search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
dereference: fix some false positives
[smatch.git] / smatch_assigned_expr.c
blobcd8781d8ff6ed7f2c1a4453500bcc6152ebde456
1 /*
2 * Copyright (C) 2009 Dan Carpenter.
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version 2
7 * of the License, or (at your option) any later version.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, see http://www.gnu.org/copyleft/gpl.txt
16 */
17
18 /*
19 * This is not a check. It just saves an struct expression pointer
20 * whenever something is assigned. This can be used later on by other scripts.
21 */
22
23 #include "smatch.h"
24 #include "smatch_slist.h"
25 #include "smatch_extra.h"
26
27 int check_assigned_expr_id;
28 static int my_id;
29 static int link_id;
30
31 static struct expression *skip_mod;
32
33 static void undef(struct sm_state *sm, struct expression *mod_expr)
34 {
35 if (mod_expr == skip_mod)
36 return;
37 set_state(my_id, sm->name, sm->sym, &undefined);
38 }
39
40 struct expression *get_assigned_expr(struct expression *expr)
41 {
42 struct smatch_state *state;
43
44 state = get_state_expr(my_id, expr);
45 if (!state)
46 return NULL;
47 return (struct expression *)state->data;
48 }
49
50 struct sm_state *get_assigned_sm(struct expression *expr)
51 {
52 return get_sm_state_expr(my_id, expr);
53 }
54
55 struct expression *get_assigned_expr_recurse(struct expression *expr)
56 {
57 struct expression *ret;
58 int cnt = 0;
59
60 ret = NULL;
61 while ((expr = get_assigned_expr(expr))) {
62 ret = expr;
63 if (cnt++ > 4)
64 break;
65 }
66
67 return ret;
68 }
69
70 struct expression *get_assigned_expr_name_sym(const char *name, struct symbol *sym)
71 {
72 struct smatch_state *state;
73
74 state = __get_state(my_id, name, sym);
75 if (!state)
76 return NULL;
77 return (struct expression *)state->data;
78 }
79
80 struct expression *get_assigned_expr_name_sym_recurse(const char *name, struct symbol *sym)
81 {
82 struct expression *expr, *recurse;
83
84 expr = get_assigned_expr_name_sym(name, sym);
85 if (!expr)
86 return NULL;
87 recurse = get_assigned_expr_recurse(expr);
88 if (recurse)
89 return recurse;
90 return expr;
91 }
92
93 static void match_assignment(struct expression *expr)
94 {
95 static struct expression *ignored_expr, *right;
96 struct symbol *left_sym, *right_sym;
97 struct smatch_state *state;
98 char *left_name = NULL;
99 char *right_name = NULL;
100
101 if (!cur_func_sym)
102 return;
103
104 if (__in_buf_clear)
105 return;
106
107 if (expr->op != '=')
108 return;
109 if (is_fake_call(expr->right))
110 return;
111 if (is_fake_var_assign(expr))
112 return;
113 if (__in_fake_struct_assign) {
114 struct range_list *rl;
115
116 if (!get_implied_rl(expr->right, &rl))
117 return;
118 if (is_whole_rl(rl))
119 return;
120 }
121
122 if (expr->left == ignored_expr)
123 return;
124 ignored_expr = NULL;
125 if (__in_fake_parameter_assign)
126 ignored_expr = expr->left;
127
128 left_name = expr_to_var_sym(expr->left, &left_sym);
129 if (!left_name || !left_sym)
130 goto free;
131
132 right = expr->right;
133 if (right->type == EXPR_ASSIGNMENT && right->op == '=')
134 right = right->left;
135
136 right = strip__builtin_choose_expr(right);
137 right = strip_Generic(right);
138
139 state = alloc_state_expr(strip_expr(right));
140 if (!state)
141 goto free;
142
143 skip_mod = expr;
144 set_state(my_id, left_name, left_sym, state);
145
146 right_name = expr_to_var_sym(right, &right_sym);
147 if (!right_name || !right_sym)
148 goto free;
149
150 store_link(link_id, right_name, right_sym, left_name, left_sym);
151
152 free:
153 free_string(left_name);
154 free_string(right_name);
155 }
156
157 static void record_param_assignment(struct expression *expr, int param, char *key, char *value)
158 {
159 struct expression *arg, *right;
160 struct symbol *sym;
161 char *name;
162 char *p;
163 int right_param;
164
165 while (expr->type == EXPR_ASSIGNMENT)
166 expr = strip_expr(expr->right);
167 if (!expr || expr->type != EXPR_CALL)
168 return;
169
170 p = strstr(value, "[$");
171 if (!p)
172 return;
173
174 p += 2;
175 right_param = strtol(p, &p, 10);
176 if (*p != ']')
177 return;
178
179 arg = get_argument_from_call_expr(expr->args, param);
180 right = get_argument_from_call_expr(expr->args, right_param);
181 if (!right || !arg)
182 return;
183 name = get_variable_from_key(arg, key, &sym);
184 if (!name || !sym)
185 goto free;
186
187 skip_mod = expr;
188 set_state(my_id, name, sym, alloc_state_expr(right));
189 free:
190 free_string(name);
191 }
192
193 void register_assigned_expr(int id)
194 {
195 my_id = check_assigned_expr_id = id;
196 set_dynamic_states(check_assigned_expr_id);
197 add_hook(&match_assignment, ASSIGNMENT_HOOK_AFTER);
198 add_modification_hook_late(my_id, &undef);
199 select_return_states_hook(PARAM_SET, &record_param_assignment);
200 }
201
202 void register_assigned_expr_links(int id)
203 {
204 link_id = id;
205 set_dynamic_states(link_id);
206 db_ignore_states(link_id);
207 set_up_link_functions(my_id, link_id);
208 }
209
Static analysis for C