Closed secure-sw-dev-bot closed 2 years ago
secure-sw-dev-bot
commented
2 years ago Comment from @kkjeer:
After updating #1150 to account for the behavior specified in #1157, there are no longer bounds errors emitted when checking return bounds for an unchecked return value in an unchecked scope for a function with a bounds-safe interface. After this change, itype_nt_arr_cast.c passes. The only function in functionDeclEnd.c that results in an error is test7 (in a checked scope).
secure-sw-dev-bot
commented
2 years ago Comment from @mattmccutchen-cci:
Thanks. I filed correctcomputation/checkedc-clang#682 for us to decide what to do about functionDeclEnd.c, so I think you can close this issue in favor of ours if you like.
secure-sw-dev-bot
commented
2 years ago Comment from @mattmccutchen-cci:
We now have a fix that you can go ahead and incorporate into #1150 if you like. (Or we could submit the test fix first as a separate PR to your repository, but that would probably end up being more work for everyone.) Further information is in correctcomputation/checkedc-clang#684 if you're interested.
secure-sw-dev-bot
commented
2 years ago Comment from @kkjeer:
Thanks for the fix! I've cherry-picked it into #1150. I can close this issue once the automated tests pass.
This issue was copied from https://github.com/microsoft/checkedc-clang/issues/1147
The test files 3C/functionDeclEnd.c and 3C/itype_nt_arr_cast.c contain functions that have declared bounds via a bounds-safe interface, and return expressions with unknown bounds. With the work to check that return value bounds imply the enclosing function's declared bounds (on the branch check-return-bounds, PR pending), these functions result in compile-time errors, causing these two tests to fail.
The tests have been marked as XFAIL for now on the check-return-bounds branch. However, these tests should be updated so that they do not result in compile-time errors.