Print this page
11506 smatch resync
*** 24,33 ****
--- 24,35 ----
static void match_assign(struct expression *expr)
{
struct symbol *left_type, *right_type;
struct expression *size_expr;
sval_t min_size;
+ int limit_type;
+ int bytes;
left_type = get_type(expr->left);
if (!left_type || left_type->type != SYM_PTR)
return;
left_type = get_real_base_type(left_type);
*** 41,53 ****
if (!right_type)
return;
if (right_type != &void_ctype && type_bits(right_type) != 8)
return;
! size_expr = get_size_variable(expr->right);
if (!size_expr)
return;
get_absolute_min(size_expr, &min_size);
if (min_size.value >= type_bytes(left_type))
return;
--- 43,61 ----
if (!right_type)
return;
if (right_type != &void_ctype && type_bits(right_type) != 8)
return;
! bytes = get_array_size_bytes(expr->right);
! if (bytes >= type_bytes(left_type))
! return;
!
! size_expr = get_size_variable(expr->right, &limit_type);
if (!size_expr)
return;
+ if (limit_type != ELEM_COUNT)
+ return;
get_absolute_min(size_expr, &min_size);
if (min_size.value >= type_bytes(left_type))
return;
*** 60,69 ****
--- 68,78 ----
struct expression *right;
struct smatch_state *state;
char *name;
struct expression *size_expr;
sval_t min_size;
+ int limit_type;
if (expr->type != EXPR_PREOP)
return;
expr = strip_expr(expr->unop);
*** 77,89 ****
left_type = get_real_base_type(left_type);
if (!left_type || left_type->type != SYM_STRUCT)
return;
right = get_assigned_expr(expr);
! size_expr = get_size_variable(right);
if (!size_expr)
return;
get_absolute_min(size_expr, &min_size);
if (min_size.value >= type_bytes(left_type))
return;
--- 86,100 ----
left_type = get_real_base_type(left_type);
if (!left_type || left_type->type != SYM_STRUCT)
return;
right = get_assigned_expr(expr);
! size_expr = get_size_variable(right, &limit_type);
if (!size_expr)
return;
+ if (limit_type != ELEM_COUNT)
+ return;
get_absolute_min(size_expr, &min_size);
if (min_size.value >= type_bytes(left_type))
return;