clang 19.0.0git
UndefinedArraySubscriptChecker.cpp
Go to the documentation of this file.
1//===--- UndefinedArraySubscriptChecker.h ----------------------*- C++ -*--===//
2//
3// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4// See https://llvm.org/LICENSE.txt for license information.
5// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6//
7//===----------------------------------------------------------------------===//
8//
9// This defines UndefinedArraySubscriptChecker, a builtin check in ExprEngine
10// that performs checks for undefined array subscripts.
11//
12//===----------------------------------------------------------------------===//
13
14#include "clang/StaticAnalyzer/Checkers/BuiltinCheckerRegistration.h"
15#include "clang/AST/DeclCXX.h"
16#include "clang/StaticAnalyzer/Core/BugReporter/BugType.h"
17#include "clang/StaticAnalyzer/Core/Checker.h"
18#include "clang/StaticAnalyzer/Core/CheckerManager.h"
19#include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"
20
21using namespace clang;
22using namespace ento;
23
24namespace {
25class UndefinedArraySubscriptChecker
26 : public Checker< check::PreStmt<ArraySubscriptExpr> > {
27 const BugType BT{this, "Array subscript is undefined"};
28
29public:
30 void checkPreStmt(const ArraySubscriptExpr *A, CheckerContext &C) const;
31};
32} // end anonymous namespace
33
34void
35UndefinedArraySubscriptChecker::checkPreStmt(const ArraySubscriptExpr *A,
36 CheckerContext &C) const {
37 const Expr *Index = A->getIdx();
38 if (!C.getSVal(Index).isUndef())
39 return;
40
41 // Sema generates anonymous array variables for copying array struct fields.
42 // Don't warn if we're in an implicitly-generated constructor.
43 const Decl *D = C.getLocationContext()->getDecl();
44 if (const CXXConstructorDecl *Ctor = dyn_cast<CXXConstructorDecl>(D))
45 if (Ctor->isDefaulted())
46 return;
47
48 ExplodedNode *N = C.generateErrorNode();
49 if (!N)
50 return;
51 // Generate a report for this bug.
52 auto R = std::make_unique<PathSensitiveBugReport>(BT, BT.getDescription(), N);
53 R->addRange(A->getIdx()->getSourceRange());
54 bugreporter::trackExpressionValue(N, A->getIdx(), *R);
55 C.emitReport(std::move(R));
56}
57
58void ento::registerUndefinedArraySubscriptChecker(CheckerManager &mgr) {
59 mgr.registerChecker<UndefinedArraySubscriptChecker>();
60}
61
62bool ento::shouldRegisterUndefinedArraySubscriptChecker(const CheckerManager &mgr) {
63 return true;
64}
DeclCXX.h
Defines the C++ Decl subclasses, other than those for templates (found in DeclTemplate....
clang::ArraySubscriptExpr
ArraySubscriptExpr - [C99 6.5.2.1] Array Subscripting.
Definition: Expr.h:2664
clang::CXXConstructorDecl
Represents a C++ constructor within a class.
Definition: DeclCXX.h:2532
clang::Decl
Decl - This represents one declaration (or definition), e.g.
Definition: DeclBase.h:85
clang::Expr
This represents one expression.
Definition: Expr.h:110
clang::Stmt::getSourceRange
SourceRange getSourceRange() const LLVM_READONLY
SourceLocation tokens are not useful in isolation - they are low level value objects created/interpre...
Definition: Stmt.cpp:326
clang::ento::CheckerManager::registerChecker
CHECKER * registerChecker(AT &&... Args)
Used to register checkers.
Definition: CheckerManager.h:204
clang::ento::bugreporter::trackExpressionValue
bool trackExpressionValue(const ExplodedNode *N, const Expr *E, PathSensitiveBugReport &R, TrackingOptions Opts={})
Attempts to add visitors to track expression value back to its point of origin.
Definition: BugReporterVisitors.cpp:2685
clang
The JSON file list parser is used to communicate input to InstallAPI.
Definition: CalledOnceCheck.h:17
Generated on Tue Apr 16 2024 18:35:53 for clang by doxygen 1.9.6