clang 20.0.0git
CastSizeChecker.cpp
Go to the documentation of this file.
1//=== CastSizeChecker.cpp ---------------------------------------*- C++ -*-===//
2//
3// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4// See https://llvm.org/LICENSE.txt for license information.
5// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6//
7//===----------------------------------------------------------------------===//
8//
9// CastSizeChecker checks when casting a malloc'ed symbolic region to type T,
10// whether the size of the symbolic region is a multiple of the size of T.
11//
12//===----------------------------------------------------------------------===//
13
14#include "clang/AST/CharUnits.h"
15#include "clang/StaticAnalyzer/Checkers/BuiltinCheckerRegistration.h"
16#include "clang/StaticAnalyzer/Core/BugReporter/BugType.h"
17#include "clang/StaticAnalyzer/Core/Checker.h"
18#include "clang/StaticAnalyzer/Core/CheckerManager.h"
19#include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"
20#include "clang/StaticAnalyzer/Core/PathSensitive/DynamicExtent.h"
21
22using namespace clang;
23using namespace ento;
24
25namespace {
26class CastSizeChecker : public Checker< check::PreStmt<CastExpr> > {
27 const BugType BT{this, "Cast region with wrong size."};
28
29public:
30 void checkPreStmt(const CastExpr *CE, CheckerContext &C) const;
31};
32}
33
34/// Check if we are casting to a struct with a flexible array at the end.
35/// \code
36/// struct foo {
37/// size_t len;
38/// struct bar data[];
39/// };
40/// \endcode
41/// or
42/// \code
43/// struct foo {
44/// size_t len;
45/// struct bar data[0];
46/// }
47/// \endcode
48/// In these cases it is also valid to allocate size of struct foo + a multiple
49/// of struct bar.