Bounds checking bounds-safe interfaces in unchecked scopes #1169
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
added 10 commits
August 23, 2021 15:14
LValuesAssignedChecked contains AbstractSets representing lvalues expressions that have unchecked pointer type that were assigned a checked pointer during the current top-level statement (if the statement is in an unchecked scope). AbstractSets in LValuesAssignedChecked should have their bounds validated after checking the current statement.
…so it results in a warning
…ith declared bounds
…unds-safe interface
…into bounds-checking-unchecked-scope
sulekhark
approved these changes
Aug 25, 2021
Contributor
sulekhark
left a comment
sulekhark
left a comment
There was a problem hiding this comment.
LGTM (there's just one minor comment)! Thank you!
| p += i; | ||
|
|
||
| // The type of the RHS expression p + r is int *, so a checked pointer is not | ||
| // assigned to p here. |
Contributor
There was a problem hiding this comment.
It looks like the code that the comment on lines 841 and 842 is referring to is missing (not sure).
Contributor
Author
There was a problem hiding this comment.
The comment on lines 841 and 842 is referring to the code on line 843, since the type of the RHS expression p - (_Array_ptr<int>)q is int *.
Contributor
Author
There was a problem hiding this comment.
The comment has a typo, so I'll update the comment - thanks for catching this!
added 2 commits
August 25, 2021 17:34
…into bounds-checking-unchecked-scope
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #1158
This PR updates the bounds checking behavior for lvalue expressions with bounds-safe interfaces in unchecked scopes.
If:
Sis in an unchecked scope, and:ehas unchecked pointer type (its bounds were declared using a bounds-safe interface), and:Sdoes not contain an assignmente = e1wheree1is a checked pointer, then:The bounds of
eare not validated after checkingS.