1 // RUN: %clang_cc1 -triple x86_64-unknown-unknown -analyze -analyzer-checker=alpha.security.MallocOverflow,unix -verify %s
2 
3 typedef __typeof__(sizeof(int)) size_t;
4 extern void *malloc(size_t);
5 extern void free(void *ptr);
6 
7 void *malloc(unsigned long s);
8 
9 struct table {
10   int nentry;
11   unsigned *table;
12   unsigned offset_max;
13 };
14 
table_build(struct table * t)15 static int table_build(struct table *t) {
16 
17   t->nentry = ((t->offset_max >> 2) + 31) / 32;
18   t->table = (unsigned *)malloc(sizeof(unsigned) * t->nentry); // expected-warning {{the computation of the size of the memory allocation may overflow}}
19 
20   int n;
21   n = 10000;
22   int *p = malloc(sizeof(int) * n); // no-warning
23 
24   free(p);
25   return t->nentry;
26 }
27 
table_build_1(struct table * t)28 static int table_build_1(struct table *t) {
29   t->nentry = (sizeof(struct table) * 2 + 31) / 32;
30   t->table = (unsigned *)malloc(sizeof(unsigned) * t->nentry); // no-warning
31   return t->nentry;
32 }
33 
f(int n)34 void *f(int n) {
35   return malloc(n * 0 * sizeof(int)); // expected-warning {{Call to 'malloc' has an allocation size of 0 bytes}}
36 }
37