RFC on array-bounds patch

Hello!

Here is a patch that will make Clang warn when there is this index out of bounds:

void f(int x) {
int a[10];
if (x >= 10)
a = x;
}

The checkLocation is not triggered on the “a = x;” statement. Is this by design? Is the checkPrestmt a good choice or would it be better to choose some other check type?

Best regards,
Daniel Marjamäki

Daniel Marjamäki Senior Engineer

Evidente ES East AB Warfvinges väg 34 SE-112 51 Stockholm Sweden

Mobile: +46 (0)709 12 42 62

E-mail: Daniel.Marjamaki@evidente.se

www.evidente.se

array-bounds.patch (1.55 KB)

+ Jordan

I see the diagnostic without any patches. Are you sure you were testing the existing code with alpha.security.ArrayBound on? Is there a more complex example that wasn’t working?

Background: checkLocation is supposed to be called on both loads and stores already, which is why it has the “isLoad” argument.

Jordan

array-bounds.patch (1.55 KB)

Hello!

I see the diagnostic without any patches. Are you sure you were testing the existing code with alpha.security.ArrayBound on? Is there a more complex example that wasn’t working?

I fail to reproduce right now. The warning is reported.

I’ll investigate if I can reproduce the false negative again.

Thanks!
Daniel Marjamäki

Daniel Marjamäki Senior Engineer

Evidente ES East AB Warfvinges väg 34 SE-112 51 Stockholm Sweden

Mobile: +46 (0)709 12 42 62

E-mail: Daniel.Marjamaki@evidente.se

www.evidente.se

Hi!

My previous patch doesn't work well.

No warning is written for this code:

void f\(int x\) \{
    int a\[10\];
    if \(x >= 10\)
        a\[x\] = 1;
\} 

A warning is written for this code:

    void f(int x) {
        int a[10];
        if (x >= 10)
            a[x] = x;
    }

Is there some intentional limitation here? Or is it unintentional.

Best regards,
Daniel Marjamäki