reference, declaration → definition
definition → references, declarations, derived classes, virtual overrides
reference to multiple definitions → definitions
unreferenced

    1
    2
    3
    4
    5
    6
    7
    8
    9
   10
   11
   12
   13
   14
   15
   16
   17
   18
   19
   20
   21
   22
   23
   24
   25
   26
   27

// RUN: %clang_analyze_cc1 -analyzer-checker=alpha.security.ReturnPtrRange -verify %s

int arr[10];
int *ptr;

int conjure_index();

int *test_element_index_lifetime() {
  do {
    int x = conjure_index();
    ptr = arr + x;
    if (x != 20)
      return arr; // no-warning
  } while (0);
  return ptr; // expected-warning{{Returned pointer value points outside the original object (potential buffer overflow)}}
}

int *test_element_index_lifetime_with_local_ptr() {
  int *local_ptr;
  do {
    int x = conjure_index();
    local_ptr = arr + x;
    if (x != 20)
      return arr; // no-warning
  } while (0);
  return local_ptr; // expected-warning{{Returned pointer value points outside the original object (potential buffer overflow)}}
}