void Graph::dumpSauto(raw_ostream& os, int tabn) {
LangOptions LO;
LO.CPlusPlus = true;
PrintingPolicy Policy(LO);
for (Graph::adjMapType::iterator it = _adjList.begin(), eit = _adjList.end();
it != eit;
it++) {
Graph::twoIntPairType p = it->first;
Edge *e = it->second;
os<<" Edge ("<<p.first<<", "<<p.second<<")\n";
os<<" Transition code \n";
vector<CFGBlock*> codeBlocks = e->getPreStmtBlks();
for (int i = 0; i<codeBlocks.size(); i++) {
CFGBlock* currBlock = codeBlocks.at(i);
for(CFGBlock::iterator it = currBlock->begin(), eit = currBlock->end();
it != eit;
it++) {
if(Optional <CFGStmt> cfgStmt = it->getAs<CFGStmt>()) {
const Stmt* stmt = cfgStmt->getStmt();
stmt->printPretty(llvm::errs(), 0, Policy, 0);
os<<"\n";
}
}
}
}
}
void MallocOverflowSecurityChecker::checkASTCodeBody(const Decl *D,
AnalysisManager &mgr,
BugReporter &BR) const {
CFG *cfg = mgr.getCFG(D);
if (!cfg)
return;
// A list of variables referenced in possibly overflowing malloc operands.
llvm::SmallVector<MallocOverflowCheck, 2> PossibleMallocOverflows;
for (CFG::iterator it = cfg->begin(), ei = cfg->end(); it != ei; ++it) {
CFGBlock *block = *it;
for (CFGBlock::iterator bi = block->begin(), be = block->end();
bi != be; ++bi) {
if (const CFGStmt *CS = bi->getAs<CFGStmt>()) {
if (const CallExpr *TheCall = dyn_cast<CallExpr>(CS->getStmt())) {
// Get the callee.
const FunctionDecl *FD = TheCall->getDirectCallee();
if (!FD)
return;
// Get the name of the callee. If it's a builtin, strip off the prefix.
IdentifierInfo *FnInfo = FD->getIdentifier();
if (!FnInfo)
return;
if (FnInfo->isStr ("malloc") || FnInfo->isStr ("_MALLOC")) {
if (TheCall->getNumArgs() == 1)
CheckMallocArgument(PossibleMallocOverflows, TheCall->getArg(0),
mgr.getASTContext());
}
}
}
}
}
OutputPossibleOverflows(PossibleMallocOverflows, D, BR, mgr);
}