git.ipfire.org Git - thirdparty/gcc.git/commit

author	David Malcolm <dmalcolm@redhat.com>
	Wed, 11 Feb 2026 13:51:16 +0000 (08:51 -0500)
committer	David Malcolm <dmalcolm@redhat.com>
	Wed, 11 Feb 2026 13:51:16 +0000 (08:51 -0500)
commit	a815fdb2052fbca8854b1fddcd0db316a66020ae
tree	82b8870d851b586af1582f85aee69a98e8af9c1a	tree
parent	9b090e35cd753681e70e13c50975bfd3e6a110c9	commit \| diff

analyzer: fix uninit in null-termination checking [PR124055]

gcc/analyzer/ChangeLog:
PR analyzer/124055
* kf.cc (kf_strcpy::impl_call_pre): Ensure bytes_to_copy is
initialized. Assert that it was written to with non-null if
check_for_null_terminated_string_arg returns non-null.
* region-model.cc (region_model::scan_for_null_terminator):
Initialize *out_sval, and assert it is written to when
returning non-null.
(region_model::check_for_null_terminated_string_arg): Assert
that scan_for_null_terminator wrote to *out_sval if it
returns non-null.

gcc/testsuite/ChangeLog:
PR analyzer/124055
* gcc.dg/analyzer/ice-pr124055-1.c: New test.
* gcc.dg/analyzer/ice-pr124055-2.c: New test.

Signed-off-by: David Malcolm <dmalcolm@redhat.com>

gcc/analyzer/kf.cc		diff \| blob \| blame \| history
gcc/analyzer/region-model.cc		diff \| blob \| blame \| history
gcc/testsuite/gcc.dg/analyzer/ice-pr124055-1.c	[new file with mode: 0644]	blob
gcc/testsuite/gcc.dg/analyzer/ice-pr124055-2.c	[new file with mode: 0644]	blob