2 * Copyright (C) 2014 Oracle.
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version 2
7 * of the License, or (at your option) any later version.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, see http://www.gnu.org/copyleft/gpl.txt
19 * Sometimes we aren't able to track a variable through a function call. This
20 * usually happens because a function changes too many variables so we give up.
21 * Another reason this happens is because we call a function pointer and there
22 * are too many functions which implement that function pointer so we give up.
23 * Also maybe we don't have the database enabled.
25 * The goal here is to make a call back so what if we call:
29 * but we're not able to say what happens to "foo", then let's assume that we
30 * don't know anything about "foo" if it's an untracked call.
35 #include "smatch_slist.h"
36 #include "smatch_extra.h"
43 typedef void (untracked_hook
)(struct expression
*call
, int param
);
44 DECLARE_PTR_LIST(untracked_hook_list
, untracked_hook
*);
45 static struct untracked_hook_list
*untracked_hooks
;
46 static struct untracked_hook_list
*lost_hooks
;
48 void add_untracked_param_hook(void (func
)(struct expression
*call
, int param
))
50 untracked_hook
**p
= malloc(sizeof(untracked_hook
*));
52 add_ptr_list(&untracked_hooks
, p
);
55 static void call_untracked_callbacks(struct expression
*expr
, int param
)
59 FOR_EACH_PTR(untracked_hooks
, fn
) {
61 } END_FOR_EACH_PTR(fn
);
64 void add_lost_param_hook(void (func
)(struct expression
*call
, int param
))
66 untracked_hook
**p
= malloc(sizeof(untracked_hook
*));
68 add_ptr_list(&lost_hooks
, p
);
71 static void call_lost_callbacks(struct expression
*expr
, int param
)
75 FOR_EACH_PTR(lost_hooks
, fn
) {
77 } END_FOR_EACH_PTR(fn
);
80 static char *get_array_from_key(struct expression
*expr
, int param
, const char *key
, struct symbol
**sym
)
82 struct expression
*arg
;
84 arg
= get_argument_from_call_expr(expr
->args
, param
);
87 if (arg
->type
!= EXPR_PREOP
|| arg
->op
!= '&')
92 arg
= get_array_base(arg
);
94 return expr_to_var_sym(arg
, sym
);
97 static void mark_untracked_lost(struct expression
*expr
, int param
, const char *key
, int type
)
102 while (expr
->type
== EXPR_ASSIGNMENT
)
103 expr
= strip_expr(expr
->right
);
104 if (expr
->type
!= EXPR_CALL
)
107 name
= get_name_sym_from_param_key(expr
, param
, key
, &sym
);
109 name
= get_array_from_key(expr
, param
, key
, &sym
);
114 if (type
== LOST_PARAM
)
115 call_lost_callbacks(expr
, param
);
116 call_untracked_callbacks(expr
, param
);
117 set_state(my_id
, name
, sym
, &untracked
);
123 void mark_untracked(struct expression
*expr
, int param
, const char *key
, const char *value
)
125 mark_untracked_lost(expr
, param
, key
, UNTRACKED_PARAM
);
128 void mark_lost(struct expression
*expr
, int param
, const char *key
, const char *value
)
130 mark_untracked_lost(expr
, param
, key
, LOST_PARAM
);
133 void mark_call_params_untracked(struct expression
*call
)
135 struct expression
*arg
;
138 FOR_EACH_PTR(call
->args
, arg
) {
139 mark_untracked(call
, i
++, "$", NULL
);
140 } END_FOR_EACH_PTR(arg
);
143 static int lost_in_va_args(struct expression
*expr
)
149 fn
= get_type(expr
->fn
);
150 if (!fn
|| !fn
->variadic
)
154 name
= expr_to_var(expr
->fn
);
155 if (name
&& strstr(name
, "print"))
162 static void match_after_call(struct expression
*expr
)
164 struct expression
*arg
;
168 if (!lost_in_va_args(expr
))
172 FOR_EACH_PTR(expr
->args
, arg
) {
175 type
= get_type(arg
);
176 if (!type
|| type
->type
!= SYM_PTR
)
179 call_untracked_callbacks(expr
, i
);
180 call_lost_callbacks(expr
, i
);
181 set_state_expr(my_id
, arg
, &untracked
);
182 } END_FOR_EACH_PTR(arg
);
185 static void mark_all_params(int return_id
, char *return_ranges
, int type
)
191 FOR_EACH_PTR(cur_func_sym
->ctype
.base_type
->arguments
, arg
) {
196 sql_insert_return_states(return_id
, return_ranges
,
197 type
, param
, "$", "");
198 } END_FOR_EACH_PTR(arg
);
202 void mark_all_params_untracked(int return_id
, char *return_ranges
, struct expression
*expr
)
204 mark_all_params(return_id
, return_ranges
, UNTRACKED_PARAM
);
207 void mark_all_params_lost(int return_id
, char *return_ranges
, struct expression
*expr
)
209 mark_all_params(return_id
, return_ranges
, LOST_PARAM
);
212 static void print_untracked_params(int return_id
, char *return_ranges
, struct expression
*expr
)
220 FOR_EACH_PTR(cur_func_sym
->ctype
.base_type
->arguments
, arg
) {
226 if (__bail_on_rest_of_function
) {
227 /* hairy functions are lost */
229 } else if ((sm
= get_sm_state(my_id
, arg
->ident
->name
, arg
))) {
230 if (slist_has_state(sm
->possible
, &lost
))
233 type
= UNTRACKED_PARAM
;
238 sql_insert_return_states(return_id
, return_ranges
,
239 type
, param
, "$", "");
240 } END_FOR_EACH_PTR(arg
);
243 static void match_assign(struct expression
*expr
)
245 struct expression
*right
;
248 if (is_fake_var_assign(expr
))
251 right
= strip_expr(expr
->right
);
253 if (right
->type
!= EXPR_SYMBOL
)
255 if (!is_pointer(expr
->right
))
257 param
= get_param_num(right
);
261 set_state_expr(my_id
, right
, &untracked
);
264 static void match_param_assign_in_asm(struct statement
*stmt
)
266 struct expression
*expr
;
267 struct asm_operand
*op
;
271 FOR_EACH_PTR(stmt
->asm_inputs
, op
) {
272 expr
= strip_expr(op
->expr
);
273 type
= get_type(expr
);
274 if (!type
|| type
->type
!= SYM_PTR
)
276 param
= get_param_num(expr
);
279 set_state_expr(my_id
, expr
, &untracked
);
280 } END_FOR_EACH_PTR(op
);
283 void register_untracked_param(int id
)
287 select_return_states_hook(UNTRACKED_PARAM
, &mark_untracked
);
288 select_return_states_hook(LOST_PARAM
, &mark_lost
);
289 add_hook(&match_after_call
, FUNCTION_CALL_HOOK_AFTER_DB
);
291 add_split_return_callback(&print_untracked_params
);
293 add_hook(&match_assign
, ASSIGNMENT_HOOK
);
294 add_hook(&match_param_assign_in_asm
, ASM_HOOK
);