1// RUN: %clang_cc1 -triple x86_64-unknown-unknown -analyze -analyzer-checker=alpha.security.MallocOverflow,unix -verify %s 2 3typedef __typeof__(sizeof(int)) size_t; 4extern void *malloc(size_t); 5extern void free(void *ptr); 6 7void *malloc(unsigned long s); 8 9struct table { 10 int nentry; 11 unsigned *table; 12 unsigned offset_max; 13}; 14 15static int table_build(struct table *t) { 16 17 t->nentry = ((t->offset_max >> 2) + 31) / 32; 18 t->table = (unsigned *)malloc(sizeof(unsigned) * t->nentry); // expected-warning {{the computation of the size of the memory allocation may overflow}} 19 20 int n; 21 n = 10000; 22 int *p = malloc(sizeof(int) * n); // no-warning 23 24 free(p); 25 return t->nentry; 26} 27 28static int table_build_1(struct table *t) { 29 t->nentry = (sizeof(struct table) * 2 + 31) / 32; 30 t->table = (unsigned *)malloc(sizeof(unsigned) * t->nentry); // no-warning 31 return t->nentry; 32} 33 34void *f(int n) { 35 return malloc(n * 0 * sizeof(int)); // expected-warning {{Call to 'malloc' has an allocation size of 0 bytes}} 36} 37