1 // RUN: %clang_cc1 -analyze -analyzer-checker=alpha.security.ReturnPtrRange -verify %s 2 3 int arr[10]; 4 int *ptr; 5 6 int conjure_index(); 7 8 int *test_element_index_lifetime() { 9 do { 10 int x = conjure_index(); 11 ptr = arr + x; 12 if (x != 20) 13 return arr; // no-warning 14 } while (0); 15 return ptr; // expected-warning{{Returned pointer value points outside the original object (potential buffer overflow)}} 16 } 17 18 int *test_element_index_lifetime_with_local_ptr() { 19 int *local_ptr; 20 do { 21 int x = conjure_index(); 22 local_ptr = arr + x; 23 if (x != 20) 24 return arr; // no-warning 25 } while (0); 26 return local_ptr; // expected-warning{{Returned pointer value points outside the original object (potential buffer overflow)}} 27 } 28