static void match_normal_assign(struct expression *expr)
{
if (get_state_expr(my_max_id, expr->left)) {
set_state_expr(my_max_id, expr->left, &capped);
set_state_expr(my_min_id, expr->left, &capped);
}
}
static void match_dev_put(const char *fn, struct expression *expr, void *data)
{
struct expression *arg_expr;
arg_expr = get_argument_from_call_expr(expr->args, 0);
set_state_expr(my_id, arg_expr, &released);
}
static void match_assign(struct expression *expr)
{
char *name;
name = get_macro_name(expr->pos);
if (!name || strcmp(name, "get_user") != 0) {
match_normal_assign(expr);
return;
}
name = expr_to_var(expr->right);
if (!name || strcmp(name, "__val_gu") != 0)
goto free;
set_state_expr(my_max_id, expr->left, &user_data);
set_state_expr(my_min_id, expr->left, &user_data);
free:
free_string(name);
}
static void match_symbol(struct expression *expr)
{
if (outside_of_function())
return;
expr = strip_expr(expr);
if (expr == skip_this)
return;
set_state_expr(my_id, expr, &used);
}
static void match_returns_handle(const char *fn, struct expression *expr,
void *info)
{
char *left_name = NULL;
struct symbol *left_sym;
left_name = expr_to_var_sym(expr->left, &left_sym);
if (!left_name || !left_sym)
goto free;
set_state_expr(my_id, expr->left, &filehandle);
free:
free_string(left_name);
}
static void db_param_cleared(struct expression *expr, int param, char *key, char *value)
{
struct expression *arg;
while (expr->type == EXPR_ASSIGNMENT)
expr = strip_expr(expr->right);
if (expr->type != EXPR_CALL)
return;
arg = get_argument_from_call_expr(expr->args, param);
arg = strip_expr(arg);
if (!arg)
return;
if (arg->type != EXPR_SYMBOL)
return;
if (get_param_num_from_sym(arg->symbol) < 0)
return;
if (strcmp(value, "0") == 0)
set_state_expr(my_id, arg, &zeroed);
else
set_state_expr(my_id, arg, &cleared);
}
static void match_condition(struct expression *expr)
{
if (expr->type == EXPR_ASSIGNMENT)
match_condition(expr->left);
if (get_state_expr(my_id, expr) == &filehandle) {
char *name;
name = expr_to_var(expr);
sm_msg("error: comparing a filehandle against zero '%s'", name);
set_state_expr(my_id, expr, &oktocheck);
free_string(name);
}
}
static void check_expr(struct expression *expr)
{
struct sm_state *sm;
sval_t max;
sval_t sval;
char *name;
int overflow = 0;
int underflow = 0;
sm = get_sm_state_expr(my_max_id, expr);
if (sm && slist_has_state(sm->possible, &user_data)) {
if (!get_absolute_max(expr, &max) || sval_cmp_val(max, 20000) > 0)
overflow = 1;
}
sm = get_sm_state_expr(my_min_id, expr);
if (sm && slist_has_state(sm->possible, &user_data)) {
if (!get_absolute_min(expr, &sval) ||
(sval_is_negative(sval) && sval_cmp_val(sval, -20000) < 0))
underflow = 1;
}
if (!overflow && !underflow)
return;
name = expr_to_var_sym(expr, NULL);
if (overflow && underflow)
sm_msg("warn: check for integer over/underflow '%s'", name);
else if (underflow)
sm_msg("warn: check for integer underflow '%s'", name);
else
sm_msg("warn: check for integer overflow '%s'", name);
free_string(name);
set_state_expr(my_max_id, expr, &capped);
set_state_expr(my_min_id, expr, &capped);
}
static void match_assign(struct expression *expr)
{
struct expression *left;
if (expr->op != '=')
return;
if (!get_switch_expr())
return;
left = strip_expr(expr->left);
if (get_state_expr(my_id, left) == &no_break)
print_missing_break(left);
set_state_expr(my_id, left, alloc_my_state(get_switch_expr()));
skip_this = left;
}
static void match_returns_null(const char *fn, struct expression *call_expr,
struct expression *assign_expr, void *unused)
{
if (assign_expr)
set_state_expr(my_id, assign_expr->left, &released);
}