0

I would like to detect NullDereference error by adding a _Nullable to my function. I wrote my_function(); It is a function will lead to NullDerenference error if the ptr is NULL. To give a hint to the clang analyzer, I use _Nullable ptr as my function argument.

int my_function(int * _Nullable ptr)
{
   printf("read: %d\n", ptr[1]);
   return 1;
}

I tried to use scan-build with all nullability checker enabled

scan-build-17 --use-cc=clang -enable-checker nullability.NullableDereferenced -enable-checker nullability.NullablePassedToNonnull  -enable-checker nullability.NullablePassedToNonnull -enable-checker nullability.NullableReturnedFromNonnull -o ./report -v make

But, it failed to catch the error.

I then tried facebook infer

infer -- make

it gave me a nice detection

func.c:10: error: Null Dereference
  pointer `ptr` could be null and is dereferenced at line 10, column 23.
   8.   //      return 0;
   9.
  10.   printf("read: %d\n", ptr[1]);
                            ^
  11.
  12.

Did I miss something for clang analyzer to catch this NullDerefence error ?

prgbenz
  • 1,129
  • 4
  • 13
  • 27
  • Based on the [clang docs](https://clang.llvm.org/docs/analyzer/checkers.html#nullability) it looks like the nullability checks are for Objective C only. Do you have any contrary information? – Scott McPeak Mar 04 '23 at 16:44
  • I read the introduction of fbinfer https://fbinfer.com/docs/about-Infer/, it's support java, c/c++ and objective C. I have no idea fbinfer make it works on c/c++. – prgbenz Mar 04 '23 at 17:39

0 Answers0