git.osdn.net Git - android-x86/external-llvm-project.git/commit

author	Balázs Kéri <1.int32@gmail.com>
	Tue, 19 May 2020 06:21:47 +0000 (08:21 +0200)
committer	Balázs Kéri <1.int32@gmail.com>
	Tue, 19 May 2020 07:44:46 +0000 (09:44 +0200)
commit	51bb2128ef03985fddf2a84f17d3276f4ae2c6ad
tree	e5458d3f8ce5763074e814ff20f7683bb8ca0f4d	tree \| snapshot
parent	b3bd0c37eced4d149b44eaa9a2700c073927b543	commit \| diff

[Analyzer][VLASizeChecker] Check for VLA size overflow.

Summary:
Variable-length array (VLA) should have a size that fits into
a size_t value. According to the standard: "std::size_t can
store the maximum size of a theoretically possible object of
any type (including array)" (this is applied to C too).

The size expression is evaluated at the definition of the
VLA type even if this is a typedef.
The evaluation of the size expression in itself might cause
problems if it overflows.

Reviewers: Szelethus, baloghadamsoftware, martong, gamesh411

Reviewed By: Szelethus, martong, gamesh411

Subscribers: whisperity, rnkovacs, xazax.hun, baloghadamsoftware, szepet, a.sidorin, mikhail.ramalho, Szelethus, donat.nagy, dkrupp, gamesh411, Charusso, martong, ASDenysPetrov, cfe-commits

Tags: #clang

Differential Revision: https://reviews.llvm.org/D79330

clang/lib/StaticAnalyzer/Checkers/VLASizeChecker.cpp		diff \| blob \| history
clang/test/Analysis/vla-overflow.c	[new file with mode: 0644]	blob