smatch_common_functions.c

   1 /*
   2  * Copyright (C) 2013 Oracle.
   3  *
   4  * This program is free software; you can redistribute it and/or
   5  * modify it under the terms of the GNU General Public License
   6  * as published by the Free Software Foundation; either version 2
   7  * of the License, or (at your option) any later version.
   8  *
   9  * This program is distributed in the hope that it will be useful,
  10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  * GNU General Public License for more details.
  13  *
  14  * You should have received a copy of the GNU General Public License
  15  * along with this program; if not, see http://www.gnu.org/copyleft/gpl.txt
  16  */
  17
  18 #include "scope.h"
  19 #include "smatch.h"
  20 #include "smatch_extra.h"
  21
  22 static int match_strlen(struct expression *call, void *unused, struct range_list **rl)
  23 {
  24         struct expression *str;
  25         unsigned long max;
  26
  27         str = get_argument_from_call_expr(call->args, 0);
  28         if (get_implied_strlen(str, rl) && sval_is_positive(rl_min(*rl))) {
  29                 *rl = cast_rl(&ulong_ctype, *rl);
  30                 return 1;
  31         }
  32         /* smatch_strlen.c is not very complete */
  33         max = get_array_size_bytes_max(str);
  34         if (max == 0) {
  35                 *rl = alloc_whole_rl(&ulong_ctype);
  36         } else {
  37                 max--;
  38                 *rl = alloc_rl(ll_to_sval(0), ll_to_sval(max));
  39         }
  40         return 1;
  41 }
  42
  43 static int match_strnlen(struct expression *call, void *unused, struct range_list **rl)
  44 {
  45         struct expression *limit;
  46         sval_t fixed;
  47         sval_t bound;
  48         sval_t ulong_max = sval_type_val(&ulong_ctype, ULONG_MAX);
  49
  50         match_strlen(call, NULL, rl);
  51         limit = get_argument_from_call_expr(call->args, 1);
  52         if (!get_implied_max(limit, &bound))
  53                 return 1;
  54         if (sval_cmp(bound, ulong_max) == 0)
  55                 return 1;
  56         if (rl_to_sval(*rl, &fixed) && sval_cmp(fixed, bound) >= 0) {
  57                 *rl = alloc_rl(bound, bound);
  58                 return 1;
  59         }
  60
  61         bound.value++;
  62         *rl = remove_range(*rl, bound, ulong_max);
  63
  64         return 1;
  65 }
  66
  67 static int match_sprintf(struct expression *call, void *_arg, struct range_list **rl)
  68 {
  69         int str_arg = PTR_INT(_arg);
  70         int size;
  71
  72         size = get_formatted_string_size(call, str_arg);
  73         if (size <= 0) {
  74                 *rl = alloc_whole_rl(&ulong_ctype);
  75         } else {
  76                 /* FIXME:  This is bogus.  get_formatted_string_size() should be
  77                    returning a range_list.  Also it should not add the NUL. */
  78                 size--;
  79                 *rl = alloc_rl(ll_to_sval(0), ll_to_sval(size));
  80         }
  81         return 1;
  82 }
  83
  84 void register_common_functions(int id)
  85 {
  86         /*
  87          * When you add a new function here, then don't forget to delete it from
  88          * the database and smatch_data/.
  89          */
  90         add_implied_return_hook("strlen", &match_strlen, NULL);
  91         add_implied_return_hook("strnlen", &match_strnlen, NULL);
  92         add_implied_return_hook("sprintf", &match_sprintf, INT_PTR(1));
  93         add_implied_return_hook("snprintf", &match_sprintf, INT_PTR(2));
  94 }