From 9e49d9fbdc861c25c2480233147dee07f5fa9660 Mon Sep 17 00:00:00 2001 From: Jordy Rose Date: Mon, 20 Jun 2011 02:06:40 +0000 Subject: [PATCH] [analyzer] Eliminate "byte string function" from CStringChecker's diagnostics, and make it easier to provide custom messages for overflow checking, in preparation for re-enabling strncpy checking. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@133406 91177308-0d34-0410-b5e6-96231b3b80d8 --- .../Checkers/CStringChecker.cpp | 97 +++++++++++++------ test/Analysis/bstring.c | 28 +++--- test/Analysis/string.c | 64 ++++++------ 3 files changed, 113 insertions(+), 76 deletions(-) diff --git a/lib/StaticAnalyzer/Checkers/CStringChecker.cpp b/lib/StaticAnalyzer/Checkers/CStringChecker.cpp index 84c201026d..9b6bcc8b88 100644 --- a/lib/StaticAnalyzer/Checkers/CStringChecker.cpp +++ b/lib/StaticAnalyzer/Checkers/CStringChecker.cpp @@ -30,9 +30,11 @@ class CStringChecker : public Checker< eval::Call, check::DeadSymbols, check::RegionChanges > { - mutable llvm::OwningPtr BT_Null, BT_Bounds, BT_BoundsWrite, + mutable llvm::OwningPtr BT_Null, BT_Bounds, BT_Overlap, BT_NotCString, BT_AdditionOverflow; + mutable const char *CurrentFunctionDescription; + public: static void *getTag() { static int tag; return &tag; } @@ -115,12 +117,19 @@ class CStringChecker : public Checker< eval::Call, const Expr *S, SVal l) const; const GRState *CheckLocation(CheckerContext &C, const GRState *state, const Expr *S, SVal l, - bool IsDestination = false) const; + const char *message = NULL) const; const GRState *CheckBufferAccess(CheckerContext &C, const GRState *state, const Expr *Size, const Expr *FirstBuf, - const Expr *SecondBuf = NULL, - bool FirstIsDestination = false) const; + const Expr *SecondBuf, + const char *firstMessage = NULL, + const char *secondMessage = NULL) const; + const GRState *CheckBufferAccess(CheckerContext &C, const GRState *state, + const Expr *Size, const Expr *Buf, + const char *message = NULL) const { + // This is a convenience override. + return CheckBufferAccess(C, state, Size, Buf, NULL, message, NULL); + } const GRState *CheckOverlap(CheckerContext &C, const GRState *state, const Expr *Size, const Expr *First, const Expr *Second) const; @@ -181,10 +190,14 @@ const GRState *CStringChecker::checkNonNull(CheckerContext &C, BT_Null.reset(new BuiltinBug("API", "Null pointer argument in call to byte string function")); + llvm::SmallString<80> buf; + llvm::raw_svector_ostream os(buf); + assert(CurrentFunctionDescription); + os << "Null pointer argument in call to " << CurrentFunctionDescription; + // Generate a report for this bug. BuiltinBug *BT = static_cast(BT_Null.get()); - EnhancedBugReport *report = new EnhancedBugReport(*BT, - BT->getDescription(), N); + EnhancedBugReport *report = new EnhancedBugReport(*BT, os.str(), N); report->addRange(S->getSourceRange()); report->addVisitorCreator(bugreporter::registerTrackNullOrUndefValue, S); @@ -201,7 +214,7 @@ const GRState *CStringChecker::checkNonNull(CheckerContext &C, const GRState *CStringChecker::CheckLocation(CheckerContext &C, const GRState *state, const Expr *S, SVal l, - bool IsDestination) const { + const char *warningMsg) const { // If a previous check has failed, propagate the failure. if (!state) return NULL; @@ -235,28 +248,32 @@ const GRState *CStringChecker::CheckLocation(CheckerContext &C, if (!N) return NULL; - BuiltinBug *BT; - if (IsDestination) { - if (!BT_BoundsWrite) { - BT_BoundsWrite.reset(new BuiltinBug("Out-of-bound array access", - "Byte string function overflows destination buffer")); - } - BT = static_cast(BT_BoundsWrite.get()); + if (!BT_Bounds) { + BT_Bounds.reset(new BuiltinBug("Out-of-bound array access", + "Byte string function accesses out-of-bound array element")); + } + BuiltinBug *BT = static_cast(BT_Bounds.get()); + + // Generate a report for this bug. + RangedBugReport *report; + if (warningMsg) { + report = new RangedBugReport(*BT, warningMsg, N); } else { - if (!BT_Bounds) { - BT_Bounds.reset(new BuiltinBug("Out-of-bound array access", - "Byte string function accesses out-of-bound array element")); - } - BT = static_cast(BT_Bounds.get()); + assert(CurrentFunctionDescription); + assert(CurrentFunctionDescription[0] != '\0'); + + llvm::SmallString<80> buf; + llvm::raw_svector_ostream os(buf); + os << (char)toupper(CurrentFunctionDescription[0]) + << &CurrentFunctionDescription[1] + << " accesses out-of-bound array element"; + report = new RangedBugReport(*BT, os.str(), N); } // FIXME: It would be nice to eventually make this diagnostic more clear, // e.g., by referencing the original declaration or by saying *why* this // reference is outside the range. - // Generate a report for this bug. - RangedBugReport *report = new RangedBugReport(*BT, BT->getDescription(), N); - report->addRange(S->getSourceRange()); C.EmitReport(report); return NULL; @@ -272,7 +289,8 @@ const GRState *CStringChecker::CheckBufferAccess(CheckerContext &C, const Expr *Size, const Expr *FirstBuf, const Expr *SecondBuf, - bool FirstIsDestination) const { + const char *firstMessage, + const char *secondMessage) const { // If a previous check has failed, propagate the failure. if (!state) return NULL; @@ -290,6 +308,8 @@ const GRState *CStringChecker::CheckBufferAccess(CheckerContext &C, return NULL; // Get the access length and make sure it is known. + // FIXME: This assumes the caller has already checked that the access length + // is positive. And that it's unsigned. SVal LengthVal = state->getSVal(Size); NonLoc *Length = dyn_cast(&LengthVal); if (!Length) @@ -305,7 +325,7 @@ const GRState *CStringChecker::CheckBufferAccess(CheckerContext &C, if (Loc *BufLoc = dyn_cast(&BufStart)) { SVal BufEnd = svalBuilder.evalBinOpLN(state, BO_Add, *BufLoc, LastOffset, PtrTy); - state = CheckLocation(C, state, FirstBuf, BufEnd, FirstIsDestination); + state = CheckLocation(C, state, FirstBuf, BufEnd, firstMessage); // If the buffer isn't large enough, abort. if (!state) @@ -323,7 +343,7 @@ const GRState *CStringChecker::CheckBufferAccess(CheckerContext &C, if (Loc *BufLoc = dyn_cast(&BufStart)) { SVal BufEnd = svalBuilder.evalBinOpLN(state, BO_Add, *BufLoc, LastOffset, PtrTy); - state = CheckLocation(C, state, SecondBuf, BufEnd); + state = CheckLocation(C, state, SecondBuf, BufEnd, secondMessage); } } @@ -611,8 +631,9 @@ SVal CStringChecker::getCStringLength(CheckerContext &C, const GRState *&state, llvm::SmallString<120> buf; llvm::raw_svector_ostream os(buf); - os << "Argument to byte string function is the address of the label '" - << Label->getLabel()->getName() + assert(CurrentFunctionDescription); + os << "Argument to " << CurrentFunctionDescription + << " is the address of the label '" << Label->getLabel()->getName() << "', which is not a null-terminated string"; // Generate a report for this bug. @@ -668,7 +689,8 @@ SVal CStringChecker::getCStringLength(CheckerContext &C, const GRState *&state, llvm::SmallString<120> buf; llvm::raw_svector_ostream os(buf); - os << "Argument to byte string function is "; + assert(CurrentFunctionDescription); + os << "Argument to " << CurrentFunctionDescription << " is "; if (SummarizeRegion(os, C.getASTContext(), MR)) os << ", which is not a null-terminated string"; @@ -787,6 +809,8 @@ void CStringChecker::evalCopyCommon(CheckerContext &C, const Expr *Size, const Expr *Dest, const Expr *Source, bool Restricted, bool IsMempcpy) const { + CurrentFunctionDescription = "memory copy function"; + // See if the size argument is zero. SVal sizeVal = state->getSVal(Size); QualType sizeTy = Size->getType(); @@ -825,8 +849,10 @@ void CStringChecker::evalCopyCommon(CheckerContext &C, return; // Ensure the accesses are valid and that the buffers do not overlap. + const char * const writeWarning = + "Memory copy function overflows destination buffer"; state = CheckBufferAccess(C, state, Size, Dest, Source, - /* FirstIsDst = */ true); + writeWarning, /* sourceWarning = */ NULL); if (Restricted) state = CheckOverlap(C, state, Size, Dest, Source); @@ -912,6 +938,8 @@ void CStringChecker::evalBcopy(CheckerContext &C, const CallExpr *CE) const { void CStringChecker::evalMemcmp(CheckerContext &C, const CallExpr *CE) const { // int memcmp(const void *s1, const void *s2, size_t n); + CurrentFunctionDescription = "memory comparison function"; + const Expr *Left = CE->getArg(0); const Expr *Right = CE->getArg(1); const Expr *Size = CE->getArg(2); @@ -990,6 +1018,7 @@ void CStringChecker::evalstrnLength(CheckerContext &C, void CStringChecker::evalstrLengthCommon(CheckerContext &C, const CallExpr *CE, bool IsStrnlen) const { + CurrentFunctionDescription = "string length function"; const GRState *state = C.getState(); if (IsStrnlen) { @@ -1154,6 +1183,7 @@ void CStringChecker::evalStrncat(CheckerContext &C, const CallExpr *CE) const { void CStringChecker::evalStrcpyCommon(CheckerContext &C, const CallExpr *CE, bool returnEnd, bool isBounded, bool isAppending) const { + CurrentFunctionDescription = "string copy function"; const GRState *state = C.getState(); // Check that the destination is non-null. @@ -1350,7 +1380,9 @@ void CStringChecker::evalStrcpyCommon(CheckerContext &C, const CallExpr *CE, *knownStrLength, Dst->getType()); - state = CheckLocation(C, state, Dst, lastElement, /* IsDst = */ true); + const char * const warningMsg = + "String copy function overflows destination buffer"; + state = CheckLocation(C, state, Dst, lastElement, warningMsg); if (!state) return; @@ -1409,6 +1441,7 @@ void CStringChecker::evalStrncasecmp(CheckerContext &C, void CStringChecker::evalStrcmpCommon(CheckerContext &C, const CallExpr *CE, bool isBounded, bool ignoreCase) const { + CurrentFunctionDescription = "string comparison function"; const GRState *state = C.getState(); // Check that the first string is non-null @@ -1573,6 +1606,10 @@ bool CStringChecker::evalCall(const CallExpr *CE, CheckerContext &C) const { if (!evalFunction) return false; + // Make sure each function sets its own description. + // (But don't bother in a release build.) + assert(!(CurrentFunctionDescription = NULL)); + // Check and evaluate the call. (this->*evalFunction)(C, CE); return true; diff --git a/test/Analysis/bstring.c b/test/Analysis/bstring.c index 693e6a7ac7..cd43e36d03 100644 --- a/test/Analysis/bstring.c +++ b/test/Analysis/bstring.c @@ -64,14 +64,14 @@ void memcpy1 () { char src[] = {1, 2, 3, 4}; char dst[10]; - memcpy(dst, src, 5); // expected-warning{{Byte string function accesses out-of-bound array element}} + memcpy(dst, src, 5); // expected-warning{{Memory copy function accesses out-of-bound array element}} } void memcpy2 () { char src[] = {1, 2, 3, 4}; char dst[1]; - memcpy(dst, src, 4); // expected-warning{{Byte string function overflows destination buffer}} + memcpy(dst, src, 4); // expected-warning{{Memory copy function overflows destination buffer}} } void memcpy3 () { @@ -85,14 +85,14 @@ void memcpy4 () { char src[] = {1, 2, 3, 4}; char dst[10]; - memcpy(dst+2, src+2, 3); // expected-warning{{Byte string function accesses out-of-bound array element}} + memcpy(dst+2, src+2, 3); // expected-warning{{Memory copy function accesses out-of-bound array element}} } void memcpy5() { char src[] = {1, 2, 3, 4}; char dst[3]; - memcpy(dst+2, src+2, 2); // expected-warning{{Byte string function overflows destination buffer}} + memcpy(dst+2, src+2, 2); // expected-warning{{Memory copy function overflows destination buffer}} } void memcpy6() { @@ -118,12 +118,12 @@ void memcpy9() { void memcpy10() { char a[4] = {0}; - memcpy(0, a, 4); // expected-warning{{Null pointer argument in call to byte string function}} + memcpy(0, a, 4); // expected-warning{{Null pointer argument in call to memory copy function}} } void memcpy11() { char a[4] = {0}; - memcpy(a, 0, 4); // expected-warning{{Null pointer argument in call to byte string function}} + memcpy(a, 0, 4); // expected-warning{{Null pointer argument in call to memory copy function}} } void memcpy12() { @@ -144,7 +144,7 @@ void memcpy_unknown_size (size_t n) { void memcpy_unknown_size_warn (size_t n) { char a[4]; - if (memcpy(a, 0, n) != a) // expected-warning{{Null pointer argument in call to byte string function}} + if (memcpy(a, 0, n) != a) // expected-warning{{Null pointer argument in call to memory copy function}} (void)*(char*)0; // no-warning } @@ -186,14 +186,14 @@ void mempcpy1 () { char src[] = {1, 2, 3, 4}; char dst[10]; - mempcpy(dst, src, 5); // expected-warning{{Byte string function accesses out-of-bound array element}} + mempcpy(dst, src, 5); // expected-warning{{Memory copy function accesses out-of-bound array element}} } void mempcpy2 () { char src[] = {1, 2, 3, 4}; char dst[1]; - mempcpy(dst, src, 4); // expected-warning{{Byte string function overflows destination buffer}} + mempcpy(dst, src, 4); // expected-warning{{Memory copy function overflows destination buffer}} } void mempcpy3 () { @@ -207,14 +207,14 @@ void mempcpy4 () { char src[] = {1, 2, 3, 4}; char dst[10]; - mempcpy(dst+2, src+2, 3); // expected-warning{{Byte string function accesses out-of-bound array element}} + mempcpy(dst+2, src+2, 3); // expected-warning{{Memory copy function accesses out-of-bound array element}} } void mempcpy5() { char src[] = {1, 2, 3, 4}; char dst[3]; - mempcpy(dst+2, src+2, 2); // expected-warning{{Byte string function overflows destination buffer}} + mempcpy(dst+2, src+2, 2); // expected-warning{{Memory copy function overflows destination buffer}} } void mempcpy6() { @@ -240,12 +240,12 @@ void mempcpy9() { void mempcpy10() { char a[4] = {0}; - mempcpy(0, a, 4); // expected-warning{{Null pointer argument in call to byte string function}} + mempcpy(0, a, 4); // expected-warning{{Null pointer argument in call to memory copy function}} } void mempcpy11() { char a[4] = {0}; - mempcpy(a, 0, 4); // expected-warning{{Null pointer argument in call to byte string function}} + mempcpy(a, 0, 4); // expected-warning{{Null pointer argument in call to memory copy function}} } void mempcpy12() { @@ -260,7 +260,7 @@ void mempcpy13() { void mempcpy_unknown_size_warn (size_t n) { char a[4]; - if (mempcpy(a, 0, n) != a) // expected-warning{{Null pointer argument in call to byte string function}} + if (mempcpy(a, 0, n) != a) // expected-warning{{Null pointer argument in call to memory copy function}} (void)*(char*)0; // no-warning } diff --git a/test/Analysis/string.c b/test/Analysis/string.c index 4b6a0665d9..c50eca2f35 100644 --- a/test/Analysis/string.c +++ b/test/Analysis/string.c @@ -55,16 +55,16 @@ void strlen_constant2(char x) { } size_t strlen_null() { - return strlen(0); // expected-warning{{Null pointer argument in call to byte string function}} + return strlen(0); // expected-warning{{Null pointer argument in call to string length function}} } size_t strlen_fn() { - return strlen((char*)&strlen_fn); // expected-warning{{Argument to byte string function is the address of the function 'strlen_fn', which is not a null-terminated string}} + return strlen((char*)&strlen_fn); // expected-warning{{Argument to string length function is the address of the function 'strlen_fn', which is not a null-terminated string}} } size_t strlen_nonloc() { label: - return strlen((char*)&&label); // expected-warning{{Argument to byte string function is the address of the label 'label', which is not a null-terminated string}} + return strlen((char*)&&label); // expected-warning{{Argument to string length function is the address of the label 'label', which is not a null-terminated string}} } void strlen_subregion() { @@ -187,16 +187,16 @@ void strnlen_constant6(char x) { } size_t strnlen_null() { - return strnlen(0, 3); // expected-warning{{Null pointer argument in call to byte string function}} + return strnlen(0, 3); // expected-warning{{Null pointer argument in call to string length function}} } size_t strnlen_fn() { - return strnlen((char*)&strlen_fn, 3); // expected-warning{{Argument to byte string function is the address of the function 'strlen_fn', which is not a null-terminated string}} + return strnlen((char*)&strlen_fn, 3); // expected-warning{{Argument to string length function is the address of the function 'strlen_fn', which is not a null-terminated string}} } size_t strnlen_nonloc() { label: - return strnlen((char*)&&label, 3); // expected-warning{{Argument to byte string function is the address of the label 'label', which is not a null-terminated string}} + return strnlen((char*)&&label, 3); // expected-warning{{Argument to string length function is the address of the label 'label', which is not a null-terminated string}} } void strnlen_zero() { @@ -274,15 +274,15 @@ char *strcpy(char *restrict s1, const char *restrict s2); void strcpy_null_dst(char *x) { - strcpy(NULL, x); // expected-warning{{Null pointer argument in call to byte string function}} + strcpy(NULL, x); // expected-warning{{Null pointer argument in call to string copy function}} } void strcpy_null_src(char *x) { - strcpy(x, NULL); // expected-warning{{Null pointer argument in call to byte string function}} + strcpy(x, NULL); // expected-warning{{Null pointer argument in call to string copy function}} } void strcpy_fn(char *x) { - strcpy(x, (char*)&strcpy_fn); // expected-warning{{Argument to byte string function is the address of the function 'strcpy_fn', which is not a null-terminated string}} + strcpy(x, (char*)&strcpy_fn); // expected-warning{{Argument to string copy function is the address of the function 'strcpy_fn', which is not a null-terminated string}} } void strcpy_effects(char *x, char *y) { @@ -301,7 +301,7 @@ void strcpy_effects(char *x, char *y) { void strcpy_overflow(char *y) { char x[4]; if (strlen(y) == 4) - strcpy(x, y); // expected-warning{{Byte string function overflows destination buffer}} + strcpy(x, y); // expected-warning{{String copy function overflows destination buffer}} } void strcpy_no_overflow(char *y) { @@ -345,7 +345,7 @@ void stpcpy_effect(char *x, char *y) { void stpcpy_overflow(char *y) { char x[4]; if (strlen(y) == 4) - stpcpy(x, y); // expected-warning{{Byte string function overflows destination buffer}} + stpcpy(x, y); // expected-warning{{String copy function overflows destination buffer}} } void stpcpy_no_overflow(char *y) { @@ -374,15 +374,15 @@ char *strcat(char *restrict s1, const char *restrict s2); void strcat_null_dst(char *x) { - strcat(NULL, x); // expected-warning{{Null pointer argument in call to byte string function}} + strcat(NULL, x); // expected-warning{{Null pointer argument in call to string copy function}} } void strcat_null_src(char *x) { - strcat(x, NULL); // expected-warning{{Null pointer argument in call to byte string function}} + strcat(x, NULL); // expected-warning{{Null pointer argument in call to string copy function}} } void strcat_fn(char *x) { - strcat(x, (char*)&strcat_fn); // expected-warning{{Argument to byte string function is the address of the function 'strcat_fn', which is not a null-terminated string}} + strcat(x, (char*)&strcat_fn); // expected-warning{{Argument to string copy function is the address of the function 'strcat_fn', which is not a null-terminated string}} } void strcat_effects(char *y) { @@ -403,19 +403,19 @@ void strcat_effects(char *y) { void strcat_overflow_0(char *y) { char x[4] = "12"; if (strlen(y) == 4) - strcat(x, y); // expected-warning{{Byte string function overflows destination buffer}} + strcat(x, y); // expected-warning{{String copy function overflows destination buffer}} } void strcat_overflow_1(char *y) { char x[4] = "12"; if (strlen(y) == 3) - strcat(x, y); // expected-warning{{Byte string function overflows destination buffer}} + strcat(x, y); // expected-warning{{String copy function overflows destination buffer}} } void strcat_overflow_2(char *y) { char x[4] = "12"; if (strlen(y) == 2) - strcat(x, y); // expected-warning{{Byte string function overflows destination buffer}} + strcat(x, y); // expected-warning{{String copy function overflows destination buffer}} } void strcat_no_overflow(char *y) { @@ -476,15 +476,15 @@ char *strncat(char *restrict s1, const char *restrict s2, size_t n); void strncat_null_dst(char *x) { - strncat(NULL, x, 4); // expected-warning{{Null pointer argument in call to byte string function}} + strncat(NULL, x, 4); // expected-warning{{Null pointer argument in call to string copy function}} } void strncat_null_src(char *x) { - strncat(x, NULL, 4); // expected-warning{{Null pointer argument in call to byte string function}} + strncat(x, NULL, 4); // expected-warning{{Null pointer argument in call to string copy function}} } void strncat_fn(char *x) { - strncat(x, (char*)&strncat_fn, 4); // expected-warning{{Argument to byte string function is the address of the function 'strncat_fn', which is not a null-terminated string}} + strncat(x, (char*)&strncat_fn, 4); // expected-warning{{Argument to string copy function is the address of the function 'strncat_fn', which is not a null-terminated string}} } void strncat_effects(char *y) { @@ -505,25 +505,25 @@ void strncat_effects(char *y) { void strncat_overflow_0(char *y) { char x[4] = "12"; if (strlen(y) == 4) - strncat(x, y, strlen(y)); // expected-warning{{Byte string function overflows destination buffer}} + strncat(x, y, strlen(y)); // expected-warning{{String copy function overflows destination buffer}} } void strncat_overflow_1(char *y) { char x[4] = "12"; if (strlen(y) == 3) - strncat(x, y, strlen(y)); // expected-warning{{Byte string function overflows destination buffer}} + strncat(x, y, strlen(y)); // expected-warning{{String copy function overflows destination buffer}} } void strncat_overflow_2(char *y) { char x[4] = "12"; if (strlen(y) == 2) - strncat(x, y, strlen(y)); // expected-warning{{Byte string function overflows destination buffer}} + strncat(x, y, strlen(y)); // expected-warning{{String copy function overflows destination buffer}} } void strncat_overflow_3(char *y) { char x[4] = "12"; if (strlen(y) == 4) - strncat(x, y, 2); // expected-warning{{Byte string function overflows destination buffer}} + strncat(x, y, 2); // expected-warning{{String copy function overflows destination buffer}} } void strncat_no_overflow_1(char *y) { char x[5] = "12"; @@ -585,13 +585,13 @@ void strcmp_2() { void strcmp_null_0() { char *x = NULL; char *y = "123"; - strcmp(x, y); // expected-warning{{Null pointer argument in call to byte string function}} + strcmp(x, y); // expected-warning{{Null pointer argument in call to string comparison function}} } void strcmp_null_1() { char *x = "123"; char *y = NULL; - strcmp(x, y); // expected-warning{{Null pointer argument in call to byte string function}} + strcmp(x, y); // expected-warning{{Null pointer argument in call to string comparison function}} } void strcmp_diff_length_0() { @@ -680,13 +680,13 @@ void strncmp_2() { void strncmp_null_0() { char *x = NULL; char *y = "123"; - strncmp(x, y, 3); // expected-warning{{Null pointer argument in call to byte string function}} + strncmp(x, y, 3); // expected-warning{{Null pointer argument in call to string comparison function}} } void strncmp_null_1() { char *x = "123"; char *y = NULL; - strncmp(x, y, 3); // expected-warning{{Null pointer argument in call to byte string function}} + strncmp(x, y, 3); // expected-warning{{Null pointer argument in call to string comparison function}} } void strncmp_diff_length_0() { @@ -791,13 +791,13 @@ void strcasecmp_2() { void strcasecmp_null_0() { char *x = NULL; char *y = "123"; - strcasecmp(x, y); // expected-warning{{Null pointer argument in call to byte string function}} + strcasecmp(x, y); // expected-warning{{Null pointer argument in call to string comparison function}} } void strcasecmp_null_1() { char *x = "123"; char *y = NULL; - strcasecmp(x, y); // expected-warning{{Null pointer argument in call to byte string function}} + strcasecmp(x, y); // expected-warning{{Null pointer argument in call to string comparison function}} } void strcasecmp_diff_length_0() { @@ -881,13 +881,13 @@ void strncasecmp_2() { void strncasecmp_null_0() { char *x = NULL; char *y = "123"; - strncasecmp(x, y, 3); // expected-warning{{Null pointer argument in call to byte string function}} + strncasecmp(x, y, 3); // expected-warning{{Null pointer argument in call to string comparison function}} } void strncasecmp_null_1() { char *x = "123"; char *y = NULL; - strncasecmp(x, y, 3); // expected-warning{{Null pointer argument in call to byte string function}} + strncasecmp(x, y, 3); // expected-warning{{Null pointer argument in call to string comparison function}} } void strncasecmp_diff_length_0() {