static void match_return(struct expression *ret_value)
{
sval_t rval;
sval_t lret;
char *name;
if (!get_value(ret_value, &rval) || rval.value >= 0)
return;
if (get_implied_value(last_return, &lret))
return;
if (!get_implied_max(last_return, &lret) || lret.value >= 0)
return;
if (get_implied_min(last_return, &lret) && !sval_is_min(lret))
return;
name = expr_to_var(last_return);
sm_msg("info: why not propagate '%s' from %s() instead of %s?",
name, get_fn_name(last_func), sval_to_str(rval));
free_string(name);
}
static int match_strnlen(struct expression *call, void *unused, struct range_list **rl)
{
struct expression *limit;
sval_t fixed;
sval_t bound;
sval_t ulong_max = sval_type_val(&ulong_ctype, ULONG_MAX);
match_strlen(call, NULL, rl);
limit = get_argument_from_call_expr(call->args, 1);
if (!get_implied_max(limit, &bound))
return 1;
if (sval_cmp(bound, ulong_max) == 0)
return 1;
if (rl_to_sval(*rl, &fixed) && sval_cmp(fixed, bound) >= 0) {
*rl = alloc_rl(bound, bound);
return 1;
}
bound.value++;
*rl = remove_range(*rl, bound, ulong_max);
return 1;
}