This is an archive of the discontinued LLVM Phabricator instance.

Differential D17688

Fix missed leak from MSVC specific allocation functions
ClosedPublic

Authored by ariccio on Feb 27 2016, 9:56 PM.

Details

Reviewers
dcoughlin
aaron.ballman
zaks.anna
Commits
rG30d46687740e: [analyzer] Fix missed leak from MSVC specific allocation functions
rC262894: [analyzer] Fix missed leak from MSVC specific allocation functions
rL262894: [analyzer] Fix missed leak from MSVC specific allocation functions
Summary

I've found & fixed a leak that Clang misses when compiling on Windows.

The leak was found by SARD #149071, mem1-bad.c. Clang misses it because MSVC uses _strdup instead of strdup. I've added an IdentifierInfo* for _strdup, and now Clang catches it.

As a drive by fix, I added the wide character strdup variants (wcsdup, _wcsdup) and the MSVC version of alloca (_alloca).

No new check-all failures. (Did somebody improve lit's output?) Adding reviewers...

Diff Detail

Repository
rL LLVM

Event Timeline

ariccio updated this revision to Diff 49308.Feb 27 2016, 9:56 PM
ariccio retitled this revision from to Fix missed leak from MSVC specific allocation functions.
ariccio updated this object.
ariccio added a subscriber: cfe-commits.
ariccio updated this object.Feb 27 2016, 11:10 PM
ariccio added reviewers: zaks.anna, dcoughlin, aaron.ballman.
zaks.anna edited edge metadata.Feb 28 2016, 10:21 AM

The two underscores in the names are hard to read. Maybe we should just prefix them with 'win'?

ariccio added a comment.Feb 28 2016, 2:16 PM
In D17688#363835, @zaks.anna wrote:

The two underscores in the names are hard to read. Maybe we should just prefix them with 'win'?

I like that better, will change.

ariccio added a comment.Feb 28 2016, 3:05 PM

(This is mostly for my own reference)
BTW, there are a few other non-MS-only functions in the C standard library that allocate memory that needs to be free()d:

  1. getcwd (and _getcwd/_wgetcwd)

And some MS-specific functions that I'm surprised are actually MS-only:

  1. _getdcwd/_wgetdcwd
  2. _dupenv_s/_wdupenv_s
  3. _fullpath/_wfullpath
ariccio updated this revision to Diff 49330.Feb 28 2016, 3:08 PM
ariccio edited edge metadata.

Changed underscore prefixed variable names to win prefixed variable names.

zaks.anna added a comment.Feb 29 2016, 2:48 PM

Nit: Could you change the prefix from "win" to "win_"?

ariccio updated this revision to Diff 49456.Feb 29 2016, 11:16 PM

Nit addressed.

ariccio added a comment.Mar 1 2016, 12:25 PM

Is this patch all clear to go?

I hope I don't sound too pushy - I just don't want to lose momentum here.

zaks.anna added a comment.Mar 1 2016, 4:00 PM

I suggest to update the malloc regression test with these.

ariccio added a comment.Mar 1 2016, 5:01 PM
In D17688#365880, @zaks.anna wrote:

I suggest to update the malloc regression test with these.

Eh? There's a malloc regression test?

zaks.anna added a comment.Mar 1 2016, 5:03 PM

Of cause, we have regression tests for (almost) everything:
ls ./clang/test/Analysis/malloc*

ariccio added a comment.Mar 1 2016, 7:02 PM
In D17688#365951, @zaks.anna wrote:

ls ./clang/test/Analysis/malloc*

Ah, ok. Would it be ok if (for _strdup & _alloca) I just do this at the beginning:

#if defined(_WIN32)

#define strdup _strdup
#define alloca _alloca

#endif //defined(_WIN32)
ariccio added a comment.Mar 2 2016, 2:57 PM
In D17688#366011, @ariccio wrote:
In D17688#365951, @zaks.anna wrote:

ls ./clang/test/Analysis/malloc*

Ah, ok. Would it be ok if (for _strdup & _alloca) I just do this at the beginning:

#if defined(_WIN32)

#define strdup _strdup
#define alloca _alloca

#endif //defined(_WIN32)

Nevermind. I'm uploading a proper patch in the next few minutes.

ariccio updated this revision to Diff 49674.Mar 2 2016, 2:58 PM

Added newly checked variants to the malloc checks.

(Running the check-all suite now, will update with results)

zaks.anna accepted this revision.Mar 2 2016, 3:07 PM
zaks.anna edited edge metadata.

LGTM. Thanks!

I can commit this in your behalf.

This revision is now accepted and ready to land.Mar 2 2016, 3:07 PM
ariccio added a comment.Mar 2 2016, 4:13 PM

Hmm, check-all produced a number of issues, which I think stem from the following warning:

File C:\LLVM\llvm\tools\clang\test\Analysis\malloc.c Line 16: unknown type name 'wchar_t'

(with a bunch of instances of that)

...so how do I declare/define wchar_t properly?

zaks.anna added a comment.Mar 2 2016, 4:15 PM

Generate a preprocessed file and keep copying the definitions from there until you reach the types compiler knows about.

zaks.anna added a comment.Mar 2 2016, 4:18 PM

Please, do not submit patches for review before they pass all tests.

ariccio added a comment.Mar 2 2016, 5:23 PM
In D17688#366883, @zaks.anna wrote:

Please, do not submit patches for review before they pass all tests.

Whoops, sorry. Should I been a bit clearer that check-all hadn't finished when I updated the diff, or should I not update the diff at all until check-all finishes?

zaks.anna added a comment.Mar 2 2016, 5:34 PM

The second: you should not update the diff. When a patch is uploaded, the assumption is that all tests pass:)

ariccio added a comment.Mar 2 2016, 10:38 PM

Hmm. This seems to be because wchar_t is enabled by -fms-compatibility.

@aaron.ballman do you have any idea how to define wchar_t without -fms-compatibility?

ariccio updated this revision to Diff 49845.Mar 4 2016, 1:09 PM
ariccio edited edge metadata.

Alrighty. This final version of the patch causes no test failures (vs the unmodified build*).

*An unrelated test normally fails on my machine.

zaks.anna added a comment.Mar 4 2016, 3:09 PM
ariccio added a comment.Mar 4 2016, 5:07 PM
In D17688#368330, @zaks.anna wrote:

?

ariccio added a comment.Mar 5 2016, 12:47 PM
In D17688#366780, @zaks.anna wrote:

LGTM. Thanks!

I can commit this in your behalf.

Oh, and yeah, I don't have privs.

Closed by commit rL262894: [analyzer] Fix missed leak from MSVC specific allocation functions (authored by zaks). · Explain WhyMar 7 2016, 5:26 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents

PathSize
cfe/
trunk/
lib/
StaticAnalyzer/
Checkers/
36 lines
test/
Analysis/
76 lines

Diff 50013

cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp

Show First 20 LinesShow All 163 Lines▼ Show 20 Linesclass MallocChecker : public Checker<check::DeadSymbols,
check::PreStmt<CXXDeleteExpr>, check::PreStmt<CXXDeleteExpr>,
check::PostStmt<BlockExpr>, check::PostStmt<BlockExpr>,
check::PostObjCMessage, check::PostObjCMessage,
check::Location, check::Location,
eval::Assume> eval::Assume>
{ {
public: public:
MallocChecker() MallocChecker()
: II_alloca(nullptr), II_malloc(nullptr), II_free(nullptr), : II_alloca(nullptr), II_win_alloca(nullptr), II_malloc(nullptr),
II_realloc(nullptr), II_calloc(nullptr), II_valloc(nullptr), II_free(nullptr), II_realloc(nullptr), II_calloc(nullptr),
II_reallocf(nullptr), II_strndup(nullptr), II_strdup(nullptr), II_valloc(nullptr), II_reallocf(nullptr), II_strndup(nullptr),
II_kmalloc(nullptr), II_if_nameindex(nullptr), II_strdup(nullptr), II_win_strdup(nullptr), II_kmalloc(nullptr),
II_if_freenameindex(nullptr) {} II_if_nameindex(nullptr), II_if_freenameindex(nullptr),
II_wcsdup(nullptr), II_win_wcsdup(nullptr) {}
/// In pessimistic mode, the checker assumes that it does not know which /// In pessimistic mode, the checker assumes that it does not know which
/// functions might free the memory. /// functions might free the memory.
enum CheckKind { enum CheckKind {
CK_MallocChecker, CK_MallocChecker,
CK_NewDeleteChecker, CK_NewDeleteChecker,
CK_NewDeleteLeaksChecker, CK_NewDeleteLeaksChecker,
CK_MismatchedDeallocatorChecker, CK_MismatchedDeallocatorChecker,
▲ Show 20 LinesShow All 41 Lines▼ Show 20 Linesprivate:
mutable std::unique_ptr<BugType> BT_DoubleDelete; mutable std::unique_ptr<BugType> BT_DoubleDelete;
mutable std::unique_ptr<BugType> BT_Leak[CK_NumCheckKinds]; mutable std::unique_ptr<BugType> BT_Leak[CK_NumCheckKinds];
mutable std::unique_ptr<BugType> BT_UseFree[CK_NumCheckKinds]; mutable std::unique_ptr<BugType> BT_UseFree[CK_NumCheckKinds];
mutable std::unique_ptr<BugType> BT_BadFree[CK_NumCheckKinds]; mutable std::unique_ptr<BugType> BT_BadFree[CK_NumCheckKinds];
mutable std::unique_ptr<BugType> BT_FreeAlloca[CK_NumCheckKinds]; mutable std::unique_ptr<BugType> BT_FreeAlloca[CK_NumCheckKinds];
mutable std::unique_ptr<BugType> BT_MismatchedDealloc; mutable std::unique_ptr<BugType> BT_MismatchedDealloc;
mutable std::unique_ptr<BugType> BT_OffsetFree[CK_NumCheckKinds]; mutable std::unique_ptr<BugType> BT_OffsetFree[CK_NumCheckKinds];
mutable std::unique_ptr<BugType> BT_UseZerroAllocated[CK_NumCheckKinds]; mutable std::unique_ptr<BugType> BT_UseZerroAllocated[CK_NumCheckKinds];
mutable IdentifierInfo *II_alloca, *II_malloc, *II_free, *II_realloc, mutable IdentifierInfo *II_alloca, *II_win_alloca, *II_malloc, *II_free,
*II_calloc, *II_valloc, *II_reallocf, *II_strndup, *II_realloc, *II_calloc, *II_valloc, *II_reallocf,
*II_strdup, *II_kmalloc, *II_if_nameindex, *II_strndup, *II_strdup, *II_win_strdup, *II_kmalloc,
*II_if_freenameindex; *II_if_nameindex, *II_if_freenameindex, *II_wcsdup,
*II_win_wcsdup;
mutable Optional<uint64_t> KernelZeroFlagVal; mutable Optional<uint64_t> KernelZeroFlagVal;
void initIdentifierInfo(ASTContext &C) const; void initIdentifierInfo(ASTContext &C) const;
/// \brief Determine family of a deallocation expression. /// \brief Determine family of a deallocation expression.
AllocationFamily getAllocationFamily(CheckerContext &C, const Stmt *S) const; AllocationFamily getAllocationFamily(CheckerContext &C, const Stmt *S) const;
/// \brief Print names of allocators and deallocators. /// \brief Print names of allocators and deallocators.
▲ Show 20 LinesShow All 289 Lines▼ Show 20 Linesvoid MallocChecker::initIdentifierInfo(ASTContext &Ctx) const {
II_malloc = &Ctx.Idents.get("malloc"); II_malloc = &Ctx.Idents.get("malloc");
II_free = &Ctx.Idents.get("free"); II_free = &Ctx.Idents.get("free");
II_realloc = &Ctx.Idents.get("realloc"); II_realloc = &Ctx.Idents.get("realloc");
II_reallocf = &Ctx.Idents.get("reallocf"); II_reallocf = &Ctx.Idents.get("reallocf");
II_calloc = &Ctx.Idents.get("calloc"); II_calloc = &Ctx.Idents.get("calloc");
II_valloc = &Ctx.Idents.get("valloc"); II_valloc = &Ctx.Idents.get("valloc");
II_strdup = &Ctx.Idents.get("strdup"); II_strdup = &Ctx.Idents.get("strdup");
II_strndup = &Ctx.Idents.get("strndup"); II_strndup = &Ctx.Idents.get("strndup");
II_wcsdup = &Ctx.Idents.get("wcsdup");
II_kmalloc = &Ctx.Idents.get("kmalloc"); II_kmalloc = &Ctx.Idents.get("kmalloc");
II_if_nameindex = &Ctx.Idents.get("if_nameindex"); II_if_nameindex = &Ctx.Idents.get("if_nameindex");
II_if_freenameindex = &Ctx.Idents.get("if_freenameindex"); II_if_freenameindex = &Ctx.Idents.get("if_freenameindex");
//MSVC uses `_`-prefixed instead, so we check for them too.
II_win_strdup = &Ctx.Idents.get("_strdup");
II_win_wcsdup = &Ctx.Idents.get("_wcsdup");
II_win_alloca = &Ctx.Idents.get("_alloca");
} }
bool MallocChecker::isMemFunction(const FunctionDecl *FD, ASTContext &C) const { bool MallocChecker::isMemFunction(const FunctionDecl *FD, ASTContext &C) const {
if (isCMemFunction(FD, C, AF_Malloc, MemoryOperationKind::MOK_Any)) if (isCMemFunction(FD, C, AF_Malloc, MemoryOperationKind::MOK_Any))
return true; return true;
if (isCMemFunction(FD, C, AF_IfNameIndex, MemoryOperationKind::MOK_Any)) if (isCMemFunction(FD, C, AF_IfNameIndex, MemoryOperationKind::MOK_Any))
return true; return true;
Show All 26 Lines if (FD->getKind() == Decl::Function) {
if (Family == AF_Malloc && CheckFree) { if (Family == AF_Malloc && CheckFree) {
if (FunI == II_free || FunI == II_realloc || FunI == II_reallocf) if (FunI == II_free || FunI == II_realloc || FunI == II_reallocf)
return true; return true;
} }
if (Family == AF_Malloc && CheckAlloc) { if (Family == AF_Malloc && CheckAlloc) {
if (FunI == II_malloc || FunI == II_realloc || FunI == II_reallocf || if (FunI == II_malloc || FunI == II_realloc || FunI == II_reallocf ||
FunI == II_calloc || FunI == II_valloc || FunI == II_strdup || FunI == II_calloc || FunI == II_valloc || FunI == II_strdup ||
FunI == II_strndup || FunI == II_kmalloc) FunI == II_win_strdup || FunI == II_strndup || FunI == II_wcsdup ||
FunI == II_win_wcsdup || FunI == II_kmalloc)
return true; return true;
} }
if (Family == AF_IfNameIndex && CheckFree) { if (Family == AF_IfNameIndex && CheckFree) {
if (FunI == II_if_freenameindex) if (FunI == II_if_freenameindex)
return true; return true;
} }
if (Family == AF_IfNameIndex && CheckAlloc) { if (Family == AF_IfNameIndex && CheckAlloc) {
if (FunI == II_if_nameindex) if (FunI == II_if_nameindex)
return true; return true;
} }
if (Family == AF_Alloca && CheckAlloc) { if (Family == AF_Alloca && CheckAlloc) {
if (FunI == II_alloca) if (FunI == II_alloca || FunI == II_win_alloca)
return true; return true;
} }
} }
if (Family != AF_Malloc) if (Family != AF_Malloc)
return false; return false;
if (IsOptimistic && FD->hasAttrs()) { if (IsOptimistic && FD->hasAttrs()) {
▲ Show 20 LinesShow All 172 Lines▼ Show 20 Lines if (FunI == II_malloc) {
State = ReallocMem(C, CE, true, State); State = ReallocMem(C, CE, true, State);
State = ProcessZeroAllocation(C, CE, 1, State); State = ProcessZeroAllocation(C, CE, 1, State);
} else if (FunI == II_calloc) { } else if (FunI == II_calloc) {
State = CallocMem(C, CE, State); State = CallocMem(C, CE, State);
State = ProcessZeroAllocation(C, CE, 0, State); State = ProcessZeroAllocation(C, CE, 0, State);
State = ProcessZeroAllocation(C, CE, 1, State); State = ProcessZeroAllocation(C, CE, 1, State);
} else if (FunI == II_free) { } else if (FunI == II_free) {
State = FreeMemAux(C, CE, State, 0, false, ReleasedAllocatedMemory); State = FreeMemAux(C, CE, State, 0, false, ReleasedAllocatedMemory);
} else if (FunI == II_strdup) { } else if (FunI == II_strdup || FunI == II_win_strdup ||
FunI == II_wcsdup || FunI == II_win_wcsdup) {
State = MallocUpdateRefState(C, CE, State); State = MallocUpdateRefState(C, CE, State);
} else if (FunI == II_strndup) { } else if (FunI == II_strndup) {
State = MallocUpdateRefState(C, CE, State); State = MallocUpdateRefState(C, CE, State);
} else if (FunI == II_alloca) { } else if (FunI == II_alloca || FunI == II_win_alloca) {
State = MallocMemAux(C, CE, CE->getArg(0), UndefinedVal(), State, State = MallocMemAux(C, CE, CE->getArg(0), UndefinedVal(), State,
AF_Alloca); AF_Alloca);
State = ProcessZeroAllocation(C, CE, 0, State); State = ProcessZeroAllocation(C, CE, 0, State);
} else if (isStandardNewDelete(FD, C.getASTContext())) { } else if (isStandardNewDelete(FD, C.getASTContext())) {
// Process direct calls to operator new/new[]/delete/delete[] functions // Process direct calls to operator new/new[]/delete/delete[] functions
// as distinct from new/new[]/delete/delete[] expressions that are // as distinct from new/new[]/delete/delete[] expressions that are
// processed by the checkPostStmt callbacks for CXXNewExpr and // processed by the checkPostStmt callbacks for CXXNewExpr and
// CXXDeleteExpr. // CXXDeleteExpr.
▲ Show 20 LinesShow All 1,940 LinesShow Last 20 Lines

cfe/trunk/test/Analysis/malloc.c

// RUN: %clang_cc1 -analyze -analyzer-checker=core,alpha.deadcode.UnreachableCode,alpha.core.CastSize,unix.Malloc,debug.ExprInspection -analyzer-store=region -verify %s // RUN: %clang_cc1 -analyze -analyzer-checker=core,alpha.deadcode.UnreachableCode,alpha.core.CastSize,unix.Malloc,debug.ExprInspection -analyzer-store=region -verify %s
#include "Inputs/system-header-simulator.h" #include "Inputs/system-header-simulator.h"
void clang_analyzer_eval(int); void clang_analyzer_eval(int);
// Without -fms-compatibility, wchar_t isn't a builtin type. MSVC defines
// _WCHAR_T_DEFINED if wchar_t is available. Microsoft recommends that you use
// the builtin type: "Using the typedef version can cause portability
// problems", but we're ok here because we're not actually running anything.
// Also of note is this cryptic warning: "The wchar_t type is not supported
// when you compile C code".
//
// See the docs for more:
// https://msdn.microsoft.com/en-us/library/dh8che7s.aspx
#if !defined(_WCHAR_T_DEFINED)
// "Microsoft implements wchar_t as a two-byte unsigned value"
typedef unsigned short wchar_t;
#define _WCHAR_T_DEFINED
#endif // !defined(_WCHAR_T_DEFINED)
typedef __typeof(sizeof(int)) size_t; typedef __typeof(sizeof(int)) size_t;
void *malloc(size_t); void *malloc(size_t);
void *alloca(size_t); void *alloca(size_t);
void *valloc(size_t); void *valloc(size_t);
void free(void *); void free(void *);
void *realloc(void *ptr, size_t size); void *realloc(void *ptr, size_t size);
void *reallocf(void *ptr, size_t size); void *reallocf(void *ptr, size_t size);
void *calloc(size_t nmemb, size_t size); void *calloc(size_t nmemb, size_t size);
char *strdup(const char *s); char *strdup(const char *s);
wchar_t *wcsdup(const wchar_t *s);
char *strndup(const char *s, size_t n); char *strndup(const char *s, size_t n);
int memcmp(const void *s1, const void *s2, size_t n); int memcmp(const void *s1, const void *s2, size_t n);
// Windows variants
char *_strdup(const char *strSource);
wchar_t *_wcsdup(const wchar_t *strSource);
void *_alloca(size_t size);
void myfoo(int *p); void myfoo(int *p);
void myfooint(int p); void myfooint(int p);
char *fooRetPtr(); char *fooRetPtr();
void f1() { void f1() {
int *p = malloc(12); int *p = malloc(12);
return; // expected-warning{{Potential leak of memory pointed to by 'p'}} return; // expected-warning{{Potential leak of memory pointed to by 'p'}}
} }
Show All 23 Lines if (p) {
char x = *q; // expected-warning {{Potential leak of memory pointed to by 'q'}} char x = *q; // expected-warning {{Potential leak of memory pointed to by 'q'}}
} }
} }
void allocaTest() { void allocaTest() {
int *p = alloca(sizeof(int)); int *p = alloca(sizeof(int));
} // no warn } // no warn
void winAllocaTest() {
int *p = _alloca(sizeof(int));
} // no warn
void allocaBuiltinTest() { void allocaBuiltinTest() {
int *p = __builtin_alloca(sizeof(int)); int *p = __builtin_alloca(sizeof(int));
} // no warn } // no warn
int *realloctest1() { int *realloctest1() {
int *q = malloc(12); int *q = malloc(12);
q = realloc(q, 20); q = realloc(q, 20);
return q; // no warning - returning the allocated value return q; // no warning - returning the allocated value
▲ Show 20 LinesShow All 139 Lines▼ Show 20 Linesvoid CheckUseZeroAllocatedNoWarn1() {
int *p = malloc(0); int *p = malloc(0);
free(p); // no warning free(p); // no warning
} }
void CheckUseZeroAllocatedNoWarn2() { void CheckUseZeroAllocatedNoWarn2() {
int *p = alloca(0); // no warning int *p = alloca(0); // no warning
} }
void CheckUseZeroWinAllocatedNoWarn2() {
int *p = _alloca(0); // no warning
}
void CheckUseZeroAllocatedNoWarn3() { void CheckUseZeroAllocatedNoWarn3() {
int *p = malloc(0); int *p = malloc(0);
int *q = realloc(p, 8); // no warning int *q = realloc(p, 8); // no warning
free(q); free(q);
} }
void CheckUseZeroAllocatedNoWarn4() { void CheckUseZeroAllocatedNoWarn4() {
int *p = realloc(0, 8); int *p = realloc(0, 8);
*p = 1; // no warning *p = 1; // no warning
free(p); free(p);
} }
void CheckUseZeroAllocated1() { void CheckUseZeroAllocated1() {
int *p = malloc(0); int *p = malloc(0);
*p = 1; // expected-warning {{Use of zero-allocated memory}} *p = 1; // expected-warning {{Use of zero-allocated memory}}
free(p); free(p);
} }
char CheckUseZeroAllocated2() { char CheckUseZeroAllocated2() {
char *p = alloca(0); char *p = alloca(0);
return *p; // expected-warning {{Use of zero-allocated memory}} return *p; // expected-warning {{Use of zero-allocated memory}}
} }
char CheckUseZeroWinAllocated2() {
char *p = _alloca(0);
return *p; // expected-warning {{Use of zero-allocated memory}}
}
void UseZeroAllocated(int *p) { void UseZeroAllocated(int *p) {
if (p) if (p)
*p = 7; // expected-warning {{Use of zero-allocated memory}} *p = 7; // expected-warning {{Use of zero-allocated memory}}
} }
void CheckUseZeroAllocated3() { void CheckUseZeroAllocated3() {
int *p = malloc(0); int *p = malloc(0);
UseZeroAllocated(p); UseZeroAllocated(p);
} }
▲ Show 20 LinesShow All 827 Lines▼ Show 20 Lines
} }
// Test various allocation/deallocation functions. // Test various allocation/deallocation functions.
void testStrdup(const char *s, unsigned validIndex) { void testStrdup(const char *s, unsigned validIndex) {
char *s2 = strdup(s); char *s2 = strdup(s);
s2[validIndex + 1] = 'b'; s2[validIndex + 1] = 'b';
} // expected-warning {{Potential leak of memory pointed to by}} } // expected-warning {{Potential leak of memory pointed to by}}
void testWinStrdup(const char *s, unsigned validIndex) {
char *s2 = _strdup(s);
s2[validIndex + 1] = 'b';
} // expected-warning {{Potential leak of memory pointed to by}}
void testWcsdup(const wchar_t *s, unsigned validIndex) {
wchar_t *s2 = wcsdup(s);
s2[validIndex + 1] = 'b';
} // expected-warning {{Potential leak of memory pointed to by}}
void testWinWcsdup(const wchar_t *s, unsigned validIndex) {
wchar_t *s2 = _wcsdup(s);
s2[validIndex + 1] = 'b';
} // expected-warning {{Potential leak of memory pointed to by}}
int testStrndup(const char *s, unsigned validIndex, unsigned size) { int testStrndup(const char *s, unsigned validIndex, unsigned size) {
char *s2 = strndup(s, size); char *s2 = strndup(s, size);
s2 [validIndex + 1] = 'b'; s2 [validIndex + 1] = 'b';
if (s2[validIndex] != 'a') if (s2[validIndex] != 'a')
return 0; return 0;
else else
return 1;// expected-warning {{Potential leak of memory pointed to by}} return 1;// expected-warning {{Potential leak of memory pointed to by}}
} }
void testStrdupContentIsDefined(const char *s, unsigned validIndex) { void testStrdupContentIsDefined(const char *s, unsigned validIndex) {
char *s2 = strdup(s); char *s2 = strdup(s);
char result = s2[1];// no warning char result = s2[1];// no warning
free(s2); free(s2);
} }
void testWinStrdupContentIsDefined(const char *s, unsigned validIndex) {
char *s2 = _strdup(s);
char result = s2[1];// no warning
free(s2);
}
void testWcsdupContentIsDefined(const wchar_t *s, unsigned validIndex) {
wchar_t *s2 = wcsdup(s);
wchar_t result = s2[1];// no warning
free(s2);
}
void testWinWcsdupContentIsDefined(const wchar_t *s, unsigned validIndex) {
wchar_t *s2 = _wcsdup(s);
wchar_t result = s2[1];// no warning
free(s2);
}
// ---------------------------------------------------------------------------- // ----------------------------------------------------------------------------
// Test the system library functions to which the pointer can escape. // Test the system library functions to which the pointer can escape.
// This tests false positive suppression. // This tests false positive suppression.
// For now, we assume memory passed to pthread_specific escapes. // For now, we assume memory passed to pthread_specific escapes.
// TODO: We could check that if a new pthread binding is set, the existing // TODO: We could check that if a new pthread binding is set, the existing
// binding must be freed; otherwise, a memory leak can occur. // binding must be freed; otherwise, a memory leak can occur.
void testPthereadSpecificEscape(pthread_key_t key) { void testPthereadSpecificEscape(pthread_key_t key) {
▲ Show 20 LinesShow All 337 Lines▼ Show 20 Linesvoid *test(void *ptr) {
return newPtr; return newPtr;
} }
char *testLeakWithinReturn(char *str) { char *testLeakWithinReturn(char *str) {
return strdup(strdup(str)); // expected-warning{{leak}} return strdup(strdup(str)); // expected-warning{{leak}}
} }
char *testWinLeakWithinReturn(char *str) {
return _strdup(_strdup(str)); // expected-warning{{leak}}
}
wchar_t *testWinWideLeakWithinReturn(wchar_t *str) {
return _wcsdup(_wcsdup(str)); // expected-warning{{leak}}
}
void passConstPtr(const char * ptr); void passConstPtr(const char * ptr);
void testPassConstPointer() { void testPassConstPointer() {
char * string = malloc(sizeof(char)*10); char * string = malloc(sizeof(char)*10);
passConstPtr(string); passConstPtr(string);
return; // expected-warning {{leak}} return; // expected-warning {{leak}}
} }
▲ Show 20 LinesShow All 241 LinesShow Last 20 Lines