null-deref-ps.c revision dd463b8db0b07d2fdb99ffc7a7eb28eeb449c5d4
1// RUN: clang -checker-simple -verify %s 2 3#include<stdint.h> 4 5void f1(int *p) { 6 if (p) *p = 1; 7 else *p = 0; // expected-warning{{ereference}} 8} 9 10struct foo_struct { 11 int x; 12}; 13 14int f2(struct foo_struct* p) { 15 16 if (p) 17 p->x = 1; 18 19 return p->x++; // expected-warning{{Dereference of null pointer.}} 20} 21 22int f3(char* x) { 23 24 int i = 2; 25 26 if (x) 27 return x[i - 1]; 28 29 return x[i+1]; // expected-warning{{Dereference of null pointer.}} 30} 31 32int f3_b(char* x) { 33 34 int i = 2; 35 36 if (x) 37 return x[i - 1]; 38 39 return x[i+1]++; // expected-warning{{Dereference of null pointer.}} 40} 41 42int f4(int *p) { 43 44 uintptr_t x = (uintptr_t) p; 45 46 if (x) 47 return 1; 48 49 int *q = (int*) x; 50 return *q; // expected-warning{{Dereference of null pointer.}} 51} 52 53int f5() { 54 55 char *s = "hello world"; 56 return s[0]; // no-warning 57} 58 59int bar(int* p) __attribute__((nonnull)); 60 61int f6(int *p) { 62 return !p ? bar(p) : *p; // expected-warning {{Null pointer passed as an argument to a 'nonnull' parameter}} 63} 64 65int* qux(); 66 67int f7(int x) { 68 69 int* p = 0; 70 71 if (0 == x) 72 p = qux(); 73 74 if (0 == x) 75 *p = 1; // no-warning 76 77 return x; 78} 79 80int f8(int *p, int *q) { 81 if (!p) 82 if (p) 83 *p = 1; // no-warning 84 85 if (q) 86 if (!q) 87 *q = 1; // no-warning 88} 89