pghs975uc
/
infer_clone
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

[pulse] require ptr>0 in free()

Browse Source 
Summary: Resolves a false positive.

Reviewed By: skcho

Differential Revision: D21332074

fbshipit-source-id: a0c962b91
master
Jules Villard 5 years ago committed by Facebook GitHub Bot
parent 385b6fa914
commit 2da04b835d
3 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File

1
infer/src/pulse/PulseModels.ml
Unescape View File

@ -78,6 +78,7 @@ module C = struct
if PulseArithmetic.is_known_zero astate (fst deleted_access) then
PulseOperations.ok_continue astate
else
let astate = PulseArithmetic.and_positive (fst deleted_access) astate in
let+ astate = PulseOperations.invalidate location Invalidation.CFree deleted_access astate in
[ExecutionDomain.ContinueProgram astate]

1
infer/tests/codetoanalyze/c/pulse/issues.exp
Unescape View File

@ -1,6 +1,5 @@
codetoanalyze/c/pulse/memory_leak.c, malloc_interproc_no_free_bad, 0, PULSE_MEMORY_LEAK, no_bucket, ERROR, [allocation part of the trace starts here,when calling `create_p` here,allocated by call to `malloc` (modelled),allocation part of the trace ends here,memory becomes unreachable here]
codetoanalyze/c/pulse/memory_leak.c, malloc_interproc_no_free_bad2, 4, PULSE_MEMORY_LEAK, no_bucket, ERROR, [allocation part of the trace starts here,allocated by call to `malloc` (modelled),allocation part of the trace ends here,memory becomes unreachable here]
codetoanalyze/c/pulse/memory_leak.c, malloc_no_free_bad, 0, PULSE_MEMORY_LEAK, no_bucket, ERROR, [allocation part of the trace starts here,allocated by call to `malloc` (modelled),allocation part of the trace ends here,memory becomes unreachable here]
codetoanalyze/c/pulse/nullptr.c, FP_interproc_free_ok, 2, NULLPTR_DEREFERENCE, no_bucket, ERROR, [invalidation part of the trace starts here,allocated by call to `malloc` (modelled),is the null pointer,use-after-lifetime part of the trace starts here,allocated by call to `malloc` (modelled),assigned,when calling `wrap_free` here,parameter `p` of wrap_free,invalid access occurs here]
codetoanalyze/c/pulse/nullptr.c, malloc_no_check_bad, 2, NULLPTR_DEREFERENCE, no_bucket, ERROR, [invalidation part of the trace starts here,allocated by call to `malloc` (modelled),is the null pointer,use-after-lifetime part of the trace starts here,allocated by call to `malloc` (modelled),assigned,invalid access occurs here]
codetoanalyze/c/pulse/nullptr.c, nullptr_deref_young_bad, 5, NULLPTR_DEREFERENCE, no_bucket, ERROR, [invalidation part of the trace starts here,assigned,is the null pointer,use-after-lifetime part of the trace starts here,assigned,invalid access occurs here]

2
infer/tests/codetoanalyze/c/pulse/nullptr.c
Unescape View File

@ -73,7 +73,7 @@ void malloc_free_ok() {
void wrap_free(void* p) { free(p); }
void FP_interproc_free_ok() {
void interproc_free_ok() {
int* p = (int*)malloc(sizeof(int));
wrap_free(p);
}

Write Preview
Loading…
Cancel
Save