 16:06:32 +0200[diff] [blame]32 strlcpy(dst, src, 5); // expected-warning{{String copy function overflows the destination buffer}}
Artem Dergachevc1984372018-05-14 22:32:24 +0000[diff] [blame]33}
34
35void f4() {
Artem Dergachev134faae2019-12-10 16:48:17 -0800[diff] [blame]36 strlcpy(NULL, "abcdef", 6); // expected-warning{{Null pointer passed as 1st argument to string copy function}}
Artem Dergachevc1984372018-05-14 22:32:24 +0000[diff] [blame]37}
38
39void f5() {
Artem Dergachev134faae2019-12-10 16:48:17 -0800[diff] [blame]40 strlcat(NULL, "abcdef", 6); // expected-warning{{Null pointer passed as 1st argument to string concatenation function}}
Artem Dergachevc1984372018-05-14 22:32:24 +0000[diff] [blame]41}
42
43void f6() {
44 char buf[8];
45 strlcpy(buf, "abc", 3);
46 size_t len = strlcat(buf, "defg", 4);
47 clang_analyzer_eval(len == 7); // expected-warning{{TRUE}}
48}
David Carlier3c90fce2018-05-23 04:38:25 +0000[diff] [blame]49
50int f7() {
51 char buf[8];
52 return strlcpy(buf, "1234567", 0); // no-crash
53}
Artem Dergachevacac5402019-11-07 15:58:01 -0800[diff] [blame]54
55void f8(){
56 char buf[5];
57 size_t len;
58
59 // basic strlcpy
60 len = strlcpy(buf,"123", sizeof(buf));
61 clang_analyzer_eval(len==3);// expected-warning{{TRUE}}
62 len = strlen(buf);
63 clang_analyzer_eval(len==3);// expected-warning{{TRUE}}
64
65 // testing bounded strlcat
66 len = strlcat(buf,"456", sizeof(buf));
67 clang_analyzer_eval(len==6);// expected-warning{{TRUE}}
68 len = strlen(buf);
69 clang_analyzer_eval(len==4);// expected-warning{{TRUE}}
70
71 // testing strlcat with size==0
72 len = strlcat(buf,"789", 0);
73 clang_analyzer_eval(len==7);// expected-warning{{TRUE}}
74 len = strlen(buf);
75 clang_analyzer_eval(len==4);// expected-warning{{TRUE}}
76
77 // testing strlcpy with size==0
78 len = strlcpy(buf,"123",0);
79 clang_analyzer_eval(len==3);// expected-warning{{TRUE}}
80 len = strlen(buf);
81 clang_analyzer_eval(len==4);// expected-warning{{TRUE}}
82
83}
84
85void f9(int unknown_size, char* unknown_src, char* unknown_dst){
86 char buf[8];
87 size_t len;
88
89 len = strlcpy(buf,"abba",sizeof(buf));
90
91 clang_analyzer_eval(len==4);// expected-warning{{TRUE}}
92 clang_analyzer_eval(strlen(buf)==4);// expected-warning{{TRUE}}
93
94 //size is unknown
95 len = strlcat(buf,"cd", unknown_size);
96 clang_analyzer_eval(len==6);// expected-warning{{TRUE}}
97 clang_analyzer_eval(strlen(buf)>=4);// expected-warning{{TRUE}}
98
99 //dst is unknown
100 len = strlcpy(unknown_dst,"abbc",unknown_size);
101 clang_analyzer_eval(len==4);// expected-warning{{TRUE}}
102 clang_analyzer_eval(strlen(unknown_dst));// expected-warning{{UNKNOWN}}
103
104 //src is unknown
105 len = strlcpy(buf,unknown_src, sizeof(buf));
106 clang_analyzer_eval(len);// expected-warning{{UNKNOWN}}
107 clang_analyzer_eval(strlen(buf));// expected-warning{{UNKNOWN}}
108
109 //src, dst is unknown
110 len = strlcpy(unknown_dst, unknown_src, unknown_size);
111 clang_analyzer_eval(len);// expected-warning{{UNKNOWN}}
112 clang_analyzer_eval(strlen(unknown_dst));// expected-warning{{UNKNOWN}}
113
114 //size is unknown
Balazs Benics30e5c7e2020-04-09 16:06:32 +0200[diff] [blame]115 len = strlcat(buf + 2, unknown_src + 1, sizeof(buf));
116 // expected-warning@-1 {{String concatenation function overflows the destination buffer}}
Artem Dergachevacac5402019-11-07 15:58:01 -0800[diff] [blame]117}
118
119void f10(){
120 char buf[8];
121 size_t len;
122
123 len = strlcpy(buf,"abba",sizeof(buf));
124 clang_analyzer_eval(len==4);// expected-warning{{TRUE}}
Balazs Benics30e5c7e2020-04-09 16:06:32 +0200[diff] [blame]125 strlcat(buf, "efghi", 9);
126 // expected-warning@-1 {{String concatenation function overflows the destination buffer}}
Artem Dergachevacac5402019-11-07 15:58:01 -0800[diff] [blame]127}
128
129void f11() {
130 //test for Bug 41729
131 char a[256], b[256];
132 strlcpy(a, "world", sizeof(a));
133 strlcpy(b, "hello ", sizeof(b));
134 strlcat(b, a, sizeof(b)); // no-warning
135}
Artem Dergachevf450dd62019-12-13 17:59:36 -0800[diff] [blame]136
137int a, b;
138void unknown_val_crash() {
139 // We're unable to evaluate the integer-to-pointer cast.
140 strlcat(&b, a, 0); // no-crash
141}