smatch_common_functions.c

   1 /*
   2  * Copyright (C) 2013 Oracle.
   3  *
   4  * This program is free software; you can redistribute it and/or
   5  * modify it under the terms of the GNU General Public License
   6  * as published by the Free Software Foundation; either version 2
   7  * of the License, or (at your option) any later version.
   8  *
   9  * This program is distributed in the hope that it will be useful,
  10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  * GNU General Public License for more details.
  13  *
  14  * You should have received a copy of the GNU General Public License
  15  * along with this program; if not, see http://www.gnu.org/copyleft/gpl.txt
  16  */
  17
  18 #include "scope.h"
  19 #include "smatch.h"
  20 #include "smatch_extra.h"
  21
  22 static int match_strlen(struct expression *call, void *unused, struct range_list **rl)
  23 {
  24         struct expression *str;
  25         unsigned long max;
  26
  27         str = get_argument_from_call_expr(call->args, 0);
  28         if (get_implied_strlen(str, rl) && sval_is_positive(rl_min(*rl))) {
  29                 *rl = cast_rl(&ulong_ctype, *rl);
  30                 return 1;
  31         }
  32         /* smatch_strlen.c is not very complete */
  33         max = get_array_size_bytes_max(str);
  34         if (max == 0) {
  35                 *rl = alloc_rl(sval_type_val(&ulong_ctype, 0),
  36                                sval_type_val(&ulong_ctype, STRLEN_MAX_RET));
  37         } else {
  38                 max--;
  39                 *rl = alloc_rl(sval_type_val(&ulong_ctype, 0),
  40                                sval_type_val(&ulong_ctype, max));
  41         }
  42         return 1;
  43 }
  44
  45 static int match_strnlen(struct expression *call, void *unused, struct range_list **rl)
  46 {
  47         struct expression *limit;
  48         sval_t fixed;
  49         sval_t bound;
  50         sval_t ulong_max = sval_type_val(&ulong_ctype, ULONG_MAX);
  51
  52         match_strlen(call, NULL, rl);
  53         limit = get_argument_from_call_expr(call->args, 1);
  54         if (!get_implied_max(limit, &bound))
  55                 return 1;
  56         if (sval_cmp(bound, ulong_max) == 0)
  57                 return 1;
  58         if (rl_to_sval(*rl, &fixed) && sval_cmp(fixed, bound) >= 0) {
  59                 *rl = alloc_rl(bound, bound);
  60                 return 1;
  61         }
  62
  63         bound.value++;
  64         *rl = remove_range(*rl, bound, ulong_max);
  65
  66         return 1;
  67 }
  68
  69 static int match_sprintf(struct expression *call, void *_arg, struct range_list **rl)
  70 {
  71         int str_arg = PTR_INT(_arg);
  72         int size;
  73
  74         size = get_formatted_string_size(call, str_arg);
  75         if (size <= 0) {
  76                 *rl = alloc_whole_rl(&ulong_ctype);
  77         } else {
  78                 /* FIXME:  This is bogus.  get_formatted_string_size() should be
  79                    returning a range_list.  Also it should not add the NUL. */
  80                 size--;
  81                 *rl = alloc_rl(ll_to_sval(0), ll_to_sval(size));
  82         }
  83         return 1;
  84 }
  85
  86 void register_common_functions(int id)
  87 {
  88         /*
  89          * When you add a new function here, then don't forget to delete it from
  90          * the database and smatch_data/.
  91          */
  92         add_implied_return_hook("strlen", &match_strlen, NULL);
  93         add_implied_return_hook("strnlen", &match_strnlen, NULL);
  94         add_implied_return_hook("sprintf", &match_sprintf, INT_PTR(1));
  95         add_implied_return_hook("snprintf", &match_sprintf, INT_PTR(2));
  96 }