db: save less information for common functions
[smatch.git] / check_testing_index_after_use.c
bloba73780e596ea92c94f639c4f2a2c4205ed5a2ccc
1 /*
2 * Copyright (C) 2010 Dan Carpenter.
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version 2
7 * of the License, or (at your option) any later version.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, see http://www.gnu.org/copyleft/gpl.txt
18 #include <stdlib.h>
19 #include "parse.h"
20 #include "smatch.h"
21 #include "smatch_slist.h"
22 #include "smatch_extra.h"
25 * This check has two smatch IDs.
26 * my_used_id - keeps a record of array offsets that have been used.
27 * If the code checks that they are within bounds later on,
28 * we complain about using an array offset before checking
29 * that it is within bounds.
31 static int my_used_id;
33 static void delete(struct sm_state *sm, struct expression *mod_expr)
35 set_state(my_used_id, sm->name, sm->sym, &undefined);
38 static int get_the_max(struct expression *expr, sval_t *sval)
40 if (get_hard_max(expr, sval))
41 return 1;
42 if (!option_spammy)
43 return 0;
44 if (get_fuzzy_max(expr, sval))
45 return 1;
46 if (is_user_data(expr))
47 return get_absolute_max(expr, sval);
48 return 0;
51 static void array_check(struct expression *expr)
53 struct expression *array_expr;
54 int array_size;
55 struct expression *offset;
56 sval_t max;
58 expr = strip_expr(expr);
59 if (!is_array(expr))
60 return;
62 array_expr = get_array_base(expr);
63 array_size = get_array_size(array_expr);
64 if (!array_size || array_size == 1)
65 return;
67 offset = get_array_offset(expr);
68 if (!get_the_max(offset, &max)) {
69 if (getting_address())
70 return;
71 if (is_capped(offset))
72 return;
73 set_state_expr(my_used_id, offset, alloc_state_num(array_size));
77 static void match_condition(struct expression *expr)
79 int left;
80 sval_t sval;
81 struct state_list *slist;
82 struct sm_state *tmp;
83 int boundary;
85 if (!expr || expr->type != EXPR_COMPARE)
86 return;
87 if (get_macro_name(expr->pos))
88 return;
89 if (get_implied_value(expr->left, &sval))
90 left = 1;
91 else if (get_implied_value(expr->right, &sval))
92 left = 0;
93 else
94 return;
96 if (left)
97 slist = get_possible_states_expr(my_used_id, expr->right);
98 else
99 slist = get_possible_states_expr(my_used_id, expr->left);
100 if (!slist)
101 return;
102 FOR_EACH_PTR(slist, tmp) {
103 if (tmp->state == &merged || tmp->state == &undefined)
104 continue;
105 boundary = PTR_INT(tmp->state->data);
106 boundary -= sval.value;
107 if (boundary < 1 && boundary > -1) {
108 char *name;
110 name = expr_to_var(left ? expr->right : expr->left);
111 sm_msg("error: testing array offset '%s' after use.", name);
112 return;
114 } END_FOR_EACH_PTR(tmp);
117 void check_testing_index_after_use(int id)
119 my_used_id = id;
120 add_hook(&array_check, OP_HOOK);
121 add_hook(&match_condition, CONDITION_HOOK);
122 add_modification_hook(my_used_id, &delete);