Analyzer: Fix a crasher in UbigraphViz

Summary: Name `Out` refers to the parameter. It is moved into the member `Out` in ctor-init. Dereferencing null pointer will crash clang, if user passes '-analyzer-viz-egraph-ubigraph' argument. Reviewers: zaks.anna, krememek Subscribers: cfe-commits Differential Revision: http://reviews.llvm.org/D12119 llvm-svn: 248050
llvm · Sep 18, 2015 · d347e7a · d347e7a
1 parent 9567495
commit d347e7a
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 2 deletions.
diff --git a/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp b/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp
@@ -778,8 +778,9 @@ void UbigraphViz::AddEdge(ExplodedNode *Src, ExplodedNode *Dst) {
        << ", ('arrow','true'), ('oriented', 'true'))\n";
 }
 
-UbigraphViz::UbigraphViz(std::unique_ptr<raw_ostream> Out, StringRef Filename)
-    : Out(std::move(Out)), Filename(Filename), Cntr(0) {
+UbigraphViz::UbigraphViz(std::unique_ptr<raw_ostream> OutStream,
+                         StringRef Filename)
+    : Out(std::move(OutStream)), Filename(Filename), Cntr(0) {
 
   *Out << "('vertex_style_attribute', 0, ('shape', 'icosahedron'))\n";
   *Out << "('vertex_style', 1, 0, ('shape', 'sphere'), ('color', '#ffcc66'),"

diff --git a/clang/test/Analysis/ubigraph-viz.cpp b/clang/test/Analysis/ubigraph-viz.cpp
@@ -0,0 +1,7 @@
+// RUN: %clang_cc1 -analyze -analyzer-checker=core,unix.API -analyzer-viz-egraph-ubigraph -verify %s
+// expected-no-diagnostics
+
+int f(int x) {
+  return x < 0 ? 0 : 42;
+}
+