wangtao
/
llvm-project
forked from OSchip/llvm-project
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
223,400 Commits 29 Branches 0 Tags 2.2 GiB
Commit Graph

82 Commits

Author SHA1 Message Date
Anna Zaks da4c8d6811 [analyzer] Rename generateNode -> addTransition in CheckerContext 
Also document addTransition methods.

llvm-svn: 143059
 2011-10-26 21:06:34 +00:00
Anna Zaks b473816b4a [analyzer] Simplify CheckerContext 
Remove dead members/parameters: ProgramState, respondsToCallback, autoTransition.
Remove addTransition method since it's the same as generateNode. Maybe we should
rename generateNode to genTransition (since a transition is always automatically
generated)?

llvm-svn: 142946
 2011-10-25 19:57:06 +00:00
Anna Zaks 3eae33412d [analyze] Convert EndOfPath callback to use CheckerContext 
Get rid of the EndOfPathBuilder completely.
Use the generic NodeBuilder to generate nodes.
Enqueue the end of path frontier explicitly.

llvm-svn: 142943
 2011-10-25 19:56:48 +00:00
Anna Zaks 3a769bd996 [analyzer] Refactor: make PathDiagnosticLocation responsible for validation of SourceLocations (commit 2 of ?): 
- Modify all PathDiagnosticLocation constructors that take Stmt to also requre LocationContext.
- Add a constructor which should be used in case there is no valid statement/location (it will grab the location of the enclosing function).

llvm-svn: 139763
 2011-09-15 01:08:34 +00:00
Anna Zaks 50dd696339 [analyzer] MacOSKeychainAPIChecker: Simplify getSymbolForRegion by using existing API. Thanks Jordy. 
llvm-svn: 138765
 2011-08-29 21:10:00 +00:00
Anna Zaks 814adf7752 Fix: Bug 10798 - [analyzer] Crash when analyzing ICU. (A slight improvement on the previous commit.) 
llvm-svn: 138762
 2011-08-29 20:43:37 +00:00
Anna Zaks cda129eb1c Fix bug 10797: Crash: "cast<Ty>() argument of incompatible type!" assert when analyzing ICU. 
Patch by Jean-Daniel Dupas. Thanks for spotting and fixing!

llvm-svn: 138757
 2011-08-29 20:05:54 +00:00
Anna Zaks 5be8a4d104 [analyzer] MacOSKeychainAPIChecker: Cleanup AllocationState structure. 
llvm-svn: 138535
 2011-08-25 00:59:06 +00:00
Anna Zaks 85913db489 [analyzer] MacOSKeychainAPIChecker: Add the custom BugReport visitor(which highlights the allocation site) to all the relevant reports within the checker. 
llvm-svn: 138531
 2011-08-25 00:32:42 +00:00
Anna Zaks f880cff209 [analyzer] Do not use references in std::pair. 
llvm-svn: 138497
 2011-08-24 21:58:55 +00:00
Anna Zaks 0d67579497 [analyzer] Unbreak the release buildbot. 
llvm-svn: 138493
 2011-08-24 21:40:10 +00:00
Anna Zaks be460898bb [analyzer] MacOSKeychainAPIChecker: Provide reacher diagnostic trace by pointing to the allocation site when reporting a leak. 
llvm-svn: 138479
 2011-08-24 20:52:46 +00:00
Anna Zaks 0897a23517 [analyzer] MacOSKeychainAPIChecker: Add reasoning about functions which MIGHT deallocate the memory region allocated with SecKeychain APIs. Specifically, when the buffer is passed to CFStringCreateWithBytesNoCopy along with a custom deallocator, which might potentially correctly release the memory. 
llvm-svn: 138417
 2011-08-24 00:06:27 +00:00
Anna Zaks f9e9c4e9bc [analyzer] MacOSKeychainAPIChecker: Retrieve the memory region which we are tracking even when it's no longer a SymbolicRegion, for example, when it is cast to char*. 
llvm-svn: 138415
 2011-08-23 23:56:12 +00:00
Anna Zaks bb167011e3 Move creation of the deallocation mismatch report into a separate function for future reuse. 
llvm-svn: 138414
 2011-08-23 23:47:36 +00:00
Anna Zaks bd7972b49e [analyzer] MacOSKeychainAPIChecker: Users of KeyChain API often use free() to deallocate the password. Catch this error explicitly and generate the error message at the place where free() is called. 
llvm-svn: 138296
 2011-08-22 23:18:12 +00:00
Anna Zaks 3a6bdf8f82 Remove EnhancedBugReport and RangedBugReport - pull all the extra functionality they provided into their parent BugReport. The only functional changes are: made getRanges() non const - it adds default range to Ranges if none are supplied, made getStmt() private, which was another FIXME. 
llvm-svn: 137894
 2011-08-17 23:00:25 +00:00
Anna Zaks 01ae1e1197 MacOSKeychainAPIChecker: Do not report double allocation if first allocation returned an error. 
llvm-svn: 137720
 2011-08-16 16:30:24 +00:00
Anna Zaks 5443a6497b MacOSKeychainAPIChecker: The security API/memory leak checker should always generate regular nodes instead of sink nodes. 
llvm-svn: 137681
 2011-08-15 23:23:15 +00:00
Ted Kremenek 001fd5b498 Rename GRState to ProgramState, and cleanup some code formatting along the way. 
llvm-svn: 137665
 2011-08-15 22:09:50 +00:00
Anna Zaks 29f9b7adc3 MacOSKeychainAPIChecker: Use llvm::SmallString instead of std::string (as per code review for r137523). 
llvm-svn: 137633
 2011-08-15 18:42:00 +00:00
Anna Zaks 59d741fec6 MacOSKeychainAPIChecker: If the allocated data address entered as an enclosing function parameter, skip it to avoid false positives. 
llvm-svn: 137526
 2011-08-12 22:47:22 +00:00
Anna Zaks fdd0aca0a5 MacOSKeychainAPIChecker: 
Report errors earlier: on checkDeadSymbols() and clear the state after the symbol we are tracking goes out of scope. 

Also, perform lazy error checking. Instead of forcing the paths to be split depending one the return value of the allocator, make the return symbol depend on the allocated data symbol, which prolongs its life span to the time when the allocated data symbol becomes dead.

llvm-svn: 137523
 2011-08-12 21:56:43 +00:00
Anna Zaks c94894fbc2 MacOSKeychainAPIChecker: There is no need to use SymbolMetadata to represent the allocated data symbol, we can just use the symbol corresponding to the SymbolicRegion. This simplifies tracking of the symbol, for example, SymbolMetadata needs to go through extra hoops to stay alive. 
Make AllocationState internal to the MacOSKeychainAPIChecker class.

llvm-svn: 137514
 2011-08-12 21:14:26 +00:00
Anna Zaks 177ecfac21 KeychainAPI checker: Track SymbolMetadata instead of MemRegion in checker state so that we could clear the state on evalDeadSymbols; also track the return value. 
llvm-svn: 137003
 2011-08-05 23:52:45 +00:00
Anna Zaks c52bed1814 KeychainAPI checker: Generate an error on double allocation. Pull out getAsPointeeMemoryRegion so that it could be reused. 
llvm-svn: 136952
 2011-08-05 00:37:00 +00:00
Anna Zaks c686177555 KeychainAPI checker: Track additional pair of SecKeychain APIs. Also, keep exploring the transition on which a call to allocator function failed (to be able to find errors in examples like ErrorCodesFromDifferentAPISDoNotInterfere). 
llvm-svn: 136930
 2011-08-04 21:53:01 +00:00
Anna Zaks 08be9b99e3 KeychainAPI checker: Refactor to make it easier to add more allocator/deallocator API pairs. Add the allocator function ID to the checker state. Better comments. 
llvm-svn: 136889
 2011-08-04 17:28:06 +00:00
Anna Zaks 4aa34a5325 KeychainAPI checker: refactor to use early exit. 
llvm-svn: 136852
 2011-08-04 00:31:38 +00:00
Anna Zaks 388c18ec7f KeychainAPI checker: Add basic diagnostics. Track MemoryRegion istead of SymbolicRef since the address might not be a symbolic value in some cases, for example in fooOnlyFree() test. 
llvm-svn: 136851
 2011-08-04 00:26:57 +00:00
Anna Zaks 9ab728bb05 KeychainAPI checker: only check the paths on which the allocator function returned noErr. (+ minor cleanup) 
llvm-svn: 136694
 2011-08-02 17:11:03 +00:00
Anna Zaks 15f496c118 Add a skeleton for the Keychain Services API Checker. Register it as OSX experimental for now. Note, the checker still does not handle tracking of escaped values, taking into account the return value of the allocator functions, nor the actual bug reporting.. 
llvm-svn: 136659
 2011-08-01 22:40:01 +00:00