| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108 |
- // SmartPtrChecker.cpp - Check for smart pointer dereference - C++ --------===//
- //
- // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
- // See https://llvm.org/LICENSE.txt for license information.
- // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
- //
- //===----------------------------------------------------------------------===//
- //
- // This file defines a checker that check for null dereference of C++ smart
- // pointer.
- //
- //===----------------------------------------------------------------------===//
- #include "SmartPtr.h"
- #include "clang/AST/DeclCXX.h"
- #include "clang/AST/ExprCXX.h"
- #include "clang/AST/Type.h"
- #include "clang/StaticAnalyzer/Checkers/BuiltinCheckerRegistration.h"
- #include "clang/StaticAnalyzer/Core/BugReporter/BugType.h"
- #include "clang/StaticAnalyzer/Core/Checker.h"
- #include "clang/StaticAnalyzer/Core/CheckerManager.h"
- #include "clang/StaticAnalyzer/Core/PathSensitive/CallEvent.h"
- #include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"
- #include "clang/StaticAnalyzer/Core/PathSensitive/SVals.h"
- #include "clang/StaticAnalyzer/Core/PathSensitive/SymExpr.h"
- #include "llvm/ADT/StringRef.h"
- using namespace clang;
- using namespace ento;
- namespace {
- static const BugType *NullDereferenceBugTypePtr;
- class SmartPtrChecker : public Checker<check::PreCall> {
- public:
- void checkPreCall(const CallEvent &Call, CheckerContext &C) const;
- BugType NullDereferenceBugType{this, "Null SmartPtr dereference",
- "C++ Smart Pointer"};
- private:
- void reportBug(CheckerContext &C, const MemRegion *DerefRegion,
- const CallEvent &Call) const;
- void explainDereference(llvm::raw_ostream &OS, const MemRegion *DerefRegion,
- const CallEvent &Call) const;
- };
- } // end of anonymous namespace
- // Define the inter-checker API.
- namespace clang {
- namespace ento {
- namespace smartptr {
- const BugType *getNullDereferenceBugType() { return NullDereferenceBugTypePtr; }
- } // namespace smartptr
- } // namespace ento
- } // namespace clang
- void SmartPtrChecker::checkPreCall(const CallEvent &Call,
- CheckerContext &C) const {
- if (!smartptr::isStdSmartPtrCall(Call))
- return;
- ProgramStateRef State = C.getState();
- const auto *OC = dyn_cast<CXXMemberOperatorCall>(&Call);
- if (!OC)
- return;
- const MemRegion *ThisRegion = OC->getCXXThisVal().getAsRegion();
- if (!ThisRegion)
- return;
- OverloadedOperatorKind OOK = OC->getOverloadedOperator();
- if (OOK == OO_Star || OOK == OO_Arrow) {
- if (smartptr::isNullSmartPtr(State, ThisRegion))
- reportBug(C, ThisRegion, Call);
- }
- }
- void SmartPtrChecker::reportBug(CheckerContext &C, const MemRegion *DerefRegion,
- const CallEvent &Call) const {
- ExplodedNode *ErrNode = C.generateErrorNode();
- if (!ErrNode)
- return;
- llvm::SmallString<128> Str;
- llvm::raw_svector_ostream OS(Str);
- explainDereference(OS, DerefRegion, Call);
- auto R = std::make_unique<PathSensitiveBugReport>(NullDereferenceBugType,
- OS.str(), ErrNode);
- R->markInteresting(DerefRegion);
- C.emitReport(std::move(R));
- }
- void SmartPtrChecker::explainDereference(llvm::raw_ostream &OS,
- const MemRegion *DerefRegion,
- const CallEvent &Call) const {
- OS << "Dereference of null smart pointer ";
- DerefRegion->printPretty(OS);
- }
- void ento::registerSmartPtrChecker(CheckerManager &Mgr) {
- SmartPtrChecker *Checker = Mgr.registerChecker<SmartPtrChecker>();
- NullDereferenceBugTypePtr = &Checker->NullDereferenceBugType;
- }
- bool ento::shouldRegisterSmartPtrChecker(const CheckerManager &mgr) {
- const LangOptions &LO = mgr.getLangOpts();
- return LO.CPlusPlus;
- }
|
