Fix parameter nullpointer deref (#634)

ladisgin · web-flow · commit 2a1d2ed42cae · 2023-09-06T16:25:59.000+03:00
diff --git a/server/src/KleeGenerator.cpp b/server/src/KleeGenerator.cpp
@@ -97,8 +97,9 @@ static std::string getUTBotClangCompilerPath(fs::path clientCompilerPath) {
     }
 }
 
-static const std::unordered_set<std::string> UNSUPPORTED_FLAGS_AND_OPTIONS_KLEE = {
+static const std::unordered_set <std::string> UNSUPPORTED_FLAGS_AND_OPTIONS_KLEE = {
         "--coverage",
+        "-lgcov",
         "-fbranch-target-load-optimize",
         "-fcx-fortran-rules",
         "-fipa-cp-clone",
diff --git a/server/src/fetchers/FunctionDeclsMatchCallback.cpp b/server/src/fetchers/FunctionDeclsMatchCallback.cpp
@@ -173,8 +173,13 @@ void FunctionDeclsMatchCallback::addFunctionPointer(
             LOG_S(WARNING) << "Type '" << name << "' fetch as function pointer but can't get functionType";
         }
     } else if (type.isArrayOfPointersToFunction()) {
-        functionPointers[name] = ParamsHandler::getFunctionPointerDeclaration(
-                qualType->getPointeeType()->getPointeeType()->getAs<clang::FunctionType>(), name,
-                sourceManager, true);
+        const clang::FunctionType *functionType = qualType->getPointeeType()->getPointeeType()->getAs<clang::FunctionType>();
+        if (functionType) {
+            functionPointers[name] = ParamsHandler::getFunctionPointerDeclaration(
+                    functionType, name,
+                    sourceManager, true);
+        } else {
+            LOG_S(WARNING) << "Type '" << name << "' fetch as function pointer but can't get functionType";
+        }
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -97,8 +97,9 @@ static std::string getUTBotClangCompilerPath(fs::path clientCompilerPath) {`
`97`	`97`	`}`
`98`	`98`	`}`
`99`	`99`
`100`		`-static const std::unordered_set<std::string> UNSUPPORTED_FLAGS_AND_OPTIONS_KLEE = {`
	`100`	`+static const std::unordered_set <std::string> UNSUPPORTED_FLAGS_AND_OPTIONS_KLEE = {`
`101`	`101`	`"--coverage",`
	`102`	`+ "-lgcov",`
`102`	`103`	`"-fbranch-target-load-optimize",`
`103`	`104`	`"-fcx-fortran-rules",`
`104`	`105`	`"-fipa-cp-clone",`
Original file line number	Diff line number	Diff line change
`@@ -173,8 +173,13 @@ void FunctionDeclsMatchCallback::addFunctionPointer(`
`173`	`173`	`LOG_S(WARNING) << "Type '" << name << "' fetch as function pointer but can't get functionType";`
`174`	`174`	`}`
`175`	`175`	`} else if (type.isArrayOfPointersToFunction()) {`
`176`		`- functionPointers[name] = ParamsHandler::getFunctionPointerDeclaration(`
`177`		`- qualType->getPointeeType()->getPointeeType()->getAs<clang::FunctionType>(), name,`
`178`		`- sourceManager, true);`
	`176`	`+ const clang::FunctionType *functionType = qualType->getPointeeType()->getPointeeType()->getAs<clang::FunctionType>();`
	`177`	`+ if (functionType) {`
	`178`	`+ functionPointers[name] = ParamsHandler::getFunctionPointerDeclaration(`
	`179`	`+ functionType, name,`
	`180`	`+ sourceManager, true);`
	`181`	`+ } else {`
	`182`	`+ LOG_S(WARNING) << "Type '" << name << "' fetch as function pointer but can't get functionType";`
	`183`	`+ }`
`179`	`184`	`}`
`180`	`185`	`}`