search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
locking: remove release_sock()
[smatch.git] / smatch_dereference.c
blob0e9dcc23b87921e5b2cbd4288beeb700c24bd203
1 /*
2 * Copyright (C) 2021 Oracle.
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version 2
7 * of the License, or (at your option) any later version.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, see http://www.gnu.org/copyleft/gpl.txt
16 */
17
18 #include "smatch.h"
19 #include "smatch_extra.h"
20
21 static int my_id;
22 static struct expr_fn_list *deref_hooks;
23
24 struct deref_info {
25 const char *name;
26 int param;
27 const char *key;
28 const sval_t *implies_start, *implies_end;
29 };
30 static struct deref_info fn_deref_table[] = {
31 { "nla_data", 0, "$" },
32 { "strlen", 0, "$" },
33 { "__builtin_strlen", 0, "$" },
34 { "__fortify_strlen", 0, "$" },
35 };
36
37 void add_dereference_hook(expr_func *fn)
38 {
39 add_ptr_list(&deref_hooks, fn);
40 }
41
42 static void call_deref_hooks(struct expression *expr)
43 {
44 if (__in_fake_assign || __in_fake_parameter_assign)
45 return;
46 if (!expr)
47 return;
48
49 call_expr_fns(deref_hooks, expr);
50 }
51
52 static void match_dereference(struct expression *expr)
53 {
54 struct expression *p, *tmp;
55 struct symbol *type;
56
57 if (expr->type != EXPR_PREOP ||
58 expr->op != '*')
59 return;
60 p = strip_expr(expr->unop);
61 type = get_type(p);
62 if (!type || type->type != SYM_PTR)
63 return;
64 call_deref_hooks(p);
65
66 tmp = get_assigned_expr(p);
67 if (!tmp)
68 return;
69 /*
70 * Imagine we have:
71 * p = &foo->bar;
72 * x = p->whatever;
73 *
74 * Note that we only care about address assignments because other
75 * dereferences would have been handled already.
76 */
77 if (tmp->type != EXPR_PREOP || tmp->op != '&')
78 return;
79 p = strip_expr(tmp->unop);
80 if (p->type != EXPR_DEREF)
81 return;
82 p = strip_expr(p->deref);
83 if (p->type != EXPR_PREOP || p->op != '*')
84 return;
85 p = strip_expr(p->unop);
86 type = get_type(p);
87 if (!type || type->type != SYM_PTR)
88 return;
89 call_deref_hooks(p);
90 }
91
92 static void match_pointer_as_array(struct expression *expr)
93 {
94 struct expression *array;
95 struct symbol *type;
96
97 if (!is_array(expr))
98 return;
99 if (getting_address(expr))
100 return;
101
102 array = get_array_base(expr);
103 type = get_type(array);
104 if (!type || type->type != SYM_PTR)
105 return;
106
107 call_deref_hooks(array);
108 }
109
110 static void set_param_dereferenced(struct expression *call, struct expression *arg, char *key, char *unused)
111 {
112 struct expression *deref;
113
114 deref = gen_expression_from_key(arg, key);
115 if (!deref)
116 return;
117
118 call_deref_hooks(deref);
119 }
120
121 static void param_deref(struct expression *expr)
122 {
123 call_deref_hooks(expr);
124 }
125
126 void register_dereferences(int id)
127 {
128 struct deref_info *info;
129 int i;
130
131 my_id = id;
132
133 add_hook(&match_dereference, DEREF_HOOK);
134 add_hook(&match_pointer_as_array, OP_HOOK);
135 select_return_implies_hook_early(DEREFERENCE, &set_param_dereferenced);
136
137 for (i = 0; i < ARRAY_SIZE(fn_deref_table); i++) {
138 info = &fn_deref_table[i];
139 add_param_key_expr_hook(info->name, &param_deref, info->param, info->key, info);
140 }
141 }
142
Static analysis for C