inja
inja copied to clipboard
Published
20 hours ago •
pantor
pantor
Static analysis issue in version 3.4.0
Static analysis on Inja version 3.4.0 with clang-tidy fails on the following (sanitized code):
inja/parser.hpp:626:5: error: Address of stack memory associated with local variable 'result' is still referred to by the stack v
ariable 'parser' upon returning to the caller. This will be a dangling reference [clang-analyzer-core.StackAddressEscape,-warnings-as-errors]
return result;
^
test.cc:151:40: note: Calling 'Environment::render'
const std::string updated_config = env.render(config, data);
^~~~~~~~~~~~~~~~~~~~~~~~
inja/environment.hpp:113:19: note: Calling 'Environment::parse'
return render(parse(input), data);
^~~~~~~~~~~~
inja/environment.hpp:98:12: note: Calling 'Parser::parse'
return parser.parse(input, input_path);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
inja/parser.hpp:626:5: note: Address of stack memory associated with local variable 'result' is still referred to by the stack variable 'parser' upon returning to the caller. This will be a dangling reference
return result;
^
The issue seems to be this code in parser.hpp:
void parse_into(Template& tmpl, std::string_view path) {
lexer.start(tmpl.content);
current_block = &tmpl.root;
:
.. where current_block is holding a pointer to the input Template, which happens to be on the stack in this code:
Template parse(std::string_view input, std::string_view path) {
auto result = Template(static_cast<std::string>(input));
parse_into(result, path);
return result;
}
