npm - svf-tools - Versions diffs - 1.0.892 → 1.0.894 - Mend

svf-tools 1.0.892 → 1.0.894

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (276) hide show

package/SVF-doxygen/html/AbstractExecution_8cpp.html +3 -3
package/SVF-doxygen/html/AbstractExecution_8cpp_source.html +1746 -1753
package/SVF-doxygen/html/AbstractExecution_8h.html +0 -2
package/SVF-doxygen/html/AbstractExecution_8h_source.html +284 -335
package/SVF-doxygen/html/BufOverflowChecker_8cpp_source.html +773 -791
package/SVF-doxygen/html/BufOverflowChecker_8h.html +0 -2
package/SVF-doxygen/html/BufOverflowChecker_8h_source.html +48 -81
package/SVF-doxygen/html/ae_8cpp.html +16 -19
package/SVF-doxygen/html/ae_8cpp_source.html +16 -19
package/SVF-doxygen/html/annotated.html +434 -436
package/SVF-doxygen/html/classSVF_1_1AEStat.html +168 -168
package/SVF-doxygen/html/classSVF_1_1AbstractExecution-members.html +49 -24
package/SVF-doxygen/html/classSVF_1_1AbstractExecution.html +2533 -1041
package/SVF-doxygen/html/classSVF_1_1BufOverflowChecker-members.html +71 -41
package/SVF-doxygen/html/classSVF_1_1BufOverflowChecker.html +777 -63
package/SVF-doxygen/html/classes.html +418 -421
package/SVF-doxygen/html/functions.html +8 -12
package/SVF-doxygen/html/functions_a.html +10 -11
package/SVF-doxygen/html/functions_b.html +5 -9
package/SVF-doxygen/html/functions_c.html +26 -28
package/SVF-doxygen/html/functions_d.html +2 -2
package/SVF-doxygen/html/functions_e.html +2 -2
package/SVF-doxygen/html/functions_enum.html +1 -1
package/SVF-doxygen/html/functions_eval_m.html +2 -2
package/SVF-doxygen/html/functions_eval_s.html +2 -2
package/SVF-doxygen/html/functions_eval_u.html +1 -1
package/SVF-doxygen/html/functions_func.html +9 -12
package/SVF-doxygen/html/functions_func_b.html +2 -5
package/SVF-doxygen/html/functions_func_c.html +25 -27
package/SVF-doxygen/html/functions_func_d.html +2 -2
package/SVF-doxygen/html/functions_func_g.html +15 -16
package/SVF-doxygen/html/functions_func_h.html +6 -6
package/SVF-doxygen/html/functions_func_i.html +9 -13
package/SVF-doxygen/html/functions_func_p.html +1 -1
package/SVF-doxygen/html/functions_func_s.html +19 -20
package/SVF-doxygen/html/functions_func_t.html +1 -1
package/SVF-doxygen/html/functions_func_~.html +0 -3
package/SVF-doxygen/html/functions_g.html +21 -22
package/SVF-doxygen/html/functions_h.html +6 -6
package/SVF-doxygen/html/functions_i.html +15 -19
package/SVF-doxygen/html/functions_l.html +5 -5
package/SVF-doxygen/html/functions_m.html +2 -2
package/SVF-doxygen/html/functions_o.html +15 -15
package/SVF-doxygen/html/functions_p.html +13 -13
package/SVF-doxygen/html/functions_r.html +4 -2
package/SVF-doxygen/html/functions_s.html +21 -22
package/SVF-doxygen/html/functions_t.html +5 -5
package/SVF-doxygen/html/functions_type_c.html +1 -1
package/SVF-doxygen/html/functions_u.html +1 -1
package/SVF-doxygen/html/functions_vars.html +8 -12
package/SVF-doxygen/html/functions_vars_b.html +0 -3
package/SVF-doxygen/html/functions_w.html +7 -13
package/SVF-doxygen/html/functions_~.html +0 -3
package/SVF-doxygen/html/hierarchy.html +629 -631
package/SVF-doxygen/html/namespaceSVF.html +5 -9
package/SVF-doxygen/html/search/all_0.js +11 -11
package/SVF-doxygen/html/search/all_1.js +5 -5
package/SVF-doxygen/html/search/all_10.js +325 -325
package/SVF-doxygen/html/search/all_11.js +226 -226
package/SVF-doxygen/html/search/all_12.js +570 -570
package/SVF-doxygen/html/search/all_13.js +207 -207
package/SVF-doxygen/html/search/all_14.js +70 -70
package/SVF-doxygen/html/search/all_15.js +176 -176
package/SVF-doxygen/html/search/all_16.js +77 -77
package/SVF-doxygen/html/search/all_17.js +1 -1
package/SVF-doxygen/html/search/all_18.js +1 -1
package/SVF-doxygen/html/search/all_19.js +26 -26
package/SVF-doxygen/html/search/all_1a.js +179 -180
package/SVF-doxygen/html/search/all_2.js +65 -66
package/SVF-doxygen/html/search/all_3.js +640 -640
package/SVF-doxygen/html/search/all_4.js +235 -235
package/SVF-doxygen/html/search/all_5.js +126 -126
package/SVF-doxygen/html/search/all_6.js +232 -232
package/SVF-doxygen/html/search/all_7.js +1047 -1047
package/SVF-doxygen/html/search/all_8.js +215 -215
package/SVF-doxygen/html/search/all_9.js +629 -630
package/SVF-doxygen/html/search/all_a.js +46 -46
package/SVF-doxygen/html/search/all_b.js +26 -26
package/SVF-doxygen/html/search/all_c.js +115 -115
package/SVF-doxygen/html/search/all_d.js +204 -204
package/SVF-doxygen/html/search/all_e.js +209 -209
package/SVF-doxygen/html/search/all_f.js +122 -122
package/SVF-doxygen/html/search/classes_0.js +28 -29
package/SVF-doxygen/html/search/classes_1.js +11 -12
package/SVF-doxygen/html/search/classes_10.js +74 -74
package/SVF-doxygen/html/search/classes_11.js +14 -14
package/SVF-doxygen/html/search/classes_12.js +2 -2
package/SVF-doxygen/html/search/classes_13.js +10 -10
package/SVF-doxygen/html/search/classes_14.js +19 -19
package/SVF-doxygen/html/search/classes_15.js +1 -1
package/SVF-doxygen/html/search/classes_2.js +73 -73
package/SVF-doxygen/html/search/classes_3.js +35 -35
package/SVF-doxygen/html/search/classes_4.js +8 -8
package/SVF-doxygen/html/search/classes_5.js +28 -28
package/SVF-doxygen/html/search/classes_6.js +98 -98
package/SVF-doxygen/html/search/classes_7.js +38 -38
package/SVF-doxygen/html/search/classes_8.js +59 -59
package/SVF-doxygen/html/search/classes_9.js +1 -1
package/SVF-doxygen/html/search/classes_a.js +12 -12
package/SVF-doxygen/html/search/classes_b.js +29 -29
package/SVF-doxygen/html/search/classes_c.js +6 -6
package/SVF-doxygen/html/search/classes_d.js +19 -19
package/SVF-doxygen/html/search/classes_e.js +36 -36
package/SVF-doxygen/html/search/classes_f.js +25 -25
package/SVF-doxygen/html/search/defines_0.js +3 -3
package/SVF-doxygen/html/search/defines_1.js +3 -3
package/SVF-doxygen/html/search/defines_10.js +2 -2
package/SVF-doxygen/html/search/defines_2.js +30 -30
package/SVF-doxygen/html/search/defines_3.js +20 -20
package/SVF-doxygen/html/search/defines_4.js +3 -3
package/SVF-doxygen/html/search/defines_5.js +4 -4
package/SVF-doxygen/html/search/defines_6.js +2 -2
package/SVF-doxygen/html/search/defines_7.js +5 -5
package/SVF-doxygen/html/search/defines_8.js +11 -11
package/SVF-doxygen/html/search/defines_9.js +9 -9
package/SVF-doxygen/html/search/defines_a.js +2 -2
package/SVF-doxygen/html/search/defines_b.js +1 -1
package/SVF-doxygen/html/search/defines_c.js +4 -4
package/SVF-doxygen/html/search/defines_d.js +2 -2
package/SVF-doxygen/html/search/defines_e.js +8 -8
package/SVF-doxygen/html/search/defines_f.js +4 -4
package/SVF-doxygen/html/search/enums_0.js +4 -4
package/SVF-doxygen/html/search/enums_1.js +2 -2
package/SVF-doxygen/html/search/enums_10.js +1 -1
package/SVF-doxygen/html/search/enums_11.js +1 -1
package/SVF-doxygen/html/search/enums_2.js +8 -8
package/SVF-doxygen/html/search/enums_3.js +1 -1
package/SVF-doxygen/html/search/enums_4.js +4 -4
package/SVF-doxygen/html/search/enums_5.js +1 -1
package/SVF-doxygen/html/search/enums_6.js +2 -2
package/SVF-doxygen/html/search/enums_7.js +2 -2
package/SVF-doxygen/html/search/enums_8.js +4 -4
package/SVF-doxygen/html/search/enums_9.js +1 -1
package/SVF-doxygen/html/search/enums_a.js +1 -1
package/SVF-doxygen/html/search/enums_b.js +7 -7
package/SVF-doxygen/html/search/enums_c.js +1 -1
package/SVF-doxygen/html/search/enums_d.js +4 -4
package/SVF-doxygen/html/search/enums_e.js +2 -2
package/SVF-doxygen/html/search/enums_f.js +4 -4
package/SVF-doxygen/html/search/enumvalues_0.js +15 -15
package/SVF-doxygen/html/search/enumvalues_1.js +15 -15
package/SVF-doxygen/html/search/enumvalues_10.js +35 -35
package/SVF-doxygen/html/search/enumvalues_11.js +4 -4
package/SVF-doxygen/html/search/enumvalues_12.js +10 -10
package/SVF-doxygen/html/search/enumvalues_13.js +1 -1
package/SVF-doxygen/html/search/enumvalues_14.js +1 -1
package/SVF-doxygen/html/search/enumvalues_15.js +3 -3
package/SVF-doxygen/html/search/enumvalues_2.js +36 -36
package/SVF-doxygen/html/search/enumvalues_3.js +13 -13
package/SVF-doxygen/html/search/enumvalues_4.js +2 -2
package/SVF-doxygen/html/search/enumvalues_5.js +47 -47
package/SVF-doxygen/html/search/enumvalues_6.js +6 -6
package/SVF-doxygen/html/search/enumvalues_7.js +8 -8
package/SVF-doxygen/html/search/enumvalues_8.js +23 -23
package/SVF-doxygen/html/search/enumvalues_9.js +6 -6
package/SVF-doxygen/html/search/enumvalues_a.js +17 -17
package/SVF-doxygen/html/search/enumvalues_b.js +11 -11
package/SVF-doxygen/html/search/enumvalues_c.js +5 -5
package/SVF-doxygen/html/search/enumvalues_d.js +18 -18
package/SVF-doxygen/html/search/enumvalues_e.js +9 -9
package/SVF-doxygen/html/search/enumvalues_f.js +47 -47
package/SVF-doxygen/html/search/files_0.js +16 -16
package/SVF-doxygen/html/search/files_1.js +9 -9
package/SVF-doxygen/html/search/files_10.js +8 -8
package/SVF-doxygen/html/search/files_11.js +8 -8
package/SVF-doxygen/html/search/files_12.js +2 -2
package/SVF-doxygen/html/search/files_2.js +53 -53
package/SVF-doxygen/html/search/files_3.js +14 -14
package/SVF-doxygen/html/search/files_4.js +5 -5
package/SVF-doxygen/html/search/files_5.js +13 -13
package/SVF-doxygen/html/search/files_6.js +10 -10
package/SVF-doxygen/html/search/files_7.js +17 -17
package/SVF-doxygen/html/search/files_8.js +13 -13
package/SVF-doxygen/html/search/files_9.js +18 -18
package/SVF-doxygen/html/search/files_a.js +3 -3
package/SVF-doxygen/html/search/files_b.js +4 -4
package/SVF-doxygen/html/search/files_c.js +20 -20
package/SVF-doxygen/html/search/files_d.js +4 -4
package/SVF-doxygen/html/search/files_e.js +62 -62
package/SVF-doxygen/html/search/files_f.js +8 -8
package/SVF-doxygen/html/search/functions_0.js +13 -13
package/SVF-doxygen/html/search/functions_1.js +368 -369
package/SVF-doxygen/html/search/functions_10.js +140 -140
package/SVF-doxygen/html/search/functions_11.js +140 -140
package/SVF-doxygen/html/search/functions_12.js +299 -299
package/SVF-doxygen/html/search/functions_13.js +73 -73
package/SVF-doxygen/html/search/functions_14.js +41 -41
package/SVF-doxygen/html/search/functions_15.js +72 -72
package/SVF-doxygen/html/search/functions_16.js +38 -38
package/SVF-doxygen/html/search/functions_17.js +3 -3
package/SVF-doxygen/html/search/functions_18.js +179 -180
package/SVF-doxygen/html/search/functions_2.js +94 -95
package/SVF-doxygen/html/search/functions_3.js +261 -261
package/SVF-doxygen/html/search/functions_4.js +84 -84
package/SVF-doxygen/html/search/functions_5.js +57 -57
package/SVF-doxygen/html/search/functions_6.js +65 -65
package/SVF-doxygen/html/search/functions_7.js +863 -863
package/SVF-doxygen/html/search/functions_8.js +162 -162
package/SVF-doxygen/html/search/functions_9.js +438 -439
package/SVF-doxygen/html/search/functions_a.js +30 -30
package/SVF-doxygen/html/search/functions_b.js +2 -2
package/SVF-doxygen/html/search/functions_c.js +25 -25
package/SVF-doxygen/html/search/functions_d.js +82 -82
package/SVF-doxygen/html/search/functions_e.js +36 -36
package/SVF-doxygen/html/search/functions_f.js +58 -58
package/SVF-doxygen/html/search/namespaces_0.js +1 -1
package/SVF-doxygen/html/search/namespaces_1.js +7 -7
package/SVF-doxygen/html/search/related_0.js +4 -4
package/SVF-doxygen/html/search/related_1.js +2 -2
package/SVF-doxygen/html/search/related_2.js +2 -2
package/SVF-doxygen/html/search/related_3.js +2 -2
package/SVF-doxygen/html/search/related_4.js +2 -2
package/SVF-doxygen/html/search/related_5.js +1 -1
package/SVF-doxygen/html/search/related_6.js +2 -2
package/SVF-doxygen/html/search/related_7.js +5 -5
package/SVF-doxygen/html/search/related_8.js +2 -2
package/SVF-doxygen/html/search/related_9.js +4 -4
package/SVF-doxygen/html/search/related_a.js +19 -19
package/SVF-doxygen/html/search/related_b.js +4 -4
package/SVF-doxygen/html/search/related_c.js +2 -2
package/SVF-doxygen/html/search/related_d.js +12 -12
package/SVF-doxygen/html/search/related_e.js +2 -2
package/SVF-doxygen/html/search/related_f.js +2 -2
package/SVF-doxygen/html/search/typedefs_0.js +19 -19
package/SVF-doxygen/html/search/typedefs_1.js +27 -27
package/SVF-doxygen/html/search/typedefs_10.js +63 -63
package/SVF-doxygen/html/search/typedefs_11.js +13 -13
package/SVF-doxygen/html/search/typedefs_12.js +11 -11
package/SVF-doxygen/html/search/typedefs_13.js +40 -40
package/SVF-doxygen/html/search/typedefs_14.js +11 -11
package/SVF-doxygen/html/search/typedefs_2.js +125 -125
package/SVF-doxygen/html/search/typedefs_3.js +39 -39
package/SVF-doxygen/html/search/typedefs_4.js +17 -17
package/SVF-doxygen/html/search/typedefs_5.js +42 -42
package/SVF-doxygen/html/search/typedefs_6.js +54 -54
package/SVF-doxygen/html/search/typedefs_7.js +47 -47
package/SVF-doxygen/html/search/typedefs_8.js +1 -1
package/SVF-doxygen/html/search/typedefs_9.js +6 -6
package/SVF-doxygen/html/search/typedefs_a.js +29 -29
package/SVF-doxygen/html/search/typedefs_b.js +29 -29
package/SVF-doxygen/html/search/typedefs_c.js +41 -41
package/SVF-doxygen/html/search/typedefs_d.js +15 -15
package/SVF-doxygen/html/search/typedefs_e.js +52 -52
package/SVF-doxygen/html/search/typedefs_f.js +14 -14
package/SVF-doxygen/html/search/variables_0.js +177 -177
package/SVF-doxygen/html/search/variables_1.js +76 -76
package/SVF-doxygen/html/search/variables_10.js +98 -98
package/SVF-doxygen/html/search/variables_11.js +46 -46
package/SVF-doxygen/html/search/variables_12.js +93 -93
package/SVF-doxygen/html/search/variables_13.js +76 -76
package/SVF-doxygen/html/search/variables_14.js +14 -14
package/SVF-doxygen/html/search/variables_15.js +49 -49
package/SVF-doxygen/html/search/variables_16.js +11 -11
package/SVF-doxygen/html/search/variables_17.js +1 -1
package/SVF-doxygen/html/search/variables_18.js +17 -17
package/SVF-doxygen/html/search/variables_2.js +40 -41
package/SVF-doxygen/html/search/variables_3.js +142 -142
package/SVF-doxygen/html/search/variables_4.js +51 -51
package/SVF-doxygen/html/search/variables_5.js +39 -39
package/SVF-doxygen/html/search/variables_6.js +66 -66
package/SVF-doxygen/html/search/variables_7.js +34 -34
package/SVF-doxygen/html/search/variables_8.js +8 -8
package/SVF-doxygen/html/search/variables_9.js +79 -79
package/SVF-doxygen/html/search/variables_a.js +4 -4
package/SVF-doxygen/html/search/variables_b.js +10 -10
package/SVF-doxygen/html/search/variables_c.js +45 -45
package/SVF-doxygen/html/search/variables_d.js +57 -57
package/SVF-doxygen/html/search/variables_e.js +123 -123
package/SVF-doxygen/html/search/variables_f.js +31 -31
package/package.json +1 -1
package/setup.sh +1 -1
package/svf/include/AE/Svfexe/AbstractExecution.h +55 -102
package/svf/include/AE/Svfexe/BufOverflowChecker.h +12 -33
package/svf/lib/AE/Svfexe/AbstractExecution.cpp +59 -64
package/svf/lib/AE/Svfexe/BufOverflowChecker.cpp +44 -59
package/svf-llvm/tools/AE/ae.cpp +1 -2

package/SVF-doxygen/html/classSVF_1_1BufOverflowChecker.html CHANGED Viewed

@@ -68,6 +68,7 @@ $(function() {
   <div class="summary">
 <a href="#pub-methods">Public Member Functions</a> &#124;
 <a href="#pub-static-methods">Static Public Member Functions</a> &#124;
+<a href="#pro-methods">Protected Member Functions</a> &#124;
 <a href="#pri-methods">Private Member Functions</a> &#124;
 <a href="#pri-attribs">Private Attributes</a> &#124;
 <a href="classSVF_1_1BufOverflowChecker-members.html">List of all members</a>  </div>
@@ -91,8 +92,6 @@ Inheritance diagram for SVF::BufOverflowChecker:</div>
 Public Member Functions</h2></td></tr>
 <tr class="memitem:adcfa49d892daef07e7d4274ab8d34b6f"><td class="memItemLeft" align="right" valign="top">&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1BufOverflowChecker.html#adcfa49d892daef07e7d4274ab8d34b6f">BufOverflowChecker</a> ()</td></tr>
 <tr class="separator:adcfa49d892daef07e7d4274ab8d34b6f"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:a4787d2e56aa374763656b7942f0ed52f"><td class="memItemLeft" align="right" valign="top">void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1BufOverflowChecker.html#a4787d2e56aa374763656b7942f0ed52f">initExtAPI</a> () override</td></tr>
-<tr class="separator:a4787d2e56aa374763656b7942f0ed52f"><td class="memSeparator" colspan="2">&#160;</td></tr>
 <tr class="inherit_header pub_methods_classSVF_1_1AbstractExecution"><td colspan="2" onclick="javascript:toggleInherit('pub_methods_classSVF_1_1AbstractExecution')"><img src="closed.png" alt="-"/>&#160;Public Member Functions inherited from <a class="el" href="classSVF_1_1AbstractExecution.html">SVF::AbstractExecution</a></td></tr>
 <tr class="memitem:a84d8fedb7e9d23e92ffcb74b4cfbf78c inherit pub_methods_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top">&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#a84d8fedb7e9d23e92ffcb74b4cfbf78c">AbstractExecution</a> ()</td></tr>
 <tr class="memdesc:a84d8fedb7e9d23e92ffcb74b4cfbf78c inherit pub_methods_classSVF_1_1AbstractExecution"><td class="mdescLeft">&#160;</td><td class="mdescRight">Constructor.  <a href="classSVF_1_1AbstractExecution.html#a84d8fedb7e9d23e92ffcb74b4cfbf78c">More...</a><br /></td></tr>
@@ -116,27 +115,20 @@ Static Public Member Functions</h2></td></tr>
 <tr class="memitem:a9c23029833558b082c613fa5e0f14c0d inherit pub_static_methods_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top">static bool&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#a9c23029833558b082c613fa5e0f14c0d">classof</a> (const <a class="el" href="classSVF_1_1AbstractExecution.html">AbstractExecution</a> *ae)</td></tr>
 <tr class="separator:a9c23029833558b082c613fa5e0f14c0d inherit pub_static_methods_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
 </table><table class="memberdecls">
-<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="pri-methods"></a>
-Private Member Functions</h2></td></tr>
-<tr class="memitem:a0b79c3694a08100d2d8d1b8109998131"><td class="memItemLeft" align="right" valign="top">virtual void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1BufOverflowChecker.html#a0b79c3694a08100d2d8d1b8109998131">handleSVFStatement</a> (const <a class="el" href="classSVF_1_1SVFStmt.html">SVFStmt</a> *stmt) override</td></tr>
-<tr class="separator:a0b79c3694a08100d2d8d1b8109998131"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:afa6b30220b0b3261205a909def9ca44e"><td class="memItemLeft" align="right" valign="top">virtual void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1BufOverflowChecker.html#afa6b30220b0b3261205a909def9ca44e">handleICFGNode</a> (const <a class="el" href="classSVF_1_1ICFGNode.html">SVF::ICFGNode</a> *node) override</td></tr>
-<tr class="separator:afa6b30220b0b3261205a909def9ca44e"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:a52de7d619e8746a70718719306d7c5a1"><td class="memItemLeft" align="right" valign="top">bool&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1BufOverflowChecker.html#a52de7d619e8746a70718719306d7c5a1">detectBufOverflow</a> (const <a class="el" href="classSVF_1_1ICFGNode.html">ICFGNode</a> *node)</td></tr>
-<tr class="separator:a52de7d619e8746a70718719306d7c5a1"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:a7c11b81809cb087317cbea654a589f75"><td class="memItemLeft" align="right" valign="top">void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1BufOverflowChecker.html#a7c11b81809cb087317cbea654a589f75">addBugToRecoder</a> (const <a class="el" href="structSVF_1_1BufOverflowException.html">BufOverflowException</a> &amp;e, const <a class="el" href="classSVF_1_1ICFGNode.html">ICFGNode</a> *node)</td></tr>
-<tr class="separator:a7c11b81809cb087317cbea654a589f75"><td class="memSeparator" colspan="2">&#160;</td></tr>
-</table><table class="memberdecls">
-<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="pri-attribs"></a>
-Private Attributes</h2></td></tr>
-<tr class="memitem:a563fed00ad732985dbe7a7e2c6525e6a"><td class="memItemLeft" align="right" valign="top">friend&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1BufOverflowChecker.html#a563fed00ad732985dbe7a7e2c6525e6a">BufOverflowCheckerAPI</a></td></tr>
-<tr class="separator:a563fed00ad732985dbe7a7e2c6525e6a"><td class="memSeparator" colspan="2">&#160;</td></tr>
-</table><table class="memberdecls">
-<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="inherited"></a>
-Additional Inherited Members</h2></td></tr>
-<tr class="inherit_header pub_types_classSVF_1_1AbstractExecution"><td colspan="2" onclick="javascript:toggleInherit('pub_types_classSVF_1_1AbstractExecution')"><img src="closed.png" alt="-"/>&#160;Public Types inherited from <a class="el" href="classSVF_1_1AbstractExecution.html">SVF::AbstractExecution</a></td></tr>
-<tr class="memitem:a8ad0f3d5a0c9de60eff91fcc0dd44aae inherit pub_types_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top">typedef <a class="el" href="classSVF_1_1SCCDetection.html">SCCDetection</a>&lt; <a class="el" href="classSVF_1_1PTACallGraph.html">PTACallGraph</a> * &gt;&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#a8ad0f3d5a0c9de60eff91fcc0dd44aae">CallGraphSCC</a></td></tr>
-<tr class="separator:a8ad0f3d5a0c9de60eff91fcc0dd44aae inherit pub_types_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="pro-methods"></a>
+Protected Member Functions</h2></td></tr>
+<tr class="memitem:af0e2276001df7d51c45b22d5d11ca09b"><td class="memItemLeft" align="right" valign="top">virtual void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1BufOverflowChecker.html#af0e2276001df7d51c45b22d5d11ca09b">initExtFunMap</a> () override</td></tr>
+<tr class="separator:af0e2276001df7d51c45b22d5d11ca09b"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:aed959fce840cbea32d3567ee1ac01e82"><td class="memItemLeft" align="right" valign="top">void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1BufOverflowChecker.html#aed959fce840cbea32d3567ee1ac01e82">initExtAPIBufOverflowCheckRules</a> ()</td></tr>
+<tr class="separator:aed959fce840cbea32d3567ee1ac01e82"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:a1ed3cb0a1a118d9e505b192841a58dde"><td class="memItemLeft" align="right" valign="top">void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1BufOverflowChecker.html#a1ed3cb0a1a118d9e505b192841a58dde">handleExtAPI</a> (const <a class="el" href="classSVF_1_1CallICFGNode.html">CallICFGNode</a> *call) override</td></tr>
+<tr class="separator:a1ed3cb0a1a118d9e505b192841a58dde"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:ad8b2f2fa6f22b9d1655135c819cbad8a"><td class="memItemLeft" align="right" valign="top">bool&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1BufOverflowChecker.html#ad8b2f2fa6f22b9d1655135c819cbad8a">detectStrcpy</a> (const <a class="el" href="classSVF_1_1CallICFGNode.html">CallICFGNode</a> *call)</td></tr>
+<tr class="separator:ad8b2f2fa6f22b9d1655135c819cbad8a"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:aa68f8aef09481d7c07dc59d7dfb83822"><td class="memItemLeft" align="right" valign="top">bool&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1BufOverflowChecker.html#aa68f8aef09481d7c07dc59d7dfb83822">detectStrcat</a> (const <a class="el" href="classSVF_1_1CallICFGNode.html">CallICFGNode</a> *call)</td></tr>
+<tr class="separator:aa68f8aef09481d7c07dc59d7dfb83822"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:ace5ad1d6a63d5392044fee2ecbc9236e"><td class="memItemLeft" align="right" valign="top">bool&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1BufOverflowChecker.html#ace5ad1d6a63d5392044fee2ecbc9236e">canSafelyAccessMemory</a> (const <a class="el" href="classSVF_1_1SVFValue.html">SVFValue</a> *value, const <a class="el" href="classSVF_1_1IntervalValue.html">IntervalValue</a> &amp;len, const <a class="el" href="classSVF_1_1ICFGNode.html">ICFGNode</a> *curNode)</td></tr>
+<tr class="separator:ace5ad1d6a63d5392044fee2ecbc9236e"><td class="memSeparator" colspan="2">&#160;</td></tr>
 <tr class="inherit_header pro_methods_classSVF_1_1AbstractExecution"><td colspan="2" onclick="javascript:toggleInherit('pro_methods_classSVF_1_1AbstractExecution')"><img src="closed.png" alt="-"/>&#160;Protected Member Functions inherited from <a class="el" href="classSVF_1_1AbstractExecution.html">SVF::AbstractExecution</a></td></tr>
 <tr class="memitem:a7efff2047b2b6017fdd210a8679817cd inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top">virtual void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#a7efff2047b2b6017fdd210a8679817cd">handleGlobalNode</a> ()</td></tr>
 <tr class="memdesc:a7efff2047b2b6017fdd210a8679817cd inherit pro_methods_classSVF_1_1AbstractExecution"><td class="mdescLeft">&#160;</td><td class="mdescRight">Global <a class="el" href="classSVF_1_1ICFGNode.html">ICFGNode</a> is handled at the entry of the program,.  <a href="classSVF_1_1AbstractExecution.html#a7efff2047b2b6017fdd210a8679817cd">More...</a><br /></td></tr>
@@ -167,6 +159,70 @@ Additional Inherited Members</h2></td></tr>
 <tr class="separator:ac7a25ad5cbc1a6132869ae54b805f73a inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
 <tr class="memitem:adc740771e712644d08f95fc6c488c1af inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top">bool&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#adc740771e712644d08f95fc6c488c1af">hasSwitchBranchES</a> (const <a class="el" href="classSVF_1_1SVFVar.html">SVFVar</a> *var, <a class="el" href="namespaceSVF.html#ad781b0b14e89773e774072b280658ef3">s64_t</a> succ, <a class="el" href="classSVF_1_1IntervalExeState.html">IntervalExeState</a> &amp;es)</td></tr>
 <tr class="separator:adc740771e712644d08f95fc6c488c1af inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:a598cb7b97bae122d0015c03b72beee9d inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top"><a class="el" href="namespaceSVF.html#ad42bff8d0a7d60a085aa32d10f4955af">u32_t</a>&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#a598cb7b97bae122d0015c03b72beee9d">getAllocaInstByteSize</a> (const <a class="el" href="classSVF_1_1AddrStmt.html">AddrStmt</a> *addr)</td></tr>
+<tr class="separator:a598cb7b97bae122d0015c03b72beee9d inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:a63044080ddea89905bc9a4336eb8b2a7 inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top"><a class="el" href="cJSON_8cpp.html#ae1adbce218e7a9d09164012443191d24">std::string</a>&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#a63044080ddea89905bc9a4336eb8b2a7">strRead</a> (const <a class="el" href="classSVF_1_1SVFValue.html">SVFValue</a> *rhs)</td></tr>
+<tr class="separator:a63044080ddea89905bc9a4336eb8b2a7 inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:a99be86146ad4ddbdb900cdb6b324f943 inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top"><a class="el" href="classSVF_1_1IntervalValue.html">IntervalValue</a>&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#a99be86146ad4ddbdb900cdb6b324f943">getStrlen</a> (const <a class="el" href="classSVF_1_1SVFValue.html">SVF::SVFValue</a> *strValue)</td></tr>
+<tr class="separator:a99be86146ad4ddbdb900cdb6b324f943 inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:a2484783853c5a266223882f66e683fa9 inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top"><a class="el" href="classSVF_1_1IntervalValue.html">IntervalValue</a>&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#a2484783853c5a266223882f66e683fa9">traceMemoryAllocationSize</a> (const <a class="el" href="classSVF_1_1SVFValue.html">SVFValue</a> *value)</td></tr>
+<tr class="separator:a2484783853c5a266223882f66e683fa9 inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:a0ed5456bdeaff7ab4e1decdff8ae2afb inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top">virtual void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#a0ed5456bdeaff7ab4e1decdff8ae2afb">handleStrcpy</a> (const <a class="el" href="classSVF_1_1CallICFGNode.html">CallICFGNode</a> *call)</td></tr>
+<tr class="separator:a0ed5456bdeaff7ab4e1decdff8ae2afb inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:a28c04e0a985eda44fe8532c44c7e05bb inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top">virtual void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#a28c04e0a985eda44fe8532c44c7e05bb">handleStrcat</a> (const <a class="el" href="classSVF_1_1CallICFGNode.html">CallICFGNode</a> *call)</td></tr>
+<tr class="separator:a28c04e0a985eda44fe8532c44c7e05bb inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:a37c0e12879d3320857a288191e6d2202 inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top">virtual void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#a37c0e12879d3320857a288191e6d2202">handleMemcpy</a> (const <a class="el" href="classSVF_1_1SVFValue.html">SVFValue</a> *dst, const <a class="el" href="classSVF_1_1SVFValue.html">SVFValue</a> *src, <a class="el" href="classSVF_1_1IntervalValue.html">IntervalValue</a> len, <a class="el" href="namespaceSVF.html#ad42bff8d0a7d60a085aa32d10f4955af">u32_t</a> start_idx)</td></tr>
+<tr class="separator:a37c0e12879d3320857a288191e6d2202 inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:ad70015e99339c3beb3a911c0ff6f0144 inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top">virtual void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#ad70015e99339c3beb3a911c0ff6f0144">handleMemset</a> (const <a class="el" href="classSVF_1_1SVFValue.html">SVFValue</a> *dst, <a class="el" href="classSVF_1_1IntervalValue.html">IntervalValue</a> elem, <a class="el" href="classSVF_1_1IntervalValue.html">IntervalValue</a> len)</td></tr>
+<tr class="separator:ad70015e99339c3beb3a911c0ff6f0144 inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:a888fd56160afe0d431c47bcf10674dc0 inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top">const <a class="el" href="classSVF_1_1SVFType.html">SVFType</a> *&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#a888fd56160afe0d431c47bcf10674dc0">getPointeeElement</a> (<a class="el" href="namespaceSVF.html#a43a65e0d33af3c743294f7a1139d2301">NodeID</a> id)</td></tr>
+<tr class="separator:a888fd56160afe0d431c47bcf10674dc0 inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:afb6de3effc0f483836bfe9f42aca760d inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top">void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#afb6de3effc0f483836bfe9f42aca760d">collectCheckPoint</a> ()</td></tr>
+<tr class="separator:afb6de3effc0f483836bfe9f42aca760d inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:aaa2f3713bd6d39bb4e9b5119b64277c7 inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top">void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#aaa2f3713bd6d39bb4e9b5119b64277c7">checkPointAllSet</a> ()</td></tr>
+<tr class="separator:aaa2f3713bd6d39bb4e9b5119b64277c7 inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:a140acf4733b46855c8627cf10dbb0bd5 inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top">void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#a140acf4733b46855c8627cf10dbb0bd5">AccessMemoryViaRetNode</a> (const <a class="el" href="classSVF_1_1CallICFGNode.html">CallICFGNode</a> *callnode, <a class="el" href="classSVF_1_1FILOWorkList.html">SVF::FILOWorkList</a>&lt; const <a class="el" href="classSVF_1_1SVFValue.html">SVFValue</a> * &gt; &amp;worklist, <a class="el" href="namespaceSVF.html#af739db846e47ba6b2fd15eaad31ab7fb">Set</a>&lt; const <a class="el" href="classSVF_1_1SVFValue.html">SVFValue</a> * &gt; &amp;visited)</td></tr>
+<tr class="separator:a140acf4733b46855c8627cf10dbb0bd5 inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:a20df87d2a269c3feab3acc40e4cd8801 inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top">void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#a20df87d2a269c3feab3acc40e4cd8801">AccessMemoryViaCopyStmt</a> (const <a class="el" href="classSVF_1_1CopyStmt.html">CopyStmt</a> *<a class="el" href="cJSON_8cpp.html#a7669ee67a0563250c1efaa24d130e1ac">copy</a>, <a class="el" href="classSVF_1_1FILOWorkList.html">SVF::FILOWorkList</a>&lt; const <a class="el" href="classSVF_1_1SVFValue.html">SVFValue</a> * &gt; &amp;worklist, <a class="el" href="namespaceSVF.html#af739db846e47ba6b2fd15eaad31ab7fb">Set</a>&lt; const <a class="el" href="classSVF_1_1SVFValue.html">SVFValue</a> * &gt; &amp;visited)</td></tr>
+<tr class="separator:a20df87d2a269c3feab3acc40e4cd8801 inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:a98f3c7d5e4b3722b717071cd320c8a60 inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top">void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#a98f3c7d5e4b3722b717071cd320c8a60">AccessMemoryViaLoadStmt</a> (const <a class="el" href="classSVF_1_1LoadStmt.html">LoadStmt</a> *load, <a class="el" href="classSVF_1_1FILOWorkList.html">SVF::FILOWorkList</a>&lt; const <a class="el" href="classSVF_1_1SVFValue.html">SVFValue</a> * &gt; &amp;worklist, <a class="el" href="namespaceSVF.html#af739db846e47ba6b2fd15eaad31ab7fb">Set</a>&lt; const <a class="el" href="classSVF_1_1SVFValue.html">SVFValue</a> * &gt; &amp;visited)</td></tr>
+<tr class="separator:a98f3c7d5e4b3722b717071cd320c8a60 inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:ac920e03f019c47e585f6d0138f91585f inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top">void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#ac920e03f019c47e585f6d0138f91585f">AccessMemoryViaCallArgs</a> (const <a class="el" href="classSVF_1_1SVFArgument.html">SVF::SVFArgument</a> *arg, <a class="el" href="classSVF_1_1FILOWorkList.html">SVF::FILOWorkList</a>&lt; const <a class="el" href="classSVF_1_1SVFValue.html">SVFValue</a> * &gt; &amp;worklist, <a class="el" href="namespaceSVF.html#af739db846e47ba6b2fd15eaad31ab7fb">Set</a>&lt; const <a class="el" href="classSVF_1_1SVFValue.html">SVFValue</a> * &gt; &amp;visited)</td></tr>
+<tr class="separator:ac920e03f019c47e585f6d0138f91585f inherit pro_methods_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
+</table><table class="memberdecls">
+<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="pri-methods"></a>
+Private Member Functions</h2></td></tr>
+<tr class="memitem:a0b79c3694a08100d2d8d1b8109998131"><td class="memItemLeft" align="right" valign="top">virtual void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1BufOverflowChecker.html#a0b79c3694a08100d2d8d1b8109998131">handleSVFStatement</a> (const <a class="el" href="classSVF_1_1SVFStmt.html">SVFStmt</a> *stmt) override</td></tr>
+<tr class="separator:a0b79c3694a08100d2d8d1b8109998131"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:afa6b30220b0b3261205a909def9ca44e"><td class="memItemLeft" align="right" valign="top">virtual void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1BufOverflowChecker.html#afa6b30220b0b3261205a909def9ca44e">handleICFGNode</a> (const <a class="el" href="classSVF_1_1ICFGNode.html">SVF::ICFGNode</a> *node) override</td></tr>
+<tr class="separator:afa6b30220b0b3261205a909def9ca44e"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:a52de7d619e8746a70718719306d7c5a1"><td class="memItemLeft" align="right" valign="top">bool&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1BufOverflowChecker.html#a52de7d619e8746a70718719306d7c5a1">detectBufOverflow</a> (const <a class="el" href="classSVF_1_1ICFGNode.html">ICFGNode</a> *node)</td></tr>
+<tr class="separator:a52de7d619e8746a70718719306d7c5a1"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:a7c11b81809cb087317cbea654a589f75"><td class="memItemLeft" align="right" valign="top">void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1BufOverflowChecker.html#a7c11b81809cb087317cbea654a589f75">addBugToRecoder</a> (const <a class="el" href="structSVF_1_1BufOverflowException.html">BufOverflowException</a> &amp;e, const <a class="el" href="classSVF_1_1ICFGNode.html">ICFGNode</a> *node)</td></tr>
+<tr class="separator:a7c11b81809cb087317cbea654a589f75"><td class="memSeparator" colspan="2">&#160;</td></tr>
+</table><table class="memberdecls">
+<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="pri-attribs"></a>
+Private Attributes</h2></td></tr>
+<tr class="memitem:a0088456e712c555cbfba6203aec38037"><td class="memItemLeft" align="right" valign="top"><a class="el" href="namespaceSVF.html#a8234d4b959abc9123993bcff4eee34c1">Map</a>&lt; <a class="el" href="namespaceSVF.html#a43a65e0d33af3c743294f7a1139d2301">NodeID</a>, const <a class="el" href="classSVF_1_1GepStmt.html">GepStmt</a> * &gt;&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1BufOverflowChecker.html#a0088456e712c555cbfba6203aec38037">_addrToGep</a></td></tr>
+<tr class="separator:a0088456e712c555cbfba6203aec38037"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:af83b65ed98cd4e0f6cd92962e7392d4d"><td class="memItemLeft" align="right" valign="top"><a class="el" href="namespaceSVF.html#a8234d4b959abc9123993bcff4eee34c1">Map</a>&lt; <a class="el" href="cJSON_8cpp.html#ae1adbce218e7a9d09164012443191d24">std::string</a>, std::vector&lt; std::pair&lt; <a class="el" href="namespaceSVF.html#ad42bff8d0a7d60a085aa32d10f4955af">u32_t</a>, <a class="el" href="namespaceSVF.html#ad42bff8d0a7d60a085aa32d10f4955af">u32_t</a> &gt; &gt; &gt;&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">_extAPIBufOverflowCheckRules</a></td></tr>
+<tr class="separator:af83b65ed98cd4e0f6cd92962e7392d4d"><td class="memSeparator" colspan="2">&#160;</td></tr>
+</table><table class="memberdecls">
+<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="inherited"></a>
+Additional Inherited Members</h2></td></tr>
+<tr class="inherit_header pub_types_classSVF_1_1AbstractExecution"><td colspan="2" onclick="javascript:toggleInherit('pub_types_classSVF_1_1AbstractExecution')"><img src="closed.png" alt="-"/>&#160;Public Types inherited from <a class="el" href="classSVF_1_1AbstractExecution.html">SVF::AbstractExecution</a></td></tr>
+<tr class="memitem:a442fb8eda087f72aa61816213dea43af inherit pub_types_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top">enum &#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#a442fb8eda087f72aa61816213dea43af">ExtAPIType</a> { <br />
+&#160;&#160;<a class="el" href="classSVF_1_1AbstractExecution.html#a442fb8eda087f72aa61816213dea43afa12d7009fd0108df805ee49182fe12ccc">UNCLASSIFIED</a>,
+<a class="el" href="classSVF_1_1AbstractExecution.html#a442fb8eda087f72aa61816213dea43afa622ab5082468499be675c2783aaf3dcf">MEMCPY</a>,
+<a class="el" href="classSVF_1_1AbstractExecution.html#a442fb8eda087f72aa61816213dea43afa45836a81adf553b872a061e5fe4c5be8">MEMSET</a>,
+<a class="el" href="classSVF_1_1AbstractExecution.html#a442fb8eda087f72aa61816213dea43afac9539311eec734c966b719990e869b12">STRCPY</a>,
+<br />
+&#160;&#160;<a class="el" href="classSVF_1_1AbstractExecution.html#a442fb8eda087f72aa61816213dea43afadcda19decab7b2d85523b1fdbceb23e6">STRCAT</a>
+<br />
+ }</td></tr>
+<tr class="separator:a442fb8eda087f72aa61816213dea43af inherit pub_types_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:a39c711b4657459d03ec67ae536bdec4d inherit pub_types_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top">typedef <a class="el" href="classSVF_1_1SCCDetection.html">SCCDetection</a>&lt; <a class="el" href="classSVF_1_1PTACallGraph.html">PTACallGraph</a> * &gt;&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#a39c711b4657459d03ec67ae536bdec4d">CallGraphSCC</a></td></tr>
+<tr class="separator:a39c711b4657459d03ec67ae536bdec4d inherit pub_types_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
 <tr class="inherit_header pro_attribs_classSVF_1_1AbstractExecution"><td colspan="2" onclick="javascript:toggleInherit('pro_attribs_classSVF_1_1AbstractExecution')"><img src="closed.png" alt="-"/>&#160;Protected Attributes inherited from <a class="el" href="classSVF_1_1AbstractExecution.html">SVF::AbstractExecution</a></td></tr>
 <tr class="memitem:a49742e8c3a8fe598a0945a8d8ff394d0 inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top"><a class="el" href="classSVF_1_1SVFIR.html">SVFIR</a> *&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a></td></tr>
 <tr class="memdesc:a49742e8c3a8fe598a0945a8d8ff394d0 inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="mdescLeft">&#160;</td><td class="mdescRight">protected data members, also used in subclasses  <a href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">More...</a><br /></td></tr>
@@ -176,7 +232,7 @@ Additional Inherited Members</h2></td></tr>
 <tr class="memitem:a5e24bceb3d6961117651dbc65e9a097a inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top"><a class="el" href="classSVF_1_1SVFIR2ItvExeState.html">SVFIR2ItvExeState</a> *&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#a5e24bceb3d6961117651dbc65e9a097a">_svfir2ExeState</a></td></tr>
 <tr class="memdesc:a5e24bceb3d6961117651dbc65e9a097a inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="mdescLeft">&#160;</td><td class="mdescRight">Execution State, used to store the Interval Value of every <a class="el" href="namespaceSVF.html" title="for isBitcode">SVF</a> variable.  <a href="classSVF_1_1AbstractExecution.html#a5e24bceb3d6961117651dbc65e9a097a">More...</a><br /></td></tr>
 <tr class="separator:a5e24bceb3d6961117651dbc65e9a097a inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:a26f8c21bd96ae22ca2e72af6fbfa410c inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top"><a class="el" href="classSVF_1_1AEAPI.html">AEAPI</a> *&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#a26f8c21bd96ae22ca2e72af6fbfa410c">_api</a> {nullptr}</td></tr>
+<tr class="memitem:a26f8c21bd96ae22ca2e72af6fbfa410c inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top"><a class="el" href="classSVF_1_1AbstractExecution.html#ac0bcb586dffbfadeb33f501cafbaa1c9">AEAPI</a> *&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#a26f8c21bd96ae22ca2e72af6fbfa410c">_api</a> {nullptr}</td></tr>
 <tr class="separator:a26f8c21bd96ae22ca2e72af6fbfa410c inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
 <tr class="memitem:ab5021d59a929f4eaf5e59d911036d201 inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top"><a class="el" href="classSVF_1_1ICFG.html">ICFG</a> *&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#ab5021d59a929f4eaf5e59d911036d201">_icfg</a></td></tr>
 <tr class="separator:ab5021d59a929f4eaf5e59d911036d201 inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
@@ -190,18 +246,24 @@ Additional Inherited Members</h2></td></tr>
 <tr class="separator:a5ed683d635bd05f0bee10436d20deb31 inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
 <tr class="memitem:ab9d6ebcf67ec473ce7ad5910c74eddc1 inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top">std::vector&lt; const <a class="el" href="classSVF_1_1CallICFGNode.html">CallICFGNode</a> * &gt;&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#ab9d6ebcf67ec473ce7ad5910c74eddc1">_callSiteStack</a></td></tr>
 <tr class="separator:ab9d6ebcf67ec473ce7ad5910c74eddc1 inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:a55737f5c82afce29a816eb21070a2bc1 inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top"><a class="el" href="namespaceSVF.html#a8234d4b959abc9123993bcff4eee34c1">Map</a>&lt; const <a class="el" href="classSVF_1_1ICFGNode.html">ICFGNode</a> *, <a class="el" href="cJSON_8cpp.html#ae1adbce218e7a9d09164012443191d24">std::string</a> &gt;&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#a55737f5c82afce29a816eb21070a2bc1">_nodeToBugInfo</a></td></tr>
-<tr class="separator:a55737f5c82afce29a816eb21070a2bc1 inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:a04e812385041270901af0f2cb599fa96 inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top"><a class="el" href="namespaceSVF.html#a8234d4b959abc9123993bcff4eee34c1">Map</a>&lt; const <a class="el" href="classSVF_1_1ICFGNode.html">ICFGNode</a> *, <a class="el" href="cJSON_8cpp.html#ae1adbce218e7a9d09164012443191d24">std::string</a> &gt;&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#a04e812385041270901af0f2cb599fa96">_nodeToBugInfo</a></td></tr>
+<tr class="separator:a04e812385041270901af0f2cb599fa96 inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
 <tr class="memitem:a53f3b9c51ed8648f14ecb703e9fe67ae inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top"><a class="el" href="classSVF_1_1AndersenWaveDiff.html">AndersenWaveDiff</a> *&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#a53f3b9c51ed8648f14ecb703e9fe67ae">_ander</a></td></tr>
 <tr class="separator:a53f3b9c51ed8648f14ecb703e9fe67ae inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:abe2d42c3c107d54aa89ee8e6ea718dfc inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top"><a class="el" href="namespaceSVF.html#a8234d4b959abc9123993bcff4eee34c1">Map</a>&lt; const <a class="el" href="classSVF_1_1SVFFunction.html">SVFFunction</a> *, <a class="el" href="classSVF_1_1ICFGWTO.html">ICFGWTO</a> * &gt;&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#abe2d42c3c107d54aa89ee8e6ea718dfc">_funcToWTO</a></td></tr>
-<tr class="separator:abe2d42c3c107d54aa89ee8e6ea718dfc inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:ade8434d8f0f5d832842d60b7a56fa64f inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top"><a class="el" href="namespaceSVF.html#a8234d4b959abc9123993bcff4eee34c1">Map</a>&lt; const <a class="el" href="classSVF_1_1SVFFunction.html">SVFFunction</a> *, <a class="el" href="classSVF_1_1ICFGWTO.html">ICFGWTO</a> * &gt;&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#ade8434d8f0f5d832842d60b7a56fa64f">_funcToWTO</a></td></tr>
+<tr class="separator:ade8434d8f0f5d832842d60b7a56fa64f inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
 <tr class="memitem:ac7b2e6bdccab5a507c9e8db8ea4682d3 inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top"><a class="el" href="namespaceSVF.html#af739db846e47ba6b2fd15eaad31ab7fb">Set</a>&lt; const <a class="el" href="classSVF_1_1SVFFunction.html">SVFFunction</a> * &gt;&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#ac7b2e6bdccab5a507c9e8db8ea4682d3">_recursiveFuns</a></td></tr>
 <tr class="separator:ac7b2e6bdccab5a507c9e8db8ea4682d3 inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:ac1742440725909fee77526726424d135 inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top"><a class="el" href="namespaceSVF.html#a8234d4b959abc9123993bcff4eee34c1">Map</a>&lt; <a class="el" href="cJSON_8cpp.html#ae1adbce218e7a9d09164012443191d24">std::string</a>, std::function&lt; void(const <a class="el" href="classSVF_1_1CallSite.html">CallSite</a> &amp;)&gt; &gt;&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a></td></tr>
+<tr class="separator:ac1742440725909fee77526726424d135 inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:a0a64bef0cc898059c50f6aec470cc6d9 inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top"><a class="el" href="namespaceSVF.html#af739db846e47ba6b2fd15eaad31ab7fb">Set</a>&lt; const <a class="el" href="classSVF_1_1CallICFGNode.html">CallICFGNode</a> * &gt;&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#a0a64bef0cc898059c50f6aec470cc6d9">_checkpoints</a></td></tr>
+<tr class="separator:a0a64bef0cc898059c50f6aec470cc6d9 inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:a32abc52bc54745027aa2daa67a8278f3 inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memItemLeft" align="right" valign="top"><a class="el" href="namespaceSVF.html#af739db846e47ba6b2fd15eaad31ab7fb">Set</a>&lt; <a class="el" href="cJSON_8cpp.html#ae1adbce218e7a9d09164012443191d24">std::string</a> &gt;&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSVF_1_1AbstractExecution.html#a32abc52bc54745027aa2daa67a8278f3">_checkpoint_names</a></td></tr>
+<tr class="separator:a32abc52bc54745027aa2daa67a8278f3 inherit pro_attribs_classSVF_1_1AbstractExecution"><td class="memSeparator" colspan="2">&#160;</td></tr>
 </table>
 <a name="details" id="details"></a><h2 class="groupheader">Detailed Description</h2>
 <div class="textblock">
-<p class="definition">Definition at line <a class="el" href="BufOverflowChecker_8h_source.html#l00173">173</a> of file <a class="el" href="BufOverflowChecker_8h_source.html">BufOverflowChecker.h</a>.</p>
+<p class="definition">Definition at line <a class="el" href="BufOverflowChecker_8h_source.html#l00103">103</a> of file <a class="el" href="BufOverflowChecker_8h_source.html">BufOverflowChecker.h</a>.</p>
 </div><h2 class="groupheader">Constructor &amp; Destructor Documentation</h2>
 <a id="adcfa49d892daef07e7d4274ab8d34b6f"></a>
 <h2 class="memtitle"><span class="permalink"><a href="#adcfa49d892daef07e7d4274ab8d34b6f">&#9670;&nbsp;</a></span>BufOverflowChecker()</h2>
@@ -226,11 +288,13 @@ Additional Inherited Members</h2></td></tr>
 </table>
 </div><div class="memdoc">
-<p class="definition">Definition at line <a class="el" href="BufOverflowChecker_8h_source.html#l00178">178</a> of file <a class="el" href="BufOverflowChecker_8h_source.html">BufOverflowChecker.h</a>.</p>
-<div class="fragment"><div class="line"><a name="l00178"></a><span class="lineno">  178</span>&#160;                         : <a class="code" href="classSVF_1_1AbstractExecution.html#a84d8fedb7e9d23e92ffcb74b4cfbf78c">AbstractExecution</a>()</div>
-<div class="line"><a name="l00179"></a><span class="lineno">  179</span>&#160;    {</div>
-<div class="line"><a name="l00180"></a><span class="lineno">  180</span>&#160;        <a class="code" href="classSVF_1_1AbstractExecution.html#ad36d48c0ef82de915d9339c4f47cbd70">_kind</a> = <a class="code" href="namespaceSVF.html#a41375daa7cc99317d0aa2a21dc643b88aa5aa2ddadb5f0392b52dcbe487fe0ecd">AEKind::BufOverflowChecker</a>;</div>
-<div class="line"><a name="l00181"></a><span class="lineno">  181</span>&#160;    }</div>
+<p class="definition">Definition at line <a class="el" href="BufOverflowChecker_8h_source.html#l00106">106</a> of file <a class="el" href="BufOverflowChecker_8h_source.html">BufOverflowChecker.h</a>.</p>
+<div class="fragment"><div class="line"><a name="l00106"></a><span class="lineno">  106</span>&#160;                         : <a class="code" href="classSVF_1_1AbstractExecution.html#a84d8fedb7e9d23e92ffcb74b4cfbf78c">AbstractExecution</a>()</div>
+<div class="line"><a name="l00107"></a><span class="lineno">  107</span>&#160;    {</div>
+<div class="line"><a name="l00108"></a><span class="lineno">  108</span>&#160;        <a class="code" href="classSVF_1_1BufOverflowChecker.html#af0e2276001df7d51c45b22d5d11ca09b">initExtFunMap</a>();</div>
+<div class="line"><a name="l00109"></a><span class="lineno">  109</span>&#160;        <a class="code" href="classSVF_1_1AbstractExecution.html#ad36d48c0ef82de915d9339c4f47cbd70">_kind</a> = <a class="code" href="namespaceSVF.html#a41375daa7cc99317d0aa2a21dc643b88aa5aa2ddadb5f0392b52dcbe487fe0ecd">AEKind::BufOverflowChecker</a>;</div>
+<div class="line"><a name="l00110"></a><span class="lineno">  110</span>&#160;        <a class="code" href="classSVF_1_1BufOverflowChecker.html#aed959fce840cbea32d3567ee1ac01e82">initExtAPIBufOverflowCheckRules</a>();</div>
+<div class="line"><a name="l00111"></a><span class="lineno">  111</span>&#160;    }</div>
 </div><!-- fragment -->
 </div>
 </div>
@@ -277,6 +341,61 @@ Additional Inherited Members</h2></td></tr>
   </dd>
 </dl>
+</div>
+</div>
+<a id="ace5ad1d6a63d5392044fee2ecbc9236e"></a>
+<h2 class="memtitle"><span class="permalink"><a href="#ace5ad1d6a63d5392044fee2ecbc9236e">&#9670;&nbsp;</a></span>canSafelyAccessMemory()</h2>
+<div class="memitem">
+<div class="memproto">
+<table class="mlabels">
+  <tr>
+  <td class="mlabels-left">
+      <table class="memname">
+        <tr>
+          <td class="memname">bool SVF::BufOverflowChecker::canSafelyAccessMemory </td>
+          <td>(</td>
+          <td class="paramtype">const <a class="el" href="classSVF_1_1SVFValue.html">SVFValue</a> *&#160;</td>
+          <td class="paramname"><em>value</em>, </td>
+        </tr>
+        <tr>
+          <td class="paramkey"></td>
+          <td></td>
+          <td class="paramtype">const <a class="el" href="classSVF_1_1IntervalValue.html">IntervalValue</a> &amp;&#160;</td>
+          <td class="paramname"><em>len</em>, </td>
+        </tr>
+        <tr>
+          <td class="paramkey"></td>
+          <td></td>
+          <td class="paramtype">const <a class="el" href="classSVF_1_1ICFGNode.html">ICFGNode</a> *&#160;</td>
+          <td class="paramname"><em>curNode</em>&#160;</td>
+        </tr>
+        <tr>
+          <td></td>
+          <td>)</td>
+          <td></td><td></td>
+        </tr>
+      </table>
+  </td>
+  <td class="mlabels-right">
+<span class="mlabels"><span class="mlabel">protected</span></span>  </td>
+  </tr>
+</table>
+</div><div class="memdoc">
+<p>detect buffer overflow by giving a var and a length e.g. int x[10]; x[10] = 1; we call canSafelyAccessMemory(x, 11 * sizeof(int));</p>
+<dl class="params"><dt>Parameters</dt><dd>
+  <table class="params">
+    <tr><td class="paramname">value</td><td>the value of the buffer overflow checkpoint </td></tr>
+    <tr><td class="paramname">len</td><td>the length of the buffer overflow checkpoint </td></tr>
+  </table>
+  </dd>
+</dl>
+<dl class="section return"><dt>Returns</dt><dd>true if the buffer overflow is detected </dd></dl>
+<p>Usually called by a <a class="el" href="classSVF_1_1GepStmt.html">GepStmt</a> overflow check, or external API (like memcpy) overflow check Defitions of Terms: source node: malloc or gepStmt(array), sink node: gepStmt or external API (like memcpy) e.g. 1) a = malloc(10), a[11] = 10, a[11] is the sink node, a is the source node (malloc) 2) A = struct {int a[10];}, A.a[11] = 10, A.a[11] is the sink, A.a is the source node (gepStmt(array))</p>
+<p>it tracks the value flow from sink to source, and accumulates offset then compare the accumulated offset and malloc size (or gepStmt array size)</p>
+<p class="definition">Definition at line <a class="el" href="BufOverflowChecker_8cpp_source.html#l00485">485</a> of file <a class="el" href="BufOverflowChecker_8cpp_source.html">BufOverflowChecker.cpp</a>.</p>
 </div>
 </div>
 <a id="ace460f7684aedf51c9907c995b94b653"></a>
@@ -303,10 +422,10 @@ Additional Inherited Members</h2></td></tr>
 </table>
 </div><div class="memdoc">
-<p class="definition">Definition at line <a class="el" href="BufOverflowChecker_8h_source.html#l00183">183</a> of file <a class="el" href="BufOverflowChecker_8h_source.html">BufOverflowChecker.h</a>.</p>
-<div class="fragment"><div class="line"><a name="l00184"></a><span class="lineno">  184</span>&#160;    {</div>
-<div class="line"><a name="l00185"></a><span class="lineno">  185</span>&#160;        <span class="keywordflow">return</span> ae-&gt;getKind() == <a class="code" href="namespaceSVF.html#a41375daa7cc99317d0aa2a21dc643b88aa5aa2ddadb5f0392b52dcbe487fe0ecd">AEKind::BufOverflowChecker</a>;</div>
-<div class="line"><a name="l00186"></a><span class="lineno">  186</span>&#160;    }</div>
+<p class="definition">Definition at line <a class="el" href="BufOverflowChecker_8h_source.html#l00113">113</a> of file <a class="el" href="BufOverflowChecker_8h_source.html">BufOverflowChecker.h</a>.</p>
+<div class="fragment"><div class="line"><a name="l00114"></a><span class="lineno">  114</span>&#160;    {</div>
+<div class="line"><a name="l00115"></a><span class="lineno">  115</span>&#160;        <span class="keywordflow">return</span> ae-&gt;getKind() == <a class="code" href="namespaceSVF.html#a41375daa7cc99317d0aa2a21dc643b88aa5aa2ddadb5f0392b52dcbe487fe0ecd">AEKind::BufOverflowChecker</a>;</div>
+<div class="line"><a name="l00116"></a><span class="lineno">  116</span>&#160;    }</div>
 </div><!-- fragment -->
 </div>
 </div>
@@ -342,6 +461,232 @@ Additional Inherited Members</h2></td></tr>
 </dl>
 <dl class="section return"><dt>Returns</dt><dd>true if the buffer overflow is detected </dd></dl>
+</div>
+</div>
+<a id="aa68f8aef09481d7c07dc59d7dfb83822"></a>
+<h2 class="memtitle"><span class="permalink"><a href="#aa68f8aef09481d7c07dc59d7dfb83822">&#9670;&nbsp;</a></span>detectStrcat()</h2>
+<div class="memitem">
+<div class="memproto">
+<table class="mlabels">
+  <tr>
+  <td class="mlabels-left">
+      <table class="memname">
+        <tr>
+          <td class="memname">bool SVF::BufOverflowChecker::detectStrcat </td>
+          <td>(</td>
+          <td class="paramtype">const <a class="el" href="classSVF_1_1CallICFGNode.html">CallICFGNode</a> *&#160;</td>
+          <td class="paramname"><em>call</em></td><td>)</td>
+          <td></td>
+        </tr>
+      </table>
+  </td>
+  <td class="mlabels-right">
+<span class="mlabels"><span class="mlabel">protected</span></span>  </td>
+  </tr>
+</table>
+</div><div class="memdoc">
+<p>detect buffer overflow from strcat like apis e.g. strcat(dst, src), if dst is shorter than src, we will throw buffer overflow</p>
+<dl class="params"><dt>Parameters</dt><dd>
+  <table class="params">
+    <tr><td class="paramname">call</td><td>call node whose callee is strcpy-like external function </td></tr>
+  </table>
+  </dd>
+</dl>
+<dl class="section return"><dt>Returns</dt><dd>true if the buffer overflow is detected </dd></dl>
+<p class="definition">Definition at line <a class="el" href="BufOverflowChecker_8cpp_source.html#l00372">372</a> of file <a class="el" href="BufOverflowChecker_8cpp_source.html">BufOverflowChecker.cpp</a>.</p>
+<div class="fragment"><div class="line"><a name="l00373"></a><span class="lineno">  373</span>&#160;{</div>
+<div class="line"><a name="l00374"></a><span class="lineno">  374</span>&#160;    <span class="keyword">const</span> SVFFunction *fun = <a class="code" href="namespaceSVF_1_1SVFUtil.html#a145abbd2958629718fbca41d25c3124d">SVFUtil::getCallee</a>(call-&gt;getCallSite());</div>
+<div class="line"><a name="l00375"></a><span class="lineno">  375</span>&#160;    <span class="comment">// check the arg size</span></div>
+<div class="line"><a name="l00376"></a><span class="lineno">  376</span>&#160;    <span class="comment">// if it is strcat group, we need to check the length of string,</span></div>
+<div class="line"><a name="l00377"></a><span class="lineno">  377</span>&#160;    <span class="comment">// e.g. strcat(str1, str2); which checks AllocSize(str1) &gt;= Strlen(str1) + Strlen(str2);</span></div>
+<div class="line"><a name="l00378"></a><span class="lineno">  378</span>&#160;    <span class="comment">// if it is strncat group, we do not need to check the length of string,</span></div>
+<div class="line"><a name="l00379"></a><span class="lineno">  379</span>&#160;    <span class="comment">// e.g. strncat(str1, str2, n); which checks AllocSize(str1) &gt;= Strlen(str1) + n;</span></div>
+<div class="line"><a name="l00380"></a><span class="lineno">  380</span>&#160; </div>
+<div class="line"><a name="l00381"></a><span class="lineno">  381</span>&#160;    <span class="keyword">const</span> std::vector&lt;std::string&gt; strcatGroup = {<span class="stringliteral">&quot;__strcat_chk&quot;</span>, <span class="stringliteral">&quot;strcat&quot;</span>, <span class="stringliteral">&quot;__wcscat_chk&quot;</span>, <span class="stringliteral">&quot;wcscat&quot;</span>};</div>
+<div class="line"><a name="l00382"></a><span class="lineno">  382</span>&#160;    <span class="keyword">const</span> std::vector&lt;std::string&gt; strncatGroup = {<span class="stringliteral">&quot;__strncat_chk&quot;</span>, <span class="stringliteral">&quot;strncat&quot;</span>, <span class="stringliteral">&quot;__wcsncat_chk&quot;</span>, <span class="stringliteral">&quot;wcsncat&quot;</span>};</div>
+<div class="line"><a name="l00383"></a><span class="lineno">  383</span>&#160;    <span class="keywordflow">if</span> (std::find(strcatGroup.begin(), strcatGroup.end(), fun-&gt;getName()) != strcatGroup.end())</div>
+<div class="line"><a name="l00384"></a><span class="lineno">  384</span>&#160;    {</div>
+<div class="line"><a name="l00385"></a><span class="lineno">  385</span>&#160;        CallSite cs = <a class="code" href="namespaceSVF_1_1SVFUtil.html#a9815a5b31ac7dc21239d08e5b9f61106">SVFUtil::getSVFCallSite</a>(call-&gt;getCallSite());</div>
+<div class="line"><a name="l00386"></a><span class="lineno">  386</span>&#160;        <span class="keyword">const</span> SVFValue* arg0Val = cs.getArgument(0);</div>
+<div class="line"><a name="l00387"></a><span class="lineno">  387</span>&#160;        <span class="keyword">const</span> SVFValue* arg1Val = cs.getArgument(1);</div>
+<div class="line"><a name="l00388"></a><span class="lineno">  388</span>&#160;        IntervalValue strLen0 = <a class="code" href="classSVF_1_1AbstractExecution.html#a99be86146ad4ddbdb900cdb6b324f943">getStrlen</a>(arg0Val);</div>
+<div class="line"><a name="l00389"></a><span class="lineno">  389</span>&#160;        IntervalValue strLen1 = <a class="code" href="classSVF_1_1AbstractExecution.html#a99be86146ad4ddbdb900cdb6b324f943">getStrlen</a>(arg1Val);</div>
+<div class="line"><a name="l00390"></a><span class="lineno">  390</span>&#160;        IntervalValue totalLen = strLen0 + strLen1;</div>
+<div class="line"><a name="l00391"></a><span class="lineno">  391</span>&#160;        <span class="keywordflow">return</span> <a class="code" href="classSVF_1_1BufOverflowChecker.html#ace5ad1d6a63d5392044fee2ecbc9236e">canSafelyAccessMemory</a>(arg0Val, totalLen, call);</div>
+<div class="line"><a name="l00392"></a><span class="lineno">  392</span>&#160;    }</div>
+<div class="line"><a name="l00393"></a><span class="lineno">  393</span>&#160;    <span class="keywordflow">else</span> <span class="keywordflow">if</span> (std::find(strncatGroup.begin(), strncatGroup.end(), fun-&gt;getName()) != strncatGroup.end())</div>
+<div class="line"><a name="l00394"></a><span class="lineno">  394</span>&#160;    {</div>
+<div class="line"><a name="l00395"></a><span class="lineno">  395</span>&#160;        CallSite cs = <a class="code" href="namespaceSVF_1_1SVFUtil.html#a9815a5b31ac7dc21239d08e5b9f61106">SVFUtil::getSVFCallSite</a>(call-&gt;getCallSite());</div>
+<div class="line"><a name="l00396"></a><span class="lineno">  396</span>&#160;        <span class="keyword">const</span> SVFValue* arg0Val = cs.getArgument(0);</div>
+<div class="line"><a name="l00397"></a><span class="lineno">  397</span>&#160;        <span class="keyword">const</span> SVFValue* arg2Val = cs.getArgument(2);</div>
+<div class="line"><a name="l00398"></a><span class="lineno">  398</span>&#160;        IntervalValue arg2Num = <a class="code" href="classSVF_1_1AbstractExecution.html#a5e24bceb3d6961117651dbc65e9a097a">_svfir2ExeState</a>-&gt;<a class="code" href="classSVF_1_1SVFIR2ItvExeState.html#a56434326130c8127c823097ad764947b">getEs</a>()[<a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1IRGraph.html#a43514023a4f4d0c32f536f51443b0efc">getValueNode</a>(arg2Val)];</div>
+<div class="line"><a name="l00399"></a><span class="lineno">  399</span>&#160;        IntervalValue strLen0 = <a class="code" href="classSVF_1_1AbstractExecution.html#a99be86146ad4ddbdb900cdb6b324f943">getStrlen</a>(arg0Val);</div>
+<div class="line"><a name="l00400"></a><span class="lineno">  400</span>&#160;        IntervalValue totalLen = strLen0 + arg2Num;</div>
+<div class="line"><a name="l00401"></a><span class="lineno">  401</span>&#160;        <span class="keywordflow">return</span> <a class="code" href="classSVF_1_1BufOverflowChecker.html#ace5ad1d6a63d5392044fee2ecbc9236e">canSafelyAccessMemory</a>(arg0Val, totalLen, call);</div>
+<div class="line"><a name="l00402"></a><span class="lineno">  402</span>&#160;    }</div>
+<div class="line"><a name="l00403"></a><span class="lineno">  403</span>&#160;    <span class="keywordflow">else</span></div>
+<div class="line"><a name="l00404"></a><span class="lineno">  404</span>&#160;    {</div>
+<div class="line"><a name="l00405"></a><span class="lineno">  405</span>&#160;        assert(<span class="keyword">false</span> &amp;&amp; <span class="stringliteral">&quot;unknown strcat function, please add it to strcatGroup or strncatGroup&quot;</span>);</div>
+<div class="line"><a name="l00406"></a><span class="lineno">  406</span>&#160;        abort();</div>
+<div class="line"><a name="l00407"></a><span class="lineno">  407</span>&#160;    }</div>
+<div class="line"><a name="l00408"></a><span class="lineno">  408</span>&#160;}</div>
+</div><!-- fragment -->
+</div>
+</div>
+<a id="ad8b2f2fa6f22b9d1655135c819cbad8a"></a>
+<h2 class="memtitle"><span class="permalink"><a href="#ad8b2f2fa6f22b9d1655135c819cbad8a">&#9670;&nbsp;</a></span>detectStrcpy()</h2>
+<div class="memitem">
+<div class="memproto">
+<table class="mlabels">
+  <tr>
+  <td class="mlabels-left">
+      <table class="memname">
+        <tr>
+          <td class="memname">bool SVF::BufOverflowChecker::detectStrcpy </td>
+          <td>(</td>
+          <td class="paramtype">const <a class="el" href="classSVF_1_1CallICFGNode.html">CallICFGNode</a> *&#160;</td>
+          <td class="paramname"><em>call</em></td><td>)</td>
+          <td></td>
+        </tr>
+      </table>
+  </td>
+  <td class="mlabels-right">
+<span class="mlabels"><span class="mlabel">protected</span></span>  </td>
+  </tr>
+</table>
+</div><div class="memdoc">
+<p>detect buffer overflow from strcpy like apis e.g. strcpy(dst, src), if dst is shorter than src, we will throw buffer overflow</p>
+<dl class="params"><dt>Parameters</dt><dd>
+  <table class="params">
+    <tr><td class="paramname">call</td><td>call node whose callee is strcpy-like external function </td></tr>
+  </table>
+  </dd>
+</dl>
+<dl class="section return"><dt>Returns</dt><dd>true if the buffer overflow is detected </dd></dl>
+<p class="definition">Definition at line <a class="el" href="BufOverflowChecker_8cpp_source.html#l00123">123</a> of file <a class="el" href="BufOverflowChecker_8cpp_source.html">BufOverflowChecker.cpp</a>.</p>
+<div class="fragment"><div class="line"><a name="l00124"></a><span class="lineno">  124</span>&#160;{</div>
+<div class="line"><a name="l00125"></a><span class="lineno">  125</span>&#160;    CallSite cs = <a class="code" href="namespaceSVF_1_1SVFUtil.html#a9815a5b31ac7dc21239d08e5b9f61106">SVFUtil::getSVFCallSite</a>(call-&gt;getCallSite());</div>
+<div class="line"><a name="l00126"></a><span class="lineno">  126</span>&#160;    <span class="keyword">const</span> SVFValue* arg0Val = cs.getArgument(0);</div>
+<div class="line"><a name="l00127"></a><span class="lineno">  127</span>&#160;    <span class="keyword">const</span> SVFValue* arg1Val = cs.getArgument(1);</div>
+<div class="line"><a name="l00128"></a><span class="lineno">  128</span>&#160;    IntervalValue strLen = <a class="code" href="classSVF_1_1AbstractExecution.html#a99be86146ad4ddbdb900cdb6b324f943">getStrlen</a>(arg1Val);</div>
+<div class="line"><a name="l00129"></a><span class="lineno">  129</span>&#160;    <span class="comment">// no need to -1, since it has \0 as the last byte</span></div>
+<div class="line"><a name="l00130"></a><span class="lineno">  130</span>&#160;    <span class="keywordflow">return</span> <a class="code" href="classSVF_1_1BufOverflowChecker.html#ace5ad1d6a63d5392044fee2ecbc9236e">canSafelyAccessMemory</a>(arg0Val, strLen, call);</div>
+<div class="line"><a name="l00131"></a><span class="lineno">  131</span>&#160;}</div>
+</div><!-- fragment -->
+</div>
+</div>
+<a id="a1ed3cb0a1a118d9e505b192841a58dde"></a>
+<h2 class="memtitle"><span class="permalink"><a href="#a1ed3cb0a1a118d9e505b192841a58dde">&#9670;&nbsp;</a></span>handleExtAPI()</h2>
+<div class="memitem">
+<div class="memproto">
+<table class="mlabels">
+  <tr>
+  <td class="mlabels-left">
+      <table class="memname">
+        <tr>
+          <td class="memname">void SVF::BufOverflowChecker::handleExtAPI </td>
+          <td>(</td>
+          <td class="paramtype">const <a class="el" href="classSVF_1_1CallICFGNode.html">CallICFGNode</a> *&#160;</td>
+          <td class="paramname"><em>call</em></td><td>)</td>
+          <td></td>
+        </tr>
+      </table>
+  </td>
+  <td class="mlabels-right">
+<span class="mlabels"><span class="mlabel">override</span><span class="mlabel">protected</span><span class="mlabel">virtual</span></span>  </td>
+  </tr>
+</table>
+</div><div class="memdoc">
+<p>handle external function call regarding buffer overflow checking e.g. memcpy(dst, src, sz) -&gt; we check allocSize(dst)&gt;=sz and allocSize(src)&gt;=sz</p>
+<dl class="params"><dt>Parameters</dt><dd>
+  <table class="params">
+    <tr><td class="paramname">call</td><td>call node whose callee is external function </td></tr>
+  </table>
+  </dd>
+</dl>
+<p>Reimplemented from <a class="el" href="classSVF_1_1AbstractExecution.html#ae002abb8711300ff52200f78f1463369">SVF::AbstractExecution</a>.</p>
+<p class="definition">Definition at line <a class="el" href="BufOverflowChecker_8cpp_source.html#l00410">410</a> of file <a class="el" href="BufOverflowChecker_8cpp_source.html">BufOverflowChecker.cpp</a>.</p>
+<div class="fragment"><div class="line"><a name="l00411"></a><span class="lineno">  411</span>&#160;{</div>
+<div class="line"><a name="l00412"></a><span class="lineno">  412</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ae002abb8711300ff52200f78f1463369">AbstractExecution::handleExtAPI</a>(call);</div>
+<div class="line"><a name="l00413"></a><span class="lineno">  413</span>&#160;    <span class="keyword">const</span> SVFFunction *fun = <a class="code" href="namespaceSVF_1_1SVFUtil.html#a145abbd2958629718fbca41d25c3124d">SVFUtil::getCallee</a>(call-&gt;getCallSite());</div>
+<div class="line"><a name="l00414"></a><span class="lineno">  414</span>&#160;    assert(fun &amp;&amp; <span class="stringliteral">&quot;SVFFunction* is nullptr&quot;</span>);</div>
+<div class="line"><a name="l00415"></a><span class="lineno">  415</span>&#160;    CallSite cs = <a class="code" href="namespaceSVF_1_1SVFUtil.html#a9815a5b31ac7dc21239d08e5b9f61106">SVFUtil::getSVFCallSite</a>(call-&gt;getCallSite());</div>
+<div class="line"><a name="l00416"></a><span class="lineno">  416</span>&#160;    <span class="comment">// check the type of mem api,</span></div>
+<div class="line"><a name="l00417"></a><span class="lineno">  417</span>&#160;    <span class="comment">// MEMCPY: like memcpy, memcpy_chk, llvm.memcpy etc.</span></div>
+<div class="line"><a name="l00418"></a><span class="lineno">  418</span>&#160;    <span class="comment">// MEMSET: like memset, memset_chk, llvm.memset etc.</span></div>
+<div class="line"><a name="l00419"></a><span class="lineno">  419</span>&#160;    <span class="comment">// STRCPY: like strcpy, strcpy_chk, wcscpy etc.</span></div>
+<div class="line"><a name="l00420"></a><span class="lineno">  420</span>&#160;    <span class="comment">// STRCAT: like strcat, strcat_chk, wcscat etc.</span></div>
+<div class="line"><a name="l00421"></a><span class="lineno">  421</span>&#160;    <span class="comment">// for other ext api like printf, scanf, etc., they have their own handlers</span></div>
+<div class="line"><a name="l00422"></a><span class="lineno">  422</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#a442fb8eda087f72aa61816213dea43af">ExtAPIType</a> extType = <a class="code" href="classSVF_1_1AbstractExecution.html#a442fb8eda087f72aa61816213dea43afa12d7009fd0108df805ee49182fe12ccc">UNCLASSIFIED</a>;</div>
+<div class="line"><a name="l00423"></a><span class="lineno">  423</span>&#160;    <span class="comment">// get type of mem api</span></div>
+<div class="line"><a name="l00424"></a><span class="lineno">  424</span>&#160;    <span class="keywordflow">for</span> (<span class="keyword">const</span> <a class="code" href="cJSON_8h.html#ad4c68ea99a26b0a98ad9a79982960458">std::string</a> &amp;annotation: fun-&gt;getAnnotations())</div>
+<div class="line"><a name="l00425"></a><span class="lineno">  425</span>&#160;    {</div>
+<div class="line"><a name="l00426"></a><span class="lineno">  426</span>&#160;        <span class="keywordflow">if</span> (annotation.find(<span class="stringliteral">&quot;MEMCPY&quot;</span>) != std::string::npos)</div>
+<div class="line"><a name="l00427"></a><span class="lineno">  427</span>&#160;            extType =  <a class="code" href="classSVF_1_1AbstractExecution.html#a442fb8eda087f72aa61816213dea43afa622ab5082468499be675c2783aaf3dcf">MEMCPY</a>;</div>
+<div class="line"><a name="l00428"></a><span class="lineno">  428</span>&#160;        <span class="keywordflow">if</span> (annotation.find(<span class="stringliteral">&quot;MEMSET&quot;</span>) != std::string::npos)</div>
+<div class="line"><a name="l00429"></a><span class="lineno">  429</span>&#160;            extType =  <a class="code" href="classSVF_1_1AbstractExecution.html#a442fb8eda087f72aa61816213dea43afa45836a81adf553b872a061e5fe4c5be8">MEMSET</a>;</div>
+<div class="line"><a name="l00430"></a><span class="lineno">  430</span>&#160;        <span class="keywordflow">if</span> (annotation.find(<span class="stringliteral">&quot;STRCPY&quot;</span>) != std::string::npos)</div>
+<div class="line"><a name="l00431"></a><span class="lineno">  431</span>&#160;            extType = <a class="code" href="classSVF_1_1AbstractExecution.html#a442fb8eda087f72aa61816213dea43afac9539311eec734c966b719990e869b12">STRCPY</a>;</div>
+<div class="line"><a name="l00432"></a><span class="lineno">  432</span>&#160;        <span class="keywordflow">if</span> (annotation.find(<span class="stringliteral">&quot;STRCAT&quot;</span>) != std::string::npos)</div>
+<div class="line"><a name="l00433"></a><span class="lineno">  433</span>&#160;            extType =  <a class="code" href="classSVF_1_1AbstractExecution.html#a442fb8eda087f72aa61816213dea43afadcda19decab7b2d85523b1fdbceb23e6">STRCAT</a>;</div>
+<div class="line"><a name="l00434"></a><span class="lineno">  434</span>&#160;    }</div>
+<div class="line"><a name="l00435"></a><span class="lineno">  435</span>&#160;    <span class="comment">// 1. memcpy functions like memcpy_chk, strncpy, annotate(&quot;MEMCPY&quot;), annotate(&quot;BUF_CHECK:Arg0, Arg2&quot;), annotate(&quot;BUF_CHECK:Arg1, Arg2&quot;)</span></div>
+<div class="line"><a name="l00436"></a><span class="lineno">  436</span>&#160;    <span class="keywordflow">if</span> (extType == <a class="code" href="classSVF_1_1AbstractExecution.html#a442fb8eda087f72aa61816213dea43afa622ab5082468499be675c2783aaf3dcf">MEMCPY</a>)</div>
+<div class="line"><a name="l00437"></a><span class="lineno">  437</span>&#160;    {</div>
+<div class="line"><a name="l00438"></a><span class="lineno">  438</span>&#160;        <span class="keywordflow">if</span> (<a class="code" href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">_extAPIBufOverflowCheckRules</a>.count(fun-&gt;getName()) == 0)</div>
+<div class="line"><a name="l00439"></a><span class="lineno">  439</span>&#160;        {</div>
+<div class="line"><a name="l00440"></a><span class="lineno">  440</span>&#160;            <span class="comment">// if it is not in the rules, we do not check it</span></div>
+<div class="line"><a name="l00441"></a><span class="lineno">  441</span>&#160;            <a class="code" href="namespaceSVF_1_1SVFUtil.html#ab65033f068bfbeb0a1c52dcec3beb6bc">SVFUtil::errs</a>() &lt;&lt; <span class="stringliteral">&quot;Warning: &quot;</span> &lt;&lt; fun-&gt;getName() &lt;&lt; <span class="stringliteral">&quot; is not in the rules, please implement it\n&quot;</span>;</div>
+<div class="line"><a name="l00442"></a><span class="lineno">  442</span>&#160;            <span class="keywordflow">return</span>;</div>
+<div class="line"><a name="l00443"></a><span class="lineno">  443</span>&#160;        }</div>
+<div class="line"><a name="l00444"></a><span class="lineno">  444</span>&#160;        <span class="comment">// call parseMemcpyBufferCheckArgs to parse the BUF_CHECK annotation</span></div>
+<div class="line"><a name="l00445"></a><span class="lineno">  445</span>&#160;        std::vector&lt;std::pair&lt;u32_t, u32_t&gt;&gt; args = <a class="code" href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">_extAPIBufOverflowCheckRules</a>.at(fun-&gt;getName());</div>
+<div class="line"><a name="l00446"></a><span class="lineno">  446</span>&#160;        <span class="comment">// loop the args and check the offset</span></div>
+<div class="line"><a name="l00447"></a><span class="lineno">  447</span>&#160;        <span class="keywordflow">for</span> (<span class="keyword">auto</span> arg: args)</div>
+<div class="line"><a name="l00448"></a><span class="lineno">  448</span>&#160;        {</div>
+<div class="line"><a name="l00449"></a><span class="lineno">  449</span>&#160;            IntervalValue <a class="code" href="cJSON_8cpp.html#a95bf816579e97b6f33bdb5e25ed6d5de">offset</a> = <a class="code" href="classSVF_1_1AbstractExecution.html#a5e24bceb3d6961117651dbc65e9a097a">_svfir2ExeState</a>-&gt;<a class="code" href="classSVF_1_1SVFIR2ItvExeState.html#a56434326130c8127c823097ad764947b">getEs</a>()[<a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1IRGraph.html#a43514023a4f4d0c32f536f51443b0efc">getValueNode</a>(cs.getArgument(arg.second))] - IntervalValue(1);</div>
+<div class="line"><a name="l00450"></a><span class="lineno">  450</span>&#160;            <a class="code" href="classSVF_1_1BufOverflowChecker.html#ace5ad1d6a63d5392044fee2ecbc9236e">canSafelyAccessMemory</a>(cs.getArgument(arg.first), <a class="code" href="cJSON_8cpp.html#a95bf816579e97b6f33bdb5e25ed6d5de">offset</a>, call);</div>
+<div class="line"><a name="l00451"></a><span class="lineno">  451</span>&#160;        }</div>
+<div class="line"><a name="l00452"></a><span class="lineno">  452</span>&#160;    }</div>
+<div class="line"><a name="l00453"></a><span class="lineno">  453</span>&#160;    <span class="comment">// 2. memset functions like memset, memset_chk, annotate(&quot;MEMSET&quot;), annotate(&quot;BUF_CHECK:Arg0, Arg2&quot;)</span></div>
+<div class="line"><a name="l00454"></a><span class="lineno">  454</span>&#160;    <span class="keywordflow">else</span> <span class="keywordflow">if</span> (extType == <a class="code" href="classSVF_1_1AbstractExecution.html#a442fb8eda087f72aa61816213dea43afa45836a81adf553b872a061e5fe4c5be8">MEMSET</a>)</div>
+<div class="line"><a name="l00455"></a><span class="lineno">  455</span>&#160;    {</div>
+<div class="line"><a name="l00456"></a><span class="lineno">  456</span>&#160;        <span class="keywordflow">if</span> (<a class="code" href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">_extAPIBufOverflowCheckRules</a>.count(fun-&gt;getName()) == 0)</div>
+<div class="line"><a name="l00457"></a><span class="lineno">  457</span>&#160;        {</div>
+<div class="line"><a name="l00458"></a><span class="lineno">  458</span>&#160;            <span class="comment">// if it is not in the rules, we do not check it</span></div>
+<div class="line"><a name="l00459"></a><span class="lineno">  459</span>&#160;            <a class="code" href="namespaceSVF_1_1SVFUtil.html#ab65033f068bfbeb0a1c52dcec3beb6bc">SVFUtil::errs</a>() &lt;&lt; <span class="stringliteral">&quot;Warning: &quot;</span> &lt;&lt; fun-&gt;getName() &lt;&lt; <span class="stringliteral">&quot; is not in the rules, please implement it\n&quot;</span>;</div>
+<div class="line"><a name="l00460"></a><span class="lineno">  460</span>&#160;            <span class="keywordflow">return</span>;</div>
+<div class="line"><a name="l00461"></a><span class="lineno">  461</span>&#160;        }</div>
+<div class="line"><a name="l00462"></a><span class="lineno">  462</span>&#160;        std::vector&lt;std::pair&lt;u32_t, u32_t&gt;&gt; args = <a class="code" href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">_extAPIBufOverflowCheckRules</a>.at(fun-&gt;getName());</div>
+<div class="line"><a name="l00463"></a><span class="lineno">  463</span>&#160;        <span class="comment">// loop the args and check the offset</span></div>
+<div class="line"><a name="l00464"></a><span class="lineno">  464</span>&#160;        <span class="keywordflow">for</span> (<span class="keyword">auto</span> arg: args)</div>
+<div class="line"><a name="l00465"></a><span class="lineno">  465</span>&#160;        {</div>
+<div class="line"><a name="l00466"></a><span class="lineno">  466</span>&#160;            IntervalValue <a class="code" href="cJSON_8cpp.html#a95bf816579e97b6f33bdb5e25ed6d5de">offset</a> = <a class="code" href="classSVF_1_1AbstractExecution.html#a5e24bceb3d6961117651dbc65e9a097a">_svfir2ExeState</a>-&gt;<a class="code" href="classSVF_1_1SVFIR2ItvExeState.html#a56434326130c8127c823097ad764947b">getEs</a>()[<a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1IRGraph.html#a43514023a4f4d0c32f536f51443b0efc">getValueNode</a>(cs.getArgument(arg.second))] - IntervalValue(1);</div>
+<div class="line"><a name="l00467"></a><span class="lineno">  467</span>&#160;            <a class="code" href="classSVF_1_1BufOverflowChecker.html#ace5ad1d6a63d5392044fee2ecbc9236e">canSafelyAccessMemory</a>(cs.getArgument(arg.first), <a class="code" href="cJSON_8cpp.html#a95bf816579e97b6f33bdb5e25ed6d5de">offset</a>, call);</div>
+<div class="line"><a name="l00468"></a><span class="lineno">  468</span>&#160;        }</div>
+<div class="line"><a name="l00469"></a><span class="lineno">  469</span>&#160;    }</div>
+<div class="line"><a name="l00470"></a><span class="lineno">  470</span>&#160;    <span class="keywordflow">else</span> <span class="keywordflow">if</span> (extType == <a class="code" href="classSVF_1_1AbstractExecution.html#a442fb8eda087f72aa61816213dea43afac9539311eec734c966b719990e869b12">STRCPY</a>)</div>
+<div class="line"><a name="l00471"></a><span class="lineno">  471</span>&#160;    {</div>
+<div class="line"><a name="l00472"></a><span class="lineno">  472</span>&#160;        <a class="code" href="classSVF_1_1BufOverflowChecker.html#ad8b2f2fa6f22b9d1655135c819cbad8a">detectStrcpy</a>(call);</div>
+<div class="line"><a name="l00473"></a><span class="lineno">  473</span>&#160;    }</div>
+<div class="line"><a name="l00474"></a><span class="lineno">  474</span>&#160;    <span class="keywordflow">else</span> <span class="keywordflow">if</span> (extType == <a class="code" href="classSVF_1_1AbstractExecution.html#a442fb8eda087f72aa61816213dea43afadcda19decab7b2d85523b1fdbceb23e6">STRCAT</a>)</div>
+<div class="line"><a name="l00475"></a><span class="lineno">  475</span>&#160;    {</div>
+<div class="line"><a name="l00476"></a><span class="lineno">  476</span>&#160;        <a class="code" href="classSVF_1_1BufOverflowChecker.html#aa68f8aef09481d7c07dc59d7dfb83822">detectStrcat</a>(call);</div>
+<div class="line"><a name="l00477"></a><span class="lineno">  477</span>&#160;    }</div>
+<div class="line"><a name="l00478"></a><span class="lineno">  478</span>&#160;    <span class="keywordflow">else</span></div>
+<div class="line"><a name="l00479"></a><span class="lineno">  479</span>&#160;    {</div>
+<div class="line"><a name="l00480"></a><span class="lineno">  480</span>&#160; </div>
+<div class="line"><a name="l00481"></a><span class="lineno">  481</span>&#160;    }</div>
+<div class="line"><a name="l00482"></a><span class="lineno">  482</span>&#160;    <span class="keywordflow">return</span>;</div>
+<div class="line"><a name="l00483"></a><span class="lineno">  483</span>&#160;}</div>
+</div><!-- fragment -->
 </div>
 </div>
 <a id="afa6b30220b0b3261205a909def9ca44e"></a>
@@ -421,16 +766,15 @@ Additional Inherited Members</h2></td></tr>
 <div class="line"><a name="l00068"></a><span class="lineno">   68</span>&#160;        <span class="keywordflow">for</span> (<a class="code" href="namespaceSVF.html#a43a65e0d33af3c743294f7a1139d2301">NodeID</a> addrID: <a class="code" href="classSVF_1_1AbstractExecution.html#a5e24bceb3d6961117651dbc65e9a097a">_svfir2ExeState</a>-&gt;<a class="code" href="classSVF_1_1SVFIR2ItvExeState.html#a48fec38aad1c2a9a140ee94e9fdd7e9b">getAddrs</a>(gep-&gt;getLHSVarID()))</div>
 <div class="line"><a name="l00069"></a><span class="lineno">   69</span>&#160;        {</div>
 <div class="line"><a name="l00070"></a><span class="lineno">   70</span>&#160;            <a class="code" href="namespaceSVF.html#a43a65e0d33af3c743294f7a1139d2301">NodeID</a> objId = <a class="code" href="classSVF_1_1AbstractExecution.html#a5e24bceb3d6961117651dbc65e9a097a">_svfir2ExeState</a>-&gt;<a class="code" href="classSVF_1_1SVFIR2ItvExeState.html#a66c426719f583653cb70189f01d6fda5">getInternalID</a>(addrID);</div>
-<div class="line"><a name="l00071"></a><span class="lineno">   71</span>&#160;            <span class="keywordflow">if</span> (<span class="keyword">auto</span>* extapi = SVFUtil::dyn_cast&lt;BufOverflowCheckerAPI&gt;(<a class="code" href="classSVF_1_1AbstractExecution.html#a26f8c21bd96ae22ca2e72af6fbfa410c">_api</a>))</div>
-<div class="line"><a name="l00072"></a><span class="lineno">   72</span>&#160;                extapi-&gt;_addrToGep[objId] = gep;</div>
-<div class="line"><a name="l00073"></a><span class="lineno">   73</span>&#160;        }</div>
-<div class="line"><a name="l00074"></a><span class="lineno">   74</span>&#160;    }</div>
-<div class="line"><a name="l00075"></a><span class="lineno">   75</span>&#160;}</div>
+<div class="line"><a name="l00071"></a><span class="lineno">   71</span>&#160;            <a class="code" href="classSVF_1_1BufOverflowChecker.html#a0088456e712c555cbfba6203aec38037">_addrToGep</a>[objId] = gep;</div>
+<div class="line"><a name="l00072"></a><span class="lineno">   72</span>&#160;        }</div>
+<div class="line"><a name="l00073"></a><span class="lineno">   73</span>&#160;    }</div>
+<div class="line"><a name="l00074"></a><span class="lineno">   74</span>&#160;}</div>
 </div><!-- fragment -->
 </div>
 </div>
-<a id="a4787d2e56aa374763656b7942f0ed52f"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#a4787d2e56aa374763656b7942f0ed52f">&#9670;&nbsp;</a></span>initExtAPI()</h2>
+<a id="aed959fce840cbea32d3567ee1ac01e82"></a>
+<h2 class="memtitle"><span class="permalink"><a href="#aed959fce840cbea32d3567ee1ac01e82">&#9670;&nbsp;</a></span>initExtAPIBufOverflowCheckRules()</h2>
 <div class="memitem">
 <div class="memproto">
@@ -439,7 +783,7 @@ Additional Inherited Members</h2></td></tr>
   <td class="mlabels-left">
       <table class="memname">
         <tr>
-          <td class="memname">void SVF::BufOverflowChecker::initExtAPI </td>
+          <td class="memname">void SVF::BufOverflowChecker::initExtAPIBufOverflowCheckRules </td>
           <td>(</td>
           <td class="paramname"></td><td>)</td>
           <td></td>
@@ -447,23 +791,356 @@ Additional Inherited Members</h2></td></tr>
       </table>
   </td>
   <td class="mlabels-right">
-<span class="mlabels"><span class="mlabel">inline</span><span class="mlabel">override</span><span class="mlabel">virtual</span></span>  </td>
+<span class="mlabels"><span class="mlabel">protected</span></span>  </td>
   </tr>
 </table>
 </div><div class="memdoc">
+<p>the map of ext apis of buffer overflow checking rules</p>
+<p>it initialize the rules of extapis about buffer overflow checking e.g. memcpy(dst, src, sz) -&gt; we check allocSize(dst)&gt;=sz and allocSize(src)&gt;=sz </p>
-<p>Reimplemented from <a class="el" href="classSVF_1_1AbstractExecution.html#a4bf7be47ddc0ba53ec4a5e87f300763f">SVF::AbstractExecution</a>.</p>
+<p class="definition">Definition at line <a class="el" href="BufOverflowChecker_8cpp_source.html#l00076">76</a> of file <a class="el" href="BufOverflowChecker_8cpp_source.html">BufOverflowChecker.cpp</a>.</p>
+<div class="fragment"><div class="line"><a name="l00077"></a><span class="lineno">   77</span>&#160;{</div>
+<div class="line"><a name="l00078"></a><span class="lineno">   78</span>&#160;    <span class="comment">//void llvm_memcpy_p0i8_p0i8_i64(char* dst, char* src, int sz, int flag){}</span></div>
+<div class="line"><a name="l00079"></a><span class="lineno">   79</span>&#160;    <a class="code" href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">_extAPIBufOverflowCheckRules</a>[<span class="stringliteral">&quot;llvm_memcpy_p0i8_p0i8_i64&quot;</span>] = {{0, 2}, {1,2}};</div>
+<div class="line"><a name="l00080"></a><span class="lineno">   80</span>&#160;    <span class="comment">//void llvm_memcpy_p0_p0_i64(char* dst, char* src, int sz, int flag){}</span></div>
+<div class="line"><a name="l00081"></a><span class="lineno">   81</span>&#160;    <a class="code" href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">_extAPIBufOverflowCheckRules</a>[<span class="stringliteral">&quot;llvm_memcpy_p0_p0_i64&quot;</span>] = {{0, 2}, {1,2}};</div>
+<div class="line"><a name="l00082"></a><span class="lineno">   82</span>&#160;    <span class="comment">//void llvm_memcpy_p0i8_p0i8_i32(char* dst, char* src, int sz, int flag){}</span></div>
+<div class="line"><a name="l00083"></a><span class="lineno">   83</span>&#160;    <a class="code" href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">_extAPIBufOverflowCheckRules</a>[<span class="stringliteral">&quot;llvm_memcpy_p0i8_p0i8_i32&quot;</span>] = {{0, 2}, {1,2}};</div>
+<div class="line"><a name="l00084"></a><span class="lineno">   84</span>&#160;    <span class="comment">//void llvm_memcpy(char* dst, char* src, int sz, int flag){}</span></div>
+<div class="line"><a name="l00085"></a><span class="lineno">   85</span>&#160;    <a class="code" href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">_extAPIBufOverflowCheckRules</a>[<span class="stringliteral">&quot;llvm_memcpy&quot;</span>] = {{0, 2}, {1,2}};</div>
+<div class="line"><a name="l00086"></a><span class="lineno">   86</span>&#160;    <span class="comment">//void llvm_memmove(char* dst, char* src, int sz, int flag){}</span></div>
+<div class="line"><a name="l00087"></a><span class="lineno">   87</span>&#160;    <a class="code" href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">_extAPIBufOverflowCheckRules</a>[<span class="stringliteral">&quot;llvm_memmove&quot;</span>] = {{0, 2}, {1,2}};</div>
+<div class="line"><a name="l00088"></a><span class="lineno">   88</span>&#160;    <span class="comment">//void llvm_memmove_p0i8_p0i8_i64(char* dst, char* src, int sz, int flag){}</span></div>
+<div class="line"><a name="l00089"></a><span class="lineno">   89</span>&#160;    <a class="code" href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">_extAPIBufOverflowCheckRules</a>[<span class="stringliteral">&quot;llvm_memmove_p0i8_p0i8_i64&quot;</span>] = {{0, 2}, {1,2}};</div>
+<div class="line"><a name="l00090"></a><span class="lineno">   90</span>&#160;    <span class="comment">//void llvm_memmove_p0_p0_i64(char* dst, char* src, int sz, int flag){}</span></div>
+<div class="line"><a name="l00091"></a><span class="lineno">   91</span>&#160;    <a class="code" href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">_extAPIBufOverflowCheckRules</a>[<span class="stringliteral">&quot;llvm_memmove_p0_p0_i64&quot;</span>] = {{0, 2}, {1,2}};</div>
+<div class="line"><a name="l00092"></a><span class="lineno">   92</span>&#160;    <span class="comment">//void llvm_memmove_p0i8_p0i8_i32(char* dst, char* src, int sz, int flag){}</span></div>
+<div class="line"><a name="l00093"></a><span class="lineno">   93</span>&#160;    <a class="code" href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">_extAPIBufOverflowCheckRules</a>[<span class="stringliteral">&quot;llvm_memmove_p0i8_p0i8_i32&quot;</span>] = {{0, 2}, {1,2}};</div>
+<div class="line"><a name="l00094"></a><span class="lineno">   94</span>&#160;    <span class="comment">//void __memcpy_chk(char* dst, char* src, int sz, int flag){}</span></div>
+<div class="line"><a name="l00095"></a><span class="lineno">   95</span>&#160;    <a class="code" href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">_extAPIBufOverflowCheckRules</a>[<span class="stringliteral">&quot;__memcpy_chk&quot;</span>] = {{0, 2}, {1,2}};</div>
+<div class="line"><a name="l00096"></a><span class="lineno">   96</span>&#160;    <span class="comment">//void *memmove(void *str1, const void *str2, unsigned long n)</span></div>
+<div class="line"><a name="l00097"></a><span class="lineno">   97</span>&#160;    <a class="code" href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">_extAPIBufOverflowCheckRules</a>[<span class="stringliteral">&quot;memmove&quot;</span>] = {{0, 2}, {1,2}};</div>
+<div class="line"><a name="l00098"></a><span class="lineno">   98</span>&#160;    <span class="comment">//void bcopy(const void *s1, void *s2, unsigned long n){}</span></div>
+<div class="line"><a name="l00099"></a><span class="lineno">   99</span>&#160;    <a class="code" href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">_extAPIBufOverflowCheckRules</a>[<span class="stringliteral">&quot;bcopy&quot;</span>] = {{0, 2}, {1,2}};</div>
+<div class="line"><a name="l00100"></a><span class="lineno">  100</span>&#160;    <span class="comment">//void *memccpy( void * restrict dest, const void * restrict src, int c, unsigned long count)</span></div>
+<div class="line"><a name="l00101"></a><span class="lineno">  101</span>&#160;    <a class="code" href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">_extAPIBufOverflowCheckRules</a>[<span class="stringliteral">&quot;memccpy&quot;</span>] = {{0, 3}, {1,3}};</div>
+<div class="line"><a name="l00102"></a><span class="lineno">  102</span>&#160;    <span class="comment">//void __memmove_chk(char* dst, char* src, int sz){}</span></div>
+<div class="line"><a name="l00103"></a><span class="lineno">  103</span>&#160;    <a class="code" href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">_extAPIBufOverflowCheckRules</a>[<span class="stringliteral">&quot;__memmove_chk&quot;</span>] = {{0, 2}, {1,2}};</div>
+<div class="line"><a name="l00104"></a><span class="lineno">  104</span>&#160;    <span class="comment">//void llvm_memset(char* dst, char elem, int sz, int flag){}</span></div>
+<div class="line"><a name="l00105"></a><span class="lineno">  105</span>&#160;    <a class="code" href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">_extAPIBufOverflowCheckRules</a>[<span class="stringliteral">&quot;llvm_memset&quot;</span>] = {{0, 2}};</div>
+<div class="line"><a name="l00106"></a><span class="lineno">  106</span>&#160;    <span class="comment">//void llvm_memset_p0i8_i32(char* dst, char elem, int sz, int flag){}</span></div>
+<div class="line"><a name="l00107"></a><span class="lineno">  107</span>&#160;    <a class="code" href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">_extAPIBufOverflowCheckRules</a>[<span class="stringliteral">&quot;llvm_memset_p0i8_i32&quot;</span>] = {{0, 2}};</div>
+<div class="line"><a name="l00108"></a><span class="lineno">  108</span>&#160;    <span class="comment">//void llvm_memset_p0i8_i64(char* dst, char elem, int sz, int flag){}</span></div>
+<div class="line"><a name="l00109"></a><span class="lineno">  109</span>&#160;    <a class="code" href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">_extAPIBufOverflowCheckRules</a>[<span class="stringliteral">&quot;llvm_memset_p0i8_i64&quot;</span>] = {{0, 2}};</div>
+<div class="line"><a name="l00110"></a><span class="lineno">  110</span>&#160;    <span class="comment">//void llvm_memset_p0_i64(char* dst, char elem, int sz, int flag){}</span></div>
+<div class="line"><a name="l00111"></a><span class="lineno">  111</span>&#160;    <a class="code" href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">_extAPIBufOverflowCheckRules</a>[<span class="stringliteral">&quot;llvm_memset_p0_i64&quot;</span>] = {{0, 2}};</div>
+<div class="line"><a name="l00112"></a><span class="lineno">  112</span>&#160;    <span class="comment">//char *__memset_chk(char * dest, int c, unsigned long destlen, int flag)</span></div>
+<div class="line"><a name="l00113"></a><span class="lineno">  113</span>&#160;    <a class="code" href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">_extAPIBufOverflowCheckRules</a>[<span class="stringliteral">&quot;__memset_chk&quot;</span>] = {{0, 2}};</div>
+<div class="line"><a name="l00114"></a><span class="lineno">  114</span>&#160;    <span class="comment">//char *wmemset(wchar_t * dst, wchar_t elem, int sz, int flag) {</span></div>
+<div class="line"><a name="l00115"></a><span class="lineno">  115</span>&#160;    <a class="code" href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">_extAPIBufOverflowCheckRules</a>[<span class="stringliteral">&quot;wmemset&quot;</span>] = {{0, 2}};</div>
+<div class="line"><a name="l00116"></a><span class="lineno">  116</span>&#160;    <span class="comment">//char *strncpy(char *dest, const char *src, unsigned long n)</span></div>
+<div class="line"><a name="l00117"></a><span class="lineno">  117</span>&#160;    <a class="code" href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">_extAPIBufOverflowCheckRules</a>[<span class="stringliteral">&quot;strncpy&quot;</span>] = {{0, 2}, {1,2}};</div>
+<div class="line"><a name="l00118"></a><span class="lineno">  118</span>&#160;    <span class="comment">//unsigned long iconv(void* cd, char **restrict inbuf, unsigned long *restrict inbytesleft, char **restrict outbuf, unsigned long *restrict outbytesleft)</span></div>
+<div class="line"><a name="l00119"></a><span class="lineno">  119</span>&#160;    <a class="code" href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">_extAPIBufOverflowCheckRules</a>[<span class="stringliteral">&quot;iconv&quot;</span>] = {{1, 2}, {3, 4}};</div>
+<div class="line"><a name="l00120"></a><span class="lineno">  120</span>&#160;}</div>
+</div><!-- fragment -->
+</div>
+</div>
+<a id="af0e2276001df7d51c45b22d5d11ca09b"></a>
+<h2 class="memtitle"><span class="permalink"><a href="#af0e2276001df7d51c45b22d5d11ca09b">&#9670;&nbsp;</a></span>initExtFunMap()</h2>
-<p class="definition">Definition at line <a class="el" href="BufOverflowChecker_8h_source.html#l00188">188</a> of file <a class="el" href="BufOverflowChecker_8h_source.html">BufOverflowChecker.h</a>.</p>
-<div class="fragment"><div class="line"><a name="l00189"></a><span class="lineno">  189</span>&#160;    {</div>
-<div class="line"><a name="l00190"></a><span class="lineno">  190</span>&#160;        <a class="code" href="classSVF_1_1AbstractExecution.html#a26f8c21bd96ae22ca2e72af6fbfa410c">_api</a> = <span class="keyword">new</span> <a class="code" href="classSVF_1_1BufOverflowChecker.html#a563fed00ad732985dbe7a7e2c6525e6a">BufOverflowCheckerAPI</a>(<span class="keyword">this</span>, <a class="code" href="classSVF_1_1AbstractExecution.html#a74a55a4d4941c85bdfed81f060049bf0">_stat</a>);</div>
-<div class="line"><a name="l00191"></a><span class="lineno">  191</span>&#160;    }</div>
+<div class="memitem">
+<div class="memproto">
+<table class="mlabels">
+  <tr>
+  <td class="mlabels-left">
+      <table class="memname">
+        <tr>
+          <td class="memname">void SVF::BufOverflowChecker::initExtFunMap </td>
+          <td>(</td>
+          <td class="paramname"></td><td>)</td>
+          <td></td>
+        </tr>
+      </table>
+  </td>
+  <td class="mlabels-right">
+<span class="mlabels"><span class="mlabel">override</span><span class="mlabel">protected</span><span class="mlabel">virtual</span></span>  </td>
+  </tr>
+</table>
+</div><div class="memdoc">
+<p>the map of external function to its API type</p>
+<p>it initialize the ext apis about buffer overflow checking </p>
+<p>Reimplemented from <a class="el" href="classSVF_1_1AbstractExecution.html#a5715b1a5994715f19b17687b9e91d7c8">SVF::AbstractExecution</a>.</p>
+<p class="definition">Definition at line <a class="el" href="BufOverflowChecker_8cpp_source.html#l00133">133</a> of file <a class="el" href="BufOverflowChecker_8cpp_source.html">BufOverflowChecker.cpp</a>.</p>
+<div class="fragment"><div class="line"><a name="l00134"></a><span class="lineno">  134</span>&#160;{</div>
+<div class="line"><a name="l00135"></a><span class="lineno">  135</span>&#160; </div>
+<div class="line"><a name="l00136"></a><span class="lineno">  136</span>&#160;    <span class="keyword">auto</span> sse_scanf = [&amp;](<span class="keyword">const</span> CallSite &amp;cs)</div>
+<div class="line"><a name="l00137"></a><span class="lineno">  137</span>&#160;    {</div>
+<div class="line"><a name="l00138"></a><span class="lineno">  138</span>&#160;        <span class="comment">//scanf(&quot;%d&quot;, &amp;data);</span></div>
+<div class="line"><a name="l00139"></a><span class="lineno">  139</span>&#160;        <span class="keywordflow">if</span> (cs.arg_size() &lt; 2) <span class="keywordflow">return</span>;</div>
+<div class="line"><a name="l00140"></a><span class="lineno">  140</span>&#160;        IntervalExeState &amp;es = <a class="code" href="classSVF_1_1AbstractExecution.html#a5e24bceb3d6961117651dbc65e9a097a">_svfir2ExeState</a>-&gt;<a class="code" href="classSVF_1_1SVFIR2ItvExeState.html#a56434326130c8127c823097ad764947b">getEs</a>();</div>
+<div class="line"><a name="l00141"></a><span class="lineno">  141</span>&#160;        <a class="code" href="CommandLine_8h.html#a2429346d37bd4c40889bd7c6d319d9da">u32_t</a> dst_id = <a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1IRGraph.html#a43514023a4f4d0c32f536f51443b0efc">getValueNode</a>(cs.getArgument(1));</div>
+<div class="line"><a name="l00142"></a><span class="lineno">  142</span>&#160;        <span class="keywordflow">if</span> (!<a class="code" href="classSVF_1_1AbstractExecution.html#a5e24bceb3d6961117651dbc65e9a097a">_svfir2ExeState</a>-&gt;<a class="code" href="classSVF_1_1SVFIR2ItvExeState.html#a999c358b80dd07591b0432eaa41c20c9">inVarToAddrsTable</a>(dst_id))</div>
+<div class="line"><a name="l00143"></a><span class="lineno">  143</span>&#160;        {</div>
+<div class="line"><a name="l00144"></a><span class="lineno">  144</span>&#160;            BufOverflowException bug(<span class="stringliteral">&quot;scanf may cause buffer overflow.\n&quot;</span>, 0, 0, 0, 0, cs.getArgument(1));</div>
+<div class="line"><a name="l00145"></a><span class="lineno">  145</span>&#160;            <a class="code" href="classSVF_1_1BufOverflowChecker.html#a7c11b81809cb087317cbea654a589f75">addBugToRecoder</a>(bug, <a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1SVFIR.html#abda052b73e869ed6d7c139ad1528da11">getICFG</a>()-&gt;<a class="code" href="classSVF_1_1ICFG.html#a5f2c0aaba07d6fdd63058da0fb60ca8b">getICFGNode</a>(cs.getInstruction()));</div>
+<div class="line"><a name="l00146"></a><span class="lineno">  146</span>&#160;            <span class="keywordflow">return</span>;</div>
+<div class="line"><a name="l00147"></a><span class="lineno">  147</span>&#160;        }</div>
+<div class="line"><a name="l00148"></a><span class="lineno">  148</span>&#160;        <span class="keywordflow">else</span></div>
+<div class="line"><a name="l00149"></a><span class="lineno">  149</span>&#160;        {</div>
+<div class="line"><a name="l00150"></a><span class="lineno">  150</span>&#160;            <a class="code" href="classSVF_1_1ExeState.html#a78038dd4884a501cfc94f073021eac96">ExeState::Addrs</a> Addrs = <a class="code" href="classSVF_1_1AbstractExecution.html#a5e24bceb3d6961117651dbc65e9a097a">_svfir2ExeState</a>-&gt;<a class="code" href="classSVF_1_1SVFIR2ItvExeState.html#a48fec38aad1c2a9a140ee94e9fdd7e9b">getAddrs</a>(dst_id);</div>
+<div class="line"><a name="l00151"></a><span class="lineno">  151</span>&#160;            <span class="keywordflow">for</span> (<span class="keyword">auto</span> vaddr: Addrs)</div>
+<div class="line"><a name="l00152"></a><span class="lineno">  152</span>&#160;            {</div>
+<div class="line"><a name="l00153"></a><span class="lineno">  153</span>&#160;                <a class="code" href="CommandLine_8h.html#a2429346d37bd4c40889bd7c6d319d9da">u32_t</a> objId = <a class="code" href="classSVF_1_1AbstractExecution.html#a5e24bceb3d6961117651dbc65e9a097a">_svfir2ExeState</a>-&gt;<a class="code" href="classSVF_1_1SVFIR2ItvExeState.html#a66c426719f583653cb70189f01d6fda5">getInternalID</a>(vaddr);</div>
+<div class="line"><a name="l00154"></a><span class="lineno">  154</span>&#160;                IntervalValue range = <a class="code" href="classSVF_1_1AbstractExecution.html#a5e24bceb3d6961117651dbc65e9a097a">_svfir2ExeState</a>-&gt;<a class="code" href="classSVF_1_1SVFIR2ItvExeState.html#afbb9ff1f2c47d2afda117bf63a80a1a7">getRangeLimitFromType</a>(<a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1GenericGraph.html#a43c9c773bfa17abf481c33073e30d01b">getGNode</a>(objId)-&gt;<a class="code" href="classSVF_1_1SVFVar.html#ab6f95d3e7e099d75cfc9645ebc037047">getType</a>());</div>
+<div class="line"><a name="l00155"></a><span class="lineno">  155</span>&#160;                es.store(vaddr, range);</div>
+<div class="line"><a name="l00156"></a><span class="lineno">  156</span>&#160;            }</div>
+<div class="line"><a name="l00157"></a><span class="lineno">  157</span>&#160;        }</div>
+<div class="line"><a name="l00158"></a><span class="lineno">  158</span>&#160;    };</div>
+<div class="line"><a name="l00159"></a><span class="lineno">  159</span>&#160;    <span class="keyword">auto</span> sse_fscanf = [&amp;](<span class="keyword">const</span> CallSite &amp;cs)</div>
+<div class="line"><a name="l00160"></a><span class="lineno">  160</span>&#160;    {</div>
+<div class="line"><a name="l00161"></a><span class="lineno">  161</span>&#160;        <span class="comment">//fscanf(stdin, &quot;%d&quot;, &amp;data);</span></div>
+<div class="line"><a name="l00162"></a><span class="lineno">  162</span>&#160;        <span class="keywordflow">if</span> (cs.arg_size() &lt; 3) <span class="keywordflow">return</span>;</div>
+<div class="line"><a name="l00163"></a><span class="lineno">  163</span>&#160;        IntervalExeState &amp;es = <a class="code" href="classSVF_1_1AbstractExecution.html#a5e24bceb3d6961117651dbc65e9a097a">_svfir2ExeState</a>-&gt;<a class="code" href="classSVF_1_1SVFIR2ItvExeState.html#a56434326130c8127c823097ad764947b">getEs</a>();</div>
+<div class="line"><a name="l00164"></a><span class="lineno">  164</span>&#160;        <a class="code" href="CommandLine_8h.html#a2429346d37bd4c40889bd7c6d319d9da">u32_t</a> dst_id = <a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1IRGraph.html#a43514023a4f4d0c32f536f51443b0efc">getValueNode</a>(cs.getArgument(2));</div>
+<div class="line"><a name="l00165"></a><span class="lineno">  165</span>&#160;        <span class="keywordflow">if</span> (!<a class="code" href="classSVF_1_1AbstractExecution.html#a5e24bceb3d6961117651dbc65e9a097a">_svfir2ExeState</a>-&gt;<a class="code" href="classSVF_1_1SVFIR2ItvExeState.html#a999c358b80dd07591b0432eaa41c20c9">inVarToAddrsTable</a>(dst_id))</div>
+<div class="line"><a name="l00166"></a><span class="lineno">  166</span>&#160;        {</div>
+<div class="line"><a name="l00167"></a><span class="lineno">  167</span>&#160;            BufOverflowException bug(<span class="stringliteral">&quot;scanf may cause buffer overflow.\n&quot;</span>, 0, 0, 0, 0, cs.getArgument(2));</div>
+<div class="line"><a name="l00168"></a><span class="lineno">  168</span>&#160;            <a class="code" href="classSVF_1_1BufOverflowChecker.html#a7c11b81809cb087317cbea654a589f75">addBugToRecoder</a>(bug, <a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1SVFIR.html#abda052b73e869ed6d7c139ad1528da11">getICFG</a>()-&gt;<a class="code" href="classSVF_1_1ICFG.html#a5f2c0aaba07d6fdd63058da0fb60ca8b">getICFGNode</a>(cs.getInstruction()));</div>
+<div class="line"><a name="l00169"></a><span class="lineno">  169</span>&#160;            <span class="keywordflow">return</span>;</div>
+<div class="line"><a name="l00170"></a><span class="lineno">  170</span>&#160;        }</div>
+<div class="line"><a name="l00171"></a><span class="lineno">  171</span>&#160;        <span class="keywordflow">else</span></div>
+<div class="line"><a name="l00172"></a><span class="lineno">  172</span>&#160;        {</div>
+<div class="line"><a name="l00173"></a><span class="lineno">  173</span>&#160;            <a class="code" href="classSVF_1_1ExeState.html#a78038dd4884a501cfc94f073021eac96">ExeState::Addrs</a> Addrs = <a class="code" href="classSVF_1_1AbstractExecution.html#a5e24bceb3d6961117651dbc65e9a097a">_svfir2ExeState</a>-&gt;<a class="code" href="classSVF_1_1SVFIR2ItvExeState.html#a48fec38aad1c2a9a140ee94e9fdd7e9b">getAddrs</a>(dst_id);</div>
+<div class="line"><a name="l00174"></a><span class="lineno">  174</span>&#160;            <span class="keywordflow">for</span> (<span class="keyword">auto</span> vaddr: Addrs)</div>
+<div class="line"><a name="l00175"></a><span class="lineno">  175</span>&#160;            {</div>
+<div class="line"><a name="l00176"></a><span class="lineno">  176</span>&#160;                <a class="code" href="CommandLine_8h.html#a2429346d37bd4c40889bd7c6d319d9da">u32_t</a> objId = <a class="code" href="classSVF_1_1AbstractExecution.html#a5e24bceb3d6961117651dbc65e9a097a">_svfir2ExeState</a>-&gt;<a class="code" href="classSVF_1_1SVFIR2ItvExeState.html#a66c426719f583653cb70189f01d6fda5">getInternalID</a>(vaddr);</div>
+<div class="line"><a name="l00177"></a><span class="lineno">  177</span>&#160;                IntervalValue range = <a class="code" href="classSVF_1_1AbstractExecution.html#a5e24bceb3d6961117651dbc65e9a097a">_svfir2ExeState</a>-&gt;<a class="code" href="classSVF_1_1SVFIR2ItvExeState.html#afbb9ff1f2c47d2afda117bf63a80a1a7">getRangeLimitFromType</a>(<a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1GenericGraph.html#a43c9c773bfa17abf481c33073e30d01b">getGNode</a>(objId)-&gt;<a class="code" href="classSVF_1_1SVFVar.html#ab6f95d3e7e099d75cfc9645ebc037047">getType</a>());</div>
+<div class="line"><a name="l00178"></a><span class="lineno">  178</span>&#160;                es.store(vaddr, range);</div>
+<div class="line"><a name="l00179"></a><span class="lineno">  179</span>&#160;            }</div>
+<div class="line"><a name="l00180"></a><span class="lineno">  180</span>&#160;        }</div>
+<div class="line"><a name="l00181"></a><span class="lineno">  181</span>&#160;    };</div>
+<div class="line"><a name="l00182"></a><span class="lineno">  182</span>&#160; </div>
+<div class="line"><a name="l00183"></a><span class="lineno">  183</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a>[<span class="stringliteral">&quot;__isoc99_fscanf&quot;</span>] = sse_fscanf;</div>
+<div class="line"><a name="l00184"></a><span class="lineno">  184</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a>[<span class="stringliteral">&quot;__isoc99_scanf&quot;</span>] = sse_scanf;</div>
+<div class="line"><a name="l00185"></a><span class="lineno">  185</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a>[<span class="stringliteral">&quot;__isoc99_vscanf&quot;</span>] = sse_scanf;</div>
+<div class="line"><a name="l00186"></a><span class="lineno">  186</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a>[<span class="stringliteral">&quot;fscanf&quot;</span>] = sse_fscanf;</div>
+<div class="line"><a name="l00187"></a><span class="lineno">  187</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a>[<span class="stringliteral">&quot;scanf&quot;</span>] = sse_scanf;</div>
+<div class="line"><a name="l00188"></a><span class="lineno">  188</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a>[<span class="stringliteral">&quot;sscanf&quot;</span>] = sse_scanf;</div>
+<div class="line"><a name="l00189"></a><span class="lineno">  189</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a>[<span class="stringliteral">&quot;__isoc99_sscanf&quot;</span>] = sse_scanf;</div>
+<div class="line"><a name="l00190"></a><span class="lineno">  190</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a>[<span class="stringliteral">&quot;vscanf&quot;</span>] = sse_scanf;</div>
+<div class="line"><a name="l00191"></a><span class="lineno">  191</span>&#160; </div>
+<div class="line"><a name="l00192"></a><span class="lineno">  192</span>&#160;    <span class="keyword">auto</span> sse_fread = [&amp;](<span class="keyword">const</span> CallSite &amp;cs)</div>
+<div class="line"><a name="l00193"></a><span class="lineno">  193</span>&#160;    {</div>
+<div class="line"><a name="l00194"></a><span class="lineno">  194</span>&#160;        <span class="keywordflow">if</span> (cs.arg_size() &lt; 3) <span class="keywordflow">return</span>;</div>
+<div class="line"><a name="l00195"></a><span class="lineno">  195</span>&#160;        IntervalExeState &amp;es = <a class="code" href="classSVF_1_1AbstractExecution.html#a5e24bceb3d6961117651dbc65e9a097a">_svfir2ExeState</a>-&gt;<a class="code" href="classSVF_1_1SVFIR2ItvExeState.html#a56434326130c8127c823097ad764947b">getEs</a>();</div>
+<div class="line"><a name="l00196"></a><span class="lineno">  196</span>&#160;        <a class="code" href="CommandLine_8h.html#a2429346d37bd4c40889bd7c6d319d9da">u32_t</a> block_count_id = <a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1IRGraph.html#a43514023a4f4d0c32f536f51443b0efc">getValueNode</a>(cs.getArgument(2));</div>
+<div class="line"><a name="l00197"></a><span class="lineno">  197</span>&#160;        <a class="code" href="CommandLine_8h.html#a2429346d37bd4c40889bd7c6d319d9da">u32_t</a> block_size_id = <a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1IRGraph.html#a43514023a4f4d0c32f536f51443b0efc">getValueNode</a>(cs.getArgument(1));</div>
+<div class="line"><a name="l00198"></a><span class="lineno">  198</span>&#160;        IntervalValue block_count = es[block_count_id];</div>
+<div class="line"><a name="l00199"></a><span class="lineno">  199</span>&#160;        IntervalValue block_size = es[block_size_id];</div>
+<div class="line"><a name="l00200"></a><span class="lineno">  200</span>&#160;        IntervalValue block_byte = block_count * block_size;</div>
+<div class="line"><a name="l00201"></a><span class="lineno">  201</span>&#160;        <a class="code" href="classSVF_1_1BufOverflowChecker.html#ace5ad1d6a63d5392044fee2ecbc9236e">canSafelyAccessMemory</a>(cs.getArgument(0), block_byte, <a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1SVFIR.html#abda052b73e869ed6d7c139ad1528da11">getICFG</a>()-&gt;<a class="code" href="classSVF_1_1ICFG.html#a5f2c0aaba07d6fdd63058da0fb60ca8b">getICFGNode</a>(cs.getInstruction()));</div>
+<div class="line"><a name="l00202"></a><span class="lineno">  202</span>&#160;    };</div>
+<div class="line"><a name="l00203"></a><span class="lineno">  203</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a>[<span class="stringliteral">&quot;fread&quot;</span>] = sse_fread;</div>
+<div class="line"><a name="l00204"></a><span class="lineno">  204</span>&#160; </div>
+<div class="line"><a name="l00205"></a><span class="lineno">  205</span>&#160;    <span class="keyword">auto</span> sse_sprintf = [&amp;](<span class="keyword">const</span> CallSite &amp;cs)</div>
+<div class="line"><a name="l00206"></a><span class="lineno">  206</span>&#160;    {</div>
+<div class="line"><a name="l00207"></a><span class="lineno">  207</span>&#160;        <span class="comment">// printf is difficult to predict since it has no byte size arguments</span></div>
+<div class="line"><a name="l00208"></a><span class="lineno">  208</span>&#160;    };</div>
+<div class="line"><a name="l00209"></a><span class="lineno">  209</span>&#160; </div>
+<div class="line"><a name="l00210"></a><span class="lineno">  210</span>&#160;    <span class="keyword">auto</span> sse_snprintf = [&amp;](<span class="keyword">const</span> CallSite &amp;cs)</div>
+<div class="line"><a name="l00211"></a><span class="lineno">  211</span>&#160;    {</div>
+<div class="line"><a name="l00212"></a><span class="lineno">  212</span>&#160;        <span class="keywordflow">if</span> (cs.arg_size() &lt; 2) <span class="keywordflow">return</span>;</div>
+<div class="line"><a name="l00213"></a><span class="lineno">  213</span>&#160;        IntervalExeState &amp;es = <a class="code" href="classSVF_1_1AbstractExecution.html#a5e24bceb3d6961117651dbc65e9a097a">_svfir2ExeState</a>-&gt;<a class="code" href="classSVF_1_1SVFIR2ItvExeState.html#a56434326130c8127c823097ad764947b">getEs</a>();</div>
+<div class="line"><a name="l00214"></a><span class="lineno">  214</span>&#160;        <a class="code" href="CommandLine_8h.html#a2429346d37bd4c40889bd7c6d319d9da">u32_t</a> size_id = <a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1IRGraph.html#a43514023a4f4d0c32f536f51443b0efc">getValueNode</a>(cs.getArgument(1));</div>
+<div class="line"><a name="l00215"></a><span class="lineno">  215</span>&#160;        <a class="code" href="CommandLine_8h.html#a2429346d37bd4c40889bd7c6d319d9da">u32_t</a> dst_id = <a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1IRGraph.html#a43514023a4f4d0c32f536f51443b0efc">getValueNode</a>(cs.getArgument(0));</div>
+<div class="line"><a name="l00216"></a><span class="lineno">  216</span>&#160;        <span class="comment">// get elem size of arg2</span></div>
+<div class="line"><a name="l00217"></a><span class="lineno">  217</span>&#160;        <a class="code" href="CommandLine_8h.html#a2429346d37bd4c40889bd7c6d319d9da">u32_t</a> elemSize = 1;</div>
+<div class="line"><a name="l00218"></a><span class="lineno">  218</span>&#160;        <span class="keywordflow">if</span> (cs.getArgument(2)-&gt;getType()-&gt;isArrayTy())</div>
+<div class="line"><a name="l00219"></a><span class="lineno">  219</span>&#160;        {</div>
+<div class="line"><a name="l00220"></a><span class="lineno">  220</span>&#160;            elemSize = SVFUtil::dyn_cast&lt;SVFArrayType&gt;(cs.getArgument(2)-&gt;getType())-&gt;getTypeOfElement()-&gt;getByteSize();</div>
+<div class="line"><a name="l00221"></a><span class="lineno">  221</span>&#160;        }</div>
+<div class="line"><a name="l00222"></a><span class="lineno">  222</span>&#160;        <span class="keywordflow">else</span> <span class="keywordflow">if</span> (cs.getArgument(2)-&gt;getType()-&gt;isPointerTy())</div>
+<div class="line"><a name="l00223"></a><span class="lineno">  223</span>&#160;        {</div>
+<div class="line"><a name="l00224"></a><span class="lineno">  224</span>&#160;            elemSize = <a class="code" href="classSVF_1_1AbstractExecution.html#a888fd56160afe0d431c47bcf10674dc0">getPointeeElement</a>(<a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1IRGraph.html#a43514023a4f4d0c32f536f51443b0efc">getValueNode</a>(cs.getArgument(2)))-&gt;<a class="code" href="classSVF_1_1SVFType.html#a95b8031f1e15d49c7d68628be1d05aae">getByteSize</a>();</div>
+<div class="line"><a name="l00225"></a><span class="lineno">  225</span>&#160;        }</div>
+<div class="line"><a name="l00226"></a><span class="lineno">  226</span>&#160;        <span class="keywordflow">else</span></div>
+<div class="line"><a name="l00227"></a><span class="lineno">  227</span>&#160;        {</div>
+<div class="line"><a name="l00228"></a><span class="lineno">  228</span>&#160;            <span class="keywordflow">return</span>;</div>
+<div class="line"><a name="l00229"></a><span class="lineno">  229</span>&#160;            <span class="comment">// assert(false &amp;&amp; &quot;we cannot support this type&quot;);</span></div>
+<div class="line"><a name="l00230"></a><span class="lineno">  230</span>&#160;        }</div>
+<div class="line"><a name="l00231"></a><span class="lineno">  231</span>&#160;        IntervalValue size = es[size_id] * IntervalValue(elemSize) - IntervalValue(1);</div>
+<div class="line"><a name="l00232"></a><span class="lineno">  232</span>&#160;        <span class="keywordflow">if</span> (!es.inVarToAddrsTable(dst_id))</div>
+<div class="line"><a name="l00233"></a><span class="lineno">  233</span>&#160;        {</div>
+<div class="line"><a name="l00234"></a><span class="lineno">  234</span>&#160;            <span class="keywordflow">if</span> (<a class="code" href="classSVF_1_1Options.html#afbe432aabda95308e2c190a04d227a6d">Options::BufferOverflowCheck</a>())</div>
+<div class="line"><a name="l00235"></a><span class="lineno">  235</span>&#160;            {</div>
+<div class="line"><a name="l00236"></a><span class="lineno">  236</span>&#160;                BufOverflowException bug(</div>
+<div class="line"><a name="l00237"></a><span class="lineno">  237</span>&#160;                    <span class="stringliteral">&quot;snprintf dst_id or dst is not defined nor initializesd.\n&quot;</span>,</div>
+<div class="line"><a name="l00238"></a><span class="lineno">  238</span>&#160;                    0, 0, 0, 0, cs.getArgument(0));</div>
+<div class="line"><a name="l00239"></a><span class="lineno">  239</span>&#160;                <a class="code" href="classSVF_1_1BufOverflowChecker.html#a7c11b81809cb087317cbea654a589f75">addBugToRecoder</a>(bug, <a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1SVFIR.html#abda052b73e869ed6d7c139ad1528da11">getICFG</a>()-&gt;<a class="code" href="classSVF_1_1ICFG.html#a5f2c0aaba07d6fdd63058da0fb60ca8b">getICFGNode</a>(cs.getInstruction()));</div>
+<div class="line"><a name="l00240"></a><span class="lineno">  240</span>&#160;                <span class="keywordflow">return</span>;</div>
+<div class="line"><a name="l00241"></a><span class="lineno">  241</span>&#160;            }</div>
+<div class="line"><a name="l00242"></a><span class="lineno">  242</span>&#160;        }</div>
+<div class="line"><a name="l00243"></a><span class="lineno">  243</span>&#160;        <a class="code" href="classSVF_1_1BufOverflowChecker.html#ace5ad1d6a63d5392044fee2ecbc9236e">canSafelyAccessMemory</a>(cs.getArgument(0), size, <a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1SVFIR.html#abda052b73e869ed6d7c139ad1528da11">getICFG</a>()-&gt;<a class="code" href="classSVF_1_1ICFG.html#a5f2c0aaba07d6fdd63058da0fb60ca8b">getICFGNode</a>(cs.getInstruction()));</div>
+<div class="line"><a name="l00244"></a><span class="lineno">  244</span>&#160;    };</div>
+<div class="line"><a name="l00245"></a><span class="lineno">  245</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a>[<span class="stringliteral">&quot;__snprintf_chk&quot;</span>] = sse_snprintf;</div>
+<div class="line"><a name="l00246"></a><span class="lineno">  246</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a>[<span class="stringliteral">&quot;__vsprintf_chk&quot;</span>] = sse_sprintf;</div>
+<div class="line"><a name="l00247"></a><span class="lineno">  247</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a>[<span class="stringliteral">&quot;__sprintf_chk&quot;</span>] = sse_sprintf;</div>
+<div class="line"><a name="l00248"></a><span class="lineno">  248</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a>[<span class="stringliteral">&quot;snprintf&quot;</span>] = sse_snprintf;</div>
+<div class="line"><a name="l00249"></a><span class="lineno">  249</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a>[<span class="stringliteral">&quot;sprintf&quot;</span>] = sse_sprintf;</div>
+<div class="line"><a name="l00250"></a><span class="lineno">  250</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a>[<span class="stringliteral">&quot;vsprintf&quot;</span>] = sse_sprintf;</div>
+<div class="line"><a name="l00251"></a><span class="lineno">  251</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a>[<span class="stringliteral">&quot;vsnprintf&quot;</span>] = sse_snprintf;</div>
+<div class="line"><a name="l00252"></a><span class="lineno">  252</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a>[<span class="stringliteral">&quot;__vsnprintf_chk&quot;</span>] = sse_snprintf;</div>
+<div class="line"><a name="l00253"></a><span class="lineno">  253</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a>[<span class="stringliteral">&quot;swprintf&quot;</span>] = sse_snprintf;</div>
+<div class="line"><a name="l00254"></a><span class="lineno">  254</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a>[<span class="stringliteral">&quot;_snwprintf&quot;</span>] = sse_snprintf;</div>
+<div class="line"><a name="l00255"></a><span class="lineno">  255</span>&#160; </div>
+<div class="line"><a name="l00256"></a><span class="lineno">  256</span>&#160; </div>
+<div class="line"><a name="l00257"></a><span class="lineno">  257</span>&#160;    <span class="keyword">auto</span> sse_itoa = [&amp;](<span class="keyword">const</span> CallSite &amp;cs)</div>
+<div class="line"><a name="l00258"></a><span class="lineno">  258</span>&#160;    {</div>
+<div class="line"><a name="l00259"></a><span class="lineno">  259</span>&#160;        <span class="comment">// itoa(num, ch, 10);</span></div>
+<div class="line"><a name="l00260"></a><span class="lineno">  260</span>&#160;        <span class="comment">// num: int, ch: char*, 10 is decimal</span></div>
+<div class="line"><a name="l00261"></a><span class="lineno">  261</span>&#160;        <span class="keywordflow">if</span> (cs.arg_size() &lt; 3) <span class="keywordflow">return</span>;</div>
+<div class="line"><a name="l00262"></a><span class="lineno">  262</span>&#160;        IntervalExeState &amp;es = <a class="code" href="classSVF_1_1AbstractExecution.html#a5e24bceb3d6961117651dbc65e9a097a">_svfir2ExeState</a>-&gt;<a class="code" href="classSVF_1_1SVFIR2ItvExeState.html#a56434326130c8127c823097ad764947b">getEs</a>();</div>
+<div class="line"><a name="l00263"></a><span class="lineno">  263</span>&#160;        <a class="code" href="CommandLine_8h.html#a2429346d37bd4c40889bd7c6d319d9da">u32_t</a> num_id = <a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1IRGraph.html#a43514023a4f4d0c32f536f51443b0efc">getValueNode</a>(cs.getArgument(0));</div>
+<div class="line"><a name="l00264"></a><span class="lineno">  264</span>&#160; </div>
+<div class="line"><a name="l00265"></a><span class="lineno">  265</span>&#160;        <a class="code" href="CommandLine_8h.html#a2429346d37bd4c40889bd7c6d319d9da">u32_t</a> num = (<a class="code" href="namespaceSVF.html#ad42bff8d0a7d60a085aa32d10f4955af">u32_t</a>) es[num_id].getNumeral();</div>
+<div class="line"><a name="l00266"></a><span class="lineno">  266</span>&#160;        <a class="code" href="cJSON_8h.html#ad4c68ea99a26b0a98ad9a79982960458">std::string</a> snum = std::to_string(num);</div>
+<div class="line"><a name="l00267"></a><span class="lineno">  267</span>&#160;        <a class="code" href="classSVF_1_1BufOverflowChecker.html#ace5ad1d6a63d5392044fee2ecbc9236e">canSafelyAccessMemory</a>(cs.getArgument(1), IntervalValue((<a class="code" href="namespaceSVF.html#a9b707002523ece2ac54ca893ee9a2d4e">s32_t</a>)snum.size()), <a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1SVFIR.html#abda052b73e869ed6d7c139ad1528da11">getICFG</a>()-&gt;<a class="code" href="classSVF_1_1ICFG.html#a5f2c0aaba07d6fdd63058da0fb60ca8b">getICFGNode</a>(cs.getInstruction()));</div>
+<div class="line"><a name="l00268"></a><span class="lineno">  268</span>&#160;    };</div>
+<div class="line"><a name="l00269"></a><span class="lineno">  269</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a>[<span class="stringliteral">&quot;itoa&quot;</span>] = sse_itoa;</div>
+<div class="line"><a name="l00270"></a><span class="lineno">  270</span>&#160; </div>
+<div class="line"><a name="l00271"></a><span class="lineno">  271</span>&#160; </div>
+<div class="line"><a name="l00272"></a><span class="lineno">  272</span>&#160;    <span class="keyword">auto</span> sse_strlen = [&amp;](<span class="keyword">const</span> CallSite &amp;cs)</div>
+<div class="line"><a name="l00273"></a><span class="lineno">  273</span>&#160;    {</div>
+<div class="line"><a name="l00274"></a><span class="lineno">  274</span>&#160;        <span class="comment">// check the arg size</span></div>
+<div class="line"><a name="l00275"></a><span class="lineno">  275</span>&#160;        <span class="keywordflow">if</span> (cs.arg_size() &lt; 1) <span class="keywordflow">return</span>;</div>
+<div class="line"><a name="l00276"></a><span class="lineno">  276</span>&#160;        <span class="keyword">const</span> SVFValue* strValue = cs.getArgument(0);</div>
+<div class="line"><a name="l00277"></a><span class="lineno">  277</span>&#160;        IntervalExeState &amp;es = <a class="code" href="classSVF_1_1AbstractExecution.html#a5e24bceb3d6961117651dbc65e9a097a">_svfir2ExeState</a>-&gt;<a class="code" href="classSVF_1_1SVFIR2ItvExeState.html#a56434326130c8127c823097ad764947b">getEs</a>();</div>
+<div class="line"><a name="l00278"></a><span class="lineno">  278</span>&#160;        IntervalValue dst_size = <a class="code" href="classSVF_1_1AbstractExecution.html#a99be86146ad4ddbdb900cdb6b324f943">getStrlen</a>(strValue);</div>
+<div class="line"><a name="l00279"></a><span class="lineno">  279</span>&#160;        <a class="code" href="CommandLine_8h.html#a2429346d37bd4c40889bd7c6d319d9da">u32_t</a> elemSize = 1;</div>
+<div class="line"><a name="l00280"></a><span class="lineno">  280</span>&#160;        <span class="keywordflow">if</span> (strValue-&gt;getType()-&gt;isArrayTy())</div>
+<div class="line"><a name="l00281"></a><span class="lineno">  281</span>&#160;        {</div>
+<div class="line"><a name="l00282"></a><span class="lineno">  282</span>&#160;            elemSize = SVFUtil::dyn_cast&lt;SVFArrayType&gt;(strValue-&gt;getType())-&gt;getTypeOfElement()-&gt;getByteSize();</div>
+<div class="line"><a name="l00283"></a><span class="lineno">  283</span>&#160;        }</div>
+<div class="line"><a name="l00284"></a><span class="lineno">  284</span>&#160;        <span class="keywordflow">else</span> <span class="keywordflow">if</span> (strValue-&gt;getType()-&gt;isPointerTy())</div>
+<div class="line"><a name="l00285"></a><span class="lineno">  285</span>&#160;        {</div>
+<div class="line"><a name="l00286"></a><span class="lineno">  286</span>&#160;            elemSize = <a class="code" href="classSVF_1_1AbstractExecution.html#a888fd56160afe0d431c47bcf10674dc0">getPointeeElement</a>(<a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1IRGraph.html#a43514023a4f4d0c32f536f51443b0efc">getValueNode</a>(strValue))-&gt;<a class="code" href="classSVF_1_1SVFType.html#a95b8031f1e15d49c7d68628be1d05aae">getByteSize</a>();</div>
+<div class="line"><a name="l00287"></a><span class="lineno">  287</span>&#160;        }</div>
+<div class="line"><a name="l00288"></a><span class="lineno">  288</span>&#160;        <a class="code" href="CommandLine_8h.html#a2429346d37bd4c40889bd7c6d319d9da">u32_t</a> lhsId = <a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1IRGraph.html#a43514023a4f4d0c32f536f51443b0efc">getValueNode</a>(cs.getInstruction());</div>
+<div class="line"><a name="l00289"></a><span class="lineno">  289</span>&#160;        es[lhsId] = dst_size / IntervalValue(elemSize);</div>
+<div class="line"><a name="l00290"></a><span class="lineno">  290</span>&#160;    };</div>
+<div class="line"><a name="l00291"></a><span class="lineno">  291</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a>[<span class="stringliteral">&quot;strlen&quot;</span>] = sse_strlen;</div>
+<div class="line"><a name="l00292"></a><span class="lineno">  292</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a>[<span class="stringliteral">&quot;wcslen&quot;</span>] = sse_strlen;</div>
+<div class="line"><a name="l00293"></a><span class="lineno">  293</span>&#160; </div>
+<div class="line"><a name="l00294"></a><span class="lineno">  294</span>&#160;    <span class="keyword">auto</span> sse_recv = [&amp;](<span class="keyword">const</span> CallSite &amp;cs)</div>
+<div class="line"><a name="l00295"></a><span class="lineno">  295</span>&#160;    {</div>
+<div class="line"><a name="l00296"></a><span class="lineno">  296</span>&#160;        <span class="comment">// recv(sockfd, buf, len, flags);</span></div>
+<div class="line"><a name="l00297"></a><span class="lineno">  297</span>&#160;        <span class="keywordflow">if</span> (cs.arg_size() &lt; 4) <span class="keywordflow">return</span>;</div>
+<div class="line"><a name="l00298"></a><span class="lineno">  298</span>&#160;        IntervalExeState &amp;es = <a class="code" href="classSVF_1_1AbstractExecution.html#a5e24bceb3d6961117651dbc65e9a097a">_svfir2ExeState</a>-&gt;<a class="code" href="classSVF_1_1SVFIR2ItvExeState.html#a56434326130c8127c823097ad764947b">getEs</a>();</div>
+<div class="line"><a name="l00299"></a><span class="lineno">  299</span>&#160;        <a class="code" href="CommandLine_8h.html#a2429346d37bd4c40889bd7c6d319d9da">u32_t</a> len_id = <a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1IRGraph.html#a43514023a4f4d0c32f536f51443b0efc">getValueNode</a>(cs.getArgument(2));</div>
+<div class="line"><a name="l00300"></a><span class="lineno">  300</span>&#160;        IntervalValue len = es[len_id] - IntervalValue(1);</div>
+<div class="line"><a name="l00301"></a><span class="lineno">  301</span>&#160;        <a class="code" href="CommandLine_8h.html#a2429346d37bd4c40889bd7c6d319d9da">u32_t</a> lhsId = <a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1IRGraph.html#a43514023a4f4d0c32f536f51443b0efc">getValueNode</a>(cs.getInstruction());</div>
+<div class="line"><a name="l00302"></a><span class="lineno">  302</span>&#160;        es[lhsId] = len;</div>
+<div class="line"><a name="l00303"></a><span class="lineno">  303</span>&#160;        <a class="code" href="classSVF_1_1BufOverflowChecker.html#ace5ad1d6a63d5392044fee2ecbc9236e">canSafelyAccessMemory</a>(cs.getArgument(1), len, <a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1SVFIR.html#abda052b73e869ed6d7c139ad1528da11">getICFG</a>()-&gt;<a class="code" href="classSVF_1_1ICFG.html#a5f2c0aaba07d6fdd63058da0fb60ca8b">getICFGNode</a>(cs.getInstruction()));;</div>
+<div class="line"><a name="l00304"></a><span class="lineno">  304</span>&#160;    };</div>
+<div class="line"><a name="l00305"></a><span class="lineno">  305</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a>[<span class="stringliteral">&quot;recv&quot;</span>] = sse_recv;</div>
+<div class="line"><a name="l00306"></a><span class="lineno">  306</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a>[<span class="stringliteral">&quot;__recv&quot;</span>] = sse_recv;</div>
+<div class="line"><a name="l00307"></a><span class="lineno">  307</span>&#160;    <span class="keyword">auto</span> safe_bufaccess = [&amp;](<span class="keyword">const</span> CallSite &amp;cs)</div>
+<div class="line"><a name="l00308"></a><span class="lineno">  308</span>&#160;    {</div>
+<div class="line"><a name="l00309"></a><span class="lineno">  309</span>&#160;        <span class="keyword">const</span> CallICFGNode* callNode = SVFUtil::dyn_cast&lt;CallICFGNode&gt;(<a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1SVFIR.html#abda052b73e869ed6d7c139ad1528da11">getICFG</a>()-&gt;<a class="code" href="classSVF_1_1ICFG.html#a5f2c0aaba07d6fdd63058da0fb60ca8b">getICFGNode</a>(cs.getInstruction()));</div>
+<div class="line"><a name="l00310"></a><span class="lineno">  310</span>&#160;        <a class="code" href="classSVF_1_1AbstractExecution.html#a0a64bef0cc898059c50f6aec470cc6d9">_checkpoints</a>.erase(callNode);</div>
+<div class="line"><a name="l00311"></a><span class="lineno">  311</span>&#160;        <span class="comment">//void SAFE_BUFACCESS(void* data, int size);</span></div>
+<div class="line"><a name="l00312"></a><span class="lineno">  312</span>&#160;        <span class="keywordflow">if</span> (cs.arg_size() &lt; 2) <span class="keywordflow">return</span>;</div>
+<div class="line"><a name="l00313"></a><span class="lineno">  313</span>&#160;        IntervalExeState &amp;es = <a class="code" href="classSVF_1_1AbstractExecution.html#a5e24bceb3d6961117651dbc65e9a097a">_svfir2ExeState</a>-&gt;<a class="code" href="classSVF_1_1SVFIR2ItvExeState.html#a56434326130c8127c823097ad764947b">getEs</a>();</div>
+<div class="line"><a name="l00314"></a><span class="lineno">  314</span>&#160;        <a class="code" href="CommandLine_8h.html#a2429346d37bd4c40889bd7c6d319d9da">u32_t</a> size_id = <a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1IRGraph.html#a43514023a4f4d0c32f536f51443b0efc">getValueNode</a>(cs.getArgument(1));</div>
+<div class="line"><a name="l00315"></a><span class="lineno">  315</span>&#160;        IntervalValue val = es[size_id];</div>
+<div class="line"><a name="l00316"></a><span class="lineno">  316</span>&#160;        <span class="keywordflow">if</span> (val.isBottom())</div>
+<div class="line"><a name="l00317"></a><span class="lineno">  317</span>&#160;        {</div>
+<div class="line"><a name="l00318"></a><span class="lineno">  318</span>&#160;            val = IntervalValue(0);</div>
+<div class="line"><a name="l00319"></a><span class="lineno">  319</span>&#160;            assert(<span class="keyword">false</span> &amp;&amp; <span class="stringliteral">&quot;SAFE_BUFACCESS size is bottom&quot;</span>);</div>
+<div class="line"><a name="l00320"></a><span class="lineno">  320</span>&#160;        }</div>
+<div class="line"><a name="l00321"></a><span class="lineno">  321</span>&#160;        <span class="keywordtype">bool</span> isSafe = <a class="code" href="classSVF_1_1BufOverflowChecker.html#ace5ad1d6a63d5392044fee2ecbc9236e">canSafelyAccessMemory</a>(cs.getArgument(0), val, <a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1SVFIR.html#abda052b73e869ed6d7c139ad1528da11">getICFG</a>()-&gt;<a class="code" href="classSVF_1_1ICFG.html#a5f2c0aaba07d6fdd63058da0fb60ca8b">getICFGNode</a>(cs.getInstruction()));</div>
+<div class="line"><a name="l00322"></a><span class="lineno">  322</span>&#160;        <span class="keywordflow">if</span> (isSafe)</div>
+<div class="line"><a name="l00323"></a><span class="lineno">  323</span>&#160;        {</div>
+<div class="line"><a name="l00324"></a><span class="lineno">  324</span>&#160;            std::cout &lt;&lt; <span class="stringliteral">&quot;safe buffer access success\n&quot;</span>;</div>
+<div class="line"><a name="l00325"></a><span class="lineno">  325</span>&#160;            <span class="keywordflow">return</span>;</div>
+<div class="line"><a name="l00326"></a><span class="lineno">  326</span>&#160;        }</div>
+<div class="line"><a name="l00327"></a><span class="lineno">  327</span>&#160;        <span class="keywordflow">else</span></div>
+<div class="line"><a name="l00328"></a><span class="lineno">  328</span>&#160;        {</div>
+<div class="line"><a name="l00329"></a><span class="lineno">  329</span>&#160;            <a class="code" href="cJSON_8h.html#ad4c68ea99a26b0a98ad9a79982960458">std::string</a> err_msg = <span class="stringliteral">&quot;this SAFE_BUFACCESS should be a safe access but detected buffer overflow. Pos: &quot;</span>;</div>
+<div class="line"><a name="l00330"></a><span class="lineno">  330</span>&#160;            err_msg += cs.getInstruction()-&gt;getSourceLoc();</div>
+<div class="line"><a name="l00331"></a><span class="lineno">  331</span>&#160;            std::cerr &lt;&lt; err_msg &lt;&lt; std::endl;</div>
+<div class="line"><a name="l00332"></a><span class="lineno">  332</span>&#160;            assert(<span class="keyword">false</span>);</div>
+<div class="line"><a name="l00333"></a><span class="lineno">  333</span>&#160;        }</div>
+<div class="line"><a name="l00334"></a><span class="lineno">  334</span>&#160;    };</div>
+<div class="line"><a name="l00335"></a><span class="lineno">  335</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a>[<span class="stringliteral">&quot;SAFE_BUFACCESS&quot;</span>] = safe_bufaccess;</div>
+<div class="line"><a name="l00336"></a><span class="lineno">  336</span>&#160; </div>
+<div class="line"><a name="l00337"></a><span class="lineno">  337</span>&#160;    <span class="keyword">auto</span> unsafe_bufaccess = [&amp;](<span class="keyword">const</span> CallSite &amp;cs)</div>
+<div class="line"><a name="l00338"></a><span class="lineno">  338</span>&#160;    {</div>
+<div class="line"><a name="l00339"></a><span class="lineno">  339</span>&#160;        <span class="keyword">const</span> CallICFGNode* callNode = SVFUtil::dyn_cast&lt;CallICFGNode&gt;(<a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1SVFIR.html#abda052b73e869ed6d7c139ad1528da11">getICFG</a>()-&gt;<a class="code" href="classSVF_1_1ICFG.html#a5f2c0aaba07d6fdd63058da0fb60ca8b">getICFGNode</a>(cs.getInstruction()));</div>
+<div class="line"><a name="l00340"></a><span class="lineno">  340</span>&#160;        <a class="code" href="classSVF_1_1AbstractExecution.html#a0a64bef0cc898059c50f6aec470cc6d9">_checkpoints</a>.erase(callNode);</div>
+<div class="line"><a name="l00341"></a><span class="lineno">  341</span>&#160;        <span class="comment">//void UNSAFE_BUFACCESS(void* data, int size);</span></div>
+<div class="line"><a name="l00342"></a><span class="lineno">  342</span>&#160;        <span class="keywordflow">if</span> (cs.arg_size() &lt; 2) <span class="keywordflow">return</span>;</div>
+<div class="line"><a name="l00343"></a><span class="lineno">  343</span>&#160;        IntervalExeState &amp;es = <a class="code" href="classSVF_1_1AbstractExecution.html#a5e24bceb3d6961117651dbc65e9a097a">_svfir2ExeState</a>-&gt;<a class="code" href="classSVF_1_1SVFIR2ItvExeState.html#a56434326130c8127c823097ad764947b">getEs</a>();</div>
+<div class="line"><a name="l00344"></a><span class="lineno">  344</span>&#160;        <a class="code" href="CommandLine_8h.html#a2429346d37bd4c40889bd7c6d319d9da">u32_t</a> size_id = <a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1IRGraph.html#a43514023a4f4d0c32f536f51443b0efc">getValueNode</a>(cs.getArgument(1));</div>
+<div class="line"><a name="l00345"></a><span class="lineno">  345</span>&#160;        IntervalValue val = es[size_id];</div>
+<div class="line"><a name="l00346"></a><span class="lineno">  346</span>&#160;        <span class="keywordflow">if</span> (val.isBottom())</div>
+<div class="line"><a name="l00347"></a><span class="lineno">  347</span>&#160;        {</div>
+<div class="line"><a name="l00348"></a><span class="lineno">  348</span>&#160;            assert(<span class="keyword">false</span> &amp;&amp; <span class="stringliteral">&quot;UNSAFE_BUFACCESS size is bottom&quot;</span>);</div>
+<div class="line"><a name="l00349"></a><span class="lineno">  349</span>&#160;        }</div>
+<div class="line"><a name="l00350"></a><span class="lineno">  350</span>&#160;        <span class="keywordtype">bool</span> isSafe = <a class="code" href="classSVF_1_1BufOverflowChecker.html#ace5ad1d6a63d5392044fee2ecbc9236e">canSafelyAccessMemory</a>(cs.getArgument(0), val, <a class="code" href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">_svfir</a>-&gt;<a class="code" href="classSVF_1_1SVFIR.html#abda052b73e869ed6d7c139ad1528da11">getICFG</a>()-&gt;<a class="code" href="classSVF_1_1ICFG.html#a5f2c0aaba07d6fdd63058da0fb60ca8b">getICFGNode</a>(cs.getInstruction()));</div>
+<div class="line"><a name="l00351"></a><span class="lineno">  351</span>&#160;        <span class="keywordflow">if</span> (!isSafe)</div>
+<div class="line"><a name="l00352"></a><span class="lineno">  352</span>&#160;        {</div>
+<div class="line"><a name="l00353"></a><span class="lineno">  353</span>&#160;            std::cout &lt;&lt; <span class="stringliteral">&quot;detect buffer overflow success\n&quot;</span>;</div>
+<div class="line"><a name="l00354"></a><span class="lineno">  354</span>&#160;            <span class="keywordflow">return</span>;</div>
+<div class="line"><a name="l00355"></a><span class="lineno">  355</span>&#160;        }</div>
+<div class="line"><a name="l00356"></a><span class="lineno">  356</span>&#160;        <span class="keywordflow">else</span></div>
+<div class="line"><a name="l00357"></a><span class="lineno">  357</span>&#160;        {</div>
+<div class="line"><a name="l00358"></a><span class="lineno">  358</span>&#160;            <span class="comment">// if it is safe, it means it is wrongly labeled, assert false.</span></div>
+<div class="line"><a name="l00359"></a><span class="lineno">  359</span>&#160;            <a class="code" href="cJSON_8h.html#ad4c68ea99a26b0a98ad9a79982960458">std::string</a> err_msg = <span class="stringliteral">&quot;this UNSAFE_BUFACCESS should be a buffer overflow but not detected. Pos: &quot;</span>;</div>
+<div class="line"><a name="l00360"></a><span class="lineno">  360</span>&#160;            err_msg += cs.getInstruction()-&gt;getSourceLoc();</div>
+<div class="line"><a name="l00361"></a><span class="lineno">  361</span>&#160;            std::cerr &lt;&lt; err_msg &lt;&lt; std::endl;</div>
+<div class="line"><a name="l00362"></a><span class="lineno">  362</span>&#160;            assert(<span class="keyword">false</span>);</div>
+<div class="line"><a name="l00363"></a><span class="lineno">  363</span>&#160;        }</div>
+<div class="line"><a name="l00364"></a><span class="lineno">  364</span>&#160;    };</div>
+<div class="line"><a name="l00365"></a><span class="lineno">  365</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">_func_map</a>[<span class="stringliteral">&quot;UNSAFE_BUFACCESS&quot;</span>] = unsafe_bufaccess;</div>
+<div class="line"><a name="l00366"></a><span class="lineno">  366</span>&#160; </div>
+<div class="line"><a name="l00367"></a><span class="lineno">  367</span>&#160;    <span class="comment">// init _checkpoint_names</span></div>
+<div class="line"><a name="l00368"></a><span class="lineno">  368</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#a32abc52bc54745027aa2daa67a8278f3">_checkpoint_names</a>.insert(<span class="stringliteral">&quot;SAFE_BUFACCESS&quot;</span>);</div>
+<div class="line"><a name="l00369"></a><span class="lineno">  369</span>&#160;    <a class="code" href="classSVF_1_1AbstractExecution.html#a32abc52bc54745027aa2daa67a8278f3">_checkpoint_names</a>.insert(<span class="stringliteral">&quot;UNSAFE_BUFACCESS&quot;</span>);</div>
+<div class="line"><a name="l00370"></a><span class="lineno">  370</span>&#160;}</div>
 </div><!-- fragment -->
 </div>
 </div>
 <h2 class="groupheader">Member Data Documentation</h2>
-<a id="a563fed00ad732985dbe7a7e2c6525e6a"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#a563fed00ad732985dbe7a7e2c6525e6a">&#9670;&nbsp;</a></span>BufOverflowCheckerAPI</h2>
+<a id="a0088456e712c555cbfba6203aec38037"></a>
+<h2 class="memtitle"><span class="permalink"><a href="#a0088456e712c555cbfba6203aec38037">&#9670;&nbsp;</a></span>_addrToGep</h2>
+<div class="memitem">
+<div class="memproto">
+<table class="mlabels">
+  <tr>
+  <td class="mlabels-left">
+      <table class="memname">
+        <tr>
+          <td class="memname"><a class="el" href="namespaceSVF.html#a8234d4b959abc9123993bcff4eee34c1">Map</a>&lt;<a class="el" href="namespaceSVF.html#a43a65e0d33af3c743294f7a1139d2301">NodeID</a>, const <a class="el" href="classSVF_1_1GepStmt.html">GepStmt</a>*&gt; SVF::BufOverflowChecker::_addrToGep</td>
+        </tr>
+      </table>
+  </td>
+  <td class="mlabels-right">
+<span class="mlabels"><span class="mlabel">private</span></span>  </td>
+  </tr>
+</table>
+</div><div class="memdoc">
+<p class="definition">Definition at line <a class="el" href="BufOverflowChecker_8h_source.html#l00201">201</a> of file <a class="el" href="BufOverflowChecker_8h_source.html">BufOverflowChecker.h</a>.</p>
+</div>
+</div>
+<a id="af83b65ed98cd4e0f6cd92962e7392d4d"></a>
+<h2 class="memtitle"><span class="permalink"><a href="#af83b65ed98cd4e0f6cd92962e7392d4d">&#9670;&nbsp;</a></span>_extAPIBufOverflowCheckRules</h2>
 <div class="memitem">
 <div class="memproto">
@@ -472,7 +1149,7 @@ Additional Inherited Members</h2></td></tr>
   <td class="mlabels-left">
       <table class="memname">
         <tr>
-          <td class="memname">friend SVF::BufOverflowChecker::BufOverflowCheckerAPI</td>
+          <td class="memname"><a class="el" href="namespaceSVF.html#a8234d4b959abc9123993bcff4eee34c1">Map</a>&lt;<a class="el" href="cJSON_8cpp.html#ae1adbce218e7a9d09164012443191d24">std::string</a>, std::vector&lt;std::pair&lt;<a class="el" href="namespaceSVF.html#ad42bff8d0a7d60a085aa32d10f4955af">u32_t</a>, <a class="el" href="namespaceSVF.html#ad42bff8d0a7d60a085aa32d10f4955af">u32_t</a>&gt; &gt; &gt; SVF::BufOverflowChecker::_extAPIBufOverflowCheckRules</td>
         </tr>
       </table>
   </td>
@@ -482,7 +1159,7 @@ Additional Inherited Members</h2></td></tr>
 </table>
 </div><div class="memdoc">
-<p class="definition">Definition at line <a class="el" href="BufOverflowChecker_8h_source.html#l00175">175</a> of file <a class="el" href="BufOverflowChecker_8h_source.html">BufOverflowChecker.h</a>.</p>
+<p class="definition">Definition at line <a class="el" href="BufOverflowChecker_8h_source.html#l00202">202</a> of file <a class="el" href="BufOverflowChecker_8h_source.html">BufOverflowChecker.h</a>.</p>
 </div>
 </div>
@@ -491,17 +1168,54 @@ Additional Inherited Members</h2></td></tr>
 <li>/home/runner/work/SVF/SVF/svf/lib/AE/Svfexe/<a class="el" href="BufOverflowChecker_8cpp_source.html">BufOverflowChecker.cpp</a></li>
 </ul>
 </div><!-- contents -->
-<div class="ttc" id="aclassSVF_1_1AbstractExecution_html_ad36d48c0ef82de915d9339c4f47cbd70"><div class="ttname"><a href="classSVF_1_1AbstractExecution.html#ad36d48c0ef82de915d9339c4f47cbd70">SVF::AbstractExecution::_kind</a></div><div class="ttdeci">AEKind _kind</div><div class="ttdef"><b>Definition:</b> <a href="AbstractExecution_8h_source.html#l00249">AbstractExecution.h:249</a></div></div>
-<div class="ttc" id="aclassSVF_1_1AbstractExecution_html_a5e24bceb3d6961117651dbc65e9a097a"><div class="ttname"><a href="classSVF_1_1AbstractExecution.html#a5e24bceb3d6961117651dbc65e9a097a">SVF::AbstractExecution::_svfir2ExeState</a></div><div class="ttdeci">SVFIR2ItvExeState * _svfir2ExeState</div><div class="ttdoc">Execution State, used to store the Interval Value of every SVF variable.</div><div class="ttdef"><b>Definition:</b> <a href="AbstractExecution_8h_source.html#l00244">AbstractExecution.h:244</a></div></div>
+<div class="ttc" id="aclassSVF_1_1SVFType_html_a95b8031f1e15d49c7d68628be1d05aae"><div class="ttname"><a href="classSVF_1_1SVFType.html#a95b8031f1e15d49c7d68628be1d05aae">SVF::SVFType::getByteSize</a></div><div class="ttdeci">u32_t getByteSize() const</div><div class="ttdef"><b>Definition:</b> <a href="SVFType_8h_source.html#l00244">SVFType.h:244</a></div></div>
+<div class="ttc" id="aclassSVF_1_1SVFIR2ItvExeState_html_afbb9ff1f2c47d2afda117bf63a80a1a7"><div class="ttname"><a href="classSVF_1_1SVFIR2ItvExeState.html#afbb9ff1f2c47d2afda117bf63a80a1a7">SVF::SVFIR2ItvExeState::getRangeLimitFromType</a></div><div class="ttdeci">IntervalValue getRangeLimitFromType(const SVFType *type)</div><div class="ttdoc">Return the value range of Integer SVF Type, e.g. unsigned i8 Type-&gt;[0, 255], signed i8 Type-&gt;[-128,...</div><div class="ttdef"><b>Definition:</b> <a href="SVFIR2ItvExeState_8cpp_source.html#l00050">SVFIR2ItvExeState.cpp:50</a></div></div>
+<div class="ttc" id="aclassSVF_1_1AbstractExecution_html_ad36d48c0ef82de915d9339c4f47cbd70"><div class="ttname"><a href="classSVF_1_1AbstractExecution.html#ad36d48c0ef82de915d9339c4f47cbd70">SVF::AbstractExecution::_kind</a></div><div class="ttdeci">AEKind _kind</div><div class="ttdef"><b>Definition:</b> <a href="AbstractExecution_8h_source.html#l00349">AbstractExecution.h:349</a></div></div>
+<div class="ttc" id="aclassSVF_1_1AbstractExecution_html_a99be86146ad4ddbdb900cdb6b324f943"><div class="ttname"><a href="classSVF_1_1AbstractExecution.html#a99be86146ad4ddbdb900cdb6b324f943">SVF::AbstractExecution::getStrlen</a></div><div class="ttdeci">IntervalValue getStrlen(const SVF::SVFValue *strValue)</div><div class="ttdef"><b>Definition:</b> <a href="AbstractExecution_8cpp_source.html#l01516">AbstractExecution.cpp:1516</a></div></div>
+<div class="ttc" id="aCommandLine_8h_html_a2429346d37bd4c40889bd7c6d319d9da"><div class="ttname"><a href="CommandLine_8h.html#a2429346d37bd4c40889bd7c6d319d9da">u32_t</a></div><div class="ttdeci">unsigned u32_t</div><div class="ttdef"><b>Definition:</b> <a href="CommandLine_8h_source.html#l00018">CommandLine.h:18</a></div></div>
+<div class="ttc" id="aclassSVF_1_1ExeState_html_a78038dd4884a501cfc94f073021eac96"><div class="ttname"><a href="classSVF_1_1ExeState.html#a78038dd4884a501cfc94f073021eac96">SVF::ExeState::Addrs</a></div><div class="ttdeci">AddressValue Addrs</div><div class="ttdef"><b>Definition:</b> <a href="ExeState_8h_source.html#l00053">ExeState.h:53</a></div></div>
+<div class="ttc" id="aclassSVF_1_1IRGraph_html_a43514023a4f4d0c32f536f51443b0efc"><div class="ttname"><a href="classSVF_1_1IRGraph.html#a43514023a4f4d0c32f536f51443b0efc">SVF::IRGraph::getValueNode</a></div><div class="ttdeci">NodeID getValueNode(const SVFValue *V)</div><div class="ttdef"><b>Definition:</b> <a href="IRGraph_8h_source.html#l00137">IRGraph.h:137</a></div></div>
+<div class="ttc" id="aclassSVF_1_1AbstractExecution_html_a442fb8eda087f72aa61816213dea43afa12d7009fd0108df805ee49182fe12ccc"><div class="ttname"><a href="classSVF_1_1AbstractExecution.html#a442fb8eda087f72aa61816213dea43afa12d7009fd0108df805ee49182fe12ccc">SVF::AbstractExecution::UNCLASSIFIED</a></div><div class="ttdeci">@ UNCLASSIFIED</div><div class="ttdef"><b>Definition:</b> <a href="AbstractExecution_8h_source.html#l00114">AbstractExecution.h:114</a></div></div>
+<div class="ttc" id="anamespaceSVF_1_1SVFUtil_html_a9815a5b31ac7dc21239d08e5b9f61106"><div class="ttname"><a href="namespaceSVF_1_1SVFUtil.html#a9815a5b31ac7dc21239d08e5b9f61106">SVF::SVFUtil::getSVFCallSite</a></div><div class="ttdeci">CallSite getSVFCallSite(const SVFInstruction *inst)</div><div class="ttdoc">Return LLVM callsite given an instruction.</div><div class="ttdef"><b>Definition:</b> <a href="SVFUtil_8h_source.html#l00196">SVFUtil.h:196</a></div></div>
+<div class="ttc" id="aclassSVF_1_1AbstractExecution_html_a5e24bceb3d6961117651dbc65e9a097a"><div class="ttname"><a href="classSVF_1_1AbstractExecution.html#a5e24bceb3d6961117651dbc65e9a097a">SVF::AbstractExecution::_svfir2ExeState</a></div><div class="ttdeci">SVFIR2ItvExeState * _svfir2ExeState</div><div class="ttdoc">Execution State, used to store the Interval Value of every SVF variable.</div><div class="ttdef"><b>Definition:</b> <a href="AbstractExecution_8h_source.html#l00344">AbstractExecution.h:344</a></div></div>
+<div class="ttc" id="aclassSVF_1_1BufOverflowChecker_html_ad8b2f2fa6f22b9d1655135c819cbad8a"><div class="ttname"><a href="classSVF_1_1BufOverflowChecker.html#ad8b2f2fa6f22b9d1655135c819cbad8a">SVF::BufOverflowChecker::detectStrcpy</a></div><div class="ttdeci">bool detectStrcpy(const CallICFGNode *call)</div><div class="ttdef"><b>Definition:</b> <a href="BufOverflowChecker_8cpp_source.html#l00123">BufOverflowChecker.cpp:123</a></div></div>
 <div class="ttc" id="anamespaceSVF_html_a41375daa7cc99317d0aa2a21dc643b88aa5aa2ddadb5f0392b52dcbe487fe0ecd"><div class="ttname"><a href="namespaceSVF.html#a41375daa7cc99317d0aa2a21dc643b88aa5aa2ddadb5f0392b52dcbe487fe0ecd">SVF::AEKind::BufOverflowChecker</a></div><div class="ttdeci">@ BufOverflowChecker</div></div>
+<div class="ttc" id="aclassSVF_1_1AbstractExecution_html_a32abc52bc54745027aa2daa67a8278f3"><div class="ttname"><a href="classSVF_1_1AbstractExecution.html#a32abc52bc54745027aa2daa67a8278f3">SVF::AbstractExecution::_checkpoint_names</a></div><div class="ttdeci">Set&lt; std::string &gt; _checkpoint_names</div><div class="ttdef"><b>Definition:</b> <a href="AbstractExecution_8h_source.html#l00384">AbstractExecution.h:384</a></div></div>
 <div class="ttc" id="aclassSVF_1_1SVFIR2ItvExeState_html_a48fec38aad1c2a9a140ee94e9fdd7e9b"><div class="ttname"><a href="classSVF_1_1SVFIR2ItvExeState.html#a48fec38aad1c2a9a140ee94e9fdd7e9b">SVF::SVFIR2ItvExeState::getAddrs</a></div><div class="ttdeci">Addrs &amp; getAddrs(u32_t id)</div><div class="ttdef"><b>Definition:</b> <a href="SVFIR2ItvExeState_8h_source.html#l00107">SVFIR2ItvExeState.h:107</a></div></div>
-<div class="ttc" id="aclassSVF_1_1AbstractExecution_html_a1d725fe50a7084bfa18bd47b941af885"><div class="ttname"><a href="classSVF_1_1AbstractExecution.html#a1d725fe50a7084bfa18bd47b941af885">SVF::AbstractExecution::handleSVFStatement</a></div><div class="ttdeci">virtual void handleSVFStatement(const SVFStmt *stmt)</div><div class="ttdef"><b>Definition:</b> <a href="AbstractExecution_8cpp_source.html#l00892">AbstractExecution.cpp:892</a></div></div>
+<div class="ttc" id="aclassSVF_1_1BufOverflowChecker_html_aed959fce840cbea32d3567ee1ac01e82"><div class="ttname"><a href="classSVF_1_1BufOverflowChecker.html#aed959fce840cbea32d3567ee1ac01e82">SVF::BufOverflowChecker::initExtAPIBufOverflowCheckRules</a></div><div class="ttdeci">void initExtAPIBufOverflowCheckRules()</div><div class="ttdef"><b>Definition:</b> <a href="BufOverflowChecker_8cpp_source.html#l00076">BufOverflowChecker.cpp:76</a></div></div>
+<div class="ttc" id="aclassSVF_1_1BufOverflowChecker_html_aa68f8aef09481d7c07dc59d7dfb83822"><div class="ttname"><a href="classSVF_1_1BufOverflowChecker.html#aa68f8aef09481d7c07dc59d7dfb83822">SVF::BufOverflowChecker::detectStrcat</a></div><div class="ttdeci">bool detectStrcat(const CallICFGNode *call)</div><div class="ttdef"><b>Definition:</b> <a href="BufOverflowChecker_8cpp_source.html#l00372">BufOverflowChecker.cpp:372</a></div></div>
+<div class="ttc" id="anamespaceSVF_1_1SVFUtil_html_a145abbd2958629718fbca41d25c3124d"><div class="ttname"><a href="namespaceSVF_1_1SVFUtil.html#a145abbd2958629718fbca41d25c3124d">SVF::SVFUtil::getCallee</a></div><div class="ttdeci">const SVFFunction * getCallee(const CallSite cs)</div><div class="ttdoc">Return callee of a callsite. Return null if this is an indirect call.</div><div class="ttdef"><b>Definition:</b> <a href="SVFUtil_8h_source.html#l00241">SVFUtil.h:241</a></div></div>
+<div class="ttc" id="aclassSVF_1_1AbstractExecution_html_a1d725fe50a7084bfa18bd47b941af885"><div class="ttname"><a href="classSVF_1_1AbstractExecution.html#a1d725fe50a7084bfa18bd47b941af885">SVF::AbstractExecution::handleSVFStatement</a></div><div class="ttdeci">virtual void handleSVFStatement(const SVFStmt *stmt)</div><div class="ttdef"><b>Definition:</b> <a href="AbstractExecution_8cpp_source.html#l00887">AbstractExecution.cpp:887</a></div></div>
 <div class="ttc" id="aclassSVF_1_1SVFIR2ItvExeState_html_a66c426719f583653cb70189f01d6fda5"><div class="ttname"><a href="classSVF_1_1SVFIR2ItvExeState.html#a66c426719f583653cb70189f01d6fda5">SVF::SVFIR2ItvExeState::getInternalID</a></div><div class="ttdeci">static u32_t getInternalID(u32_t idx)</div><div class="ttdoc">Return the internal index if idx is an address otherwise return the value of idx.</div><div class="ttdef"><b>Definition:</b> <a href="SVFIR2ItvExeState_8h_source.html#l00166">SVFIR2ItvExeState.h:166</a></div></div>
-<div class="ttc" id="aclassSVF_1_1AbstractExecution_html_a26f8c21bd96ae22ca2e72af6fbfa410c"><div class="ttname"><a href="classSVF_1_1AbstractExecution.html#a26f8c21bd96ae22ca2e72af6fbfa410c">SVF::AbstractExecution::_api</a></div><div class="ttdeci">AEAPI * _api</div><div class="ttdef"><b>Definition:</b> <a href="AbstractExecution_8h_source.html#l00245">AbstractExecution.h:245</a></div></div>
-<div class="ttc" id="aclassSVF_1_1AbstractExecution_html_a74a55a4d4941c85bdfed81f060049bf0"><div class="ttname"><a href="classSVF_1_1AbstractExecution.html#a74a55a4d4941c85bdfed81f060049bf0">SVF::AbstractExecution::_stat</a></div><div class="ttdeci">AEStat * _stat</div><div class="ttdef"><b>Definition:</b> <a href="AbstractExecution_8h_source.html#l00248">AbstractExecution.h:248</a></div></div>
-<div class="ttc" id="aclassSVF_1_1BufOverflowChecker_html_a563fed00ad732985dbe7a7e2c6525e6a"><div class="ttname"><a href="classSVF_1_1BufOverflowChecker.html#a563fed00ad732985dbe7a7e2c6525e6a">SVF::BufOverflowChecker::BufOverflowCheckerAPI</a></div><div class="ttdeci">friend BufOverflowCheckerAPI</div><div class="ttdef"><b>Definition:</b> <a href="BufOverflowChecker_8h_source.html#l00175">BufOverflowChecker.h:175</a></div></div>
-<div class="ttc" id="aclassSVF_1_1AbstractExecution_html_a84d8fedb7e9d23e92ffcb74b4cfbf78c"><div class="ttname"><a href="classSVF_1_1AbstractExecution.html#a84d8fedb7e9d23e92ffcb74b4cfbf78c">SVF::AbstractExecution::AbstractExecution</a></div><div class="ttdeci">AbstractExecution()</div><div class="ttdoc">Constructor.</div><div class="ttdef"><b>Definition:</b> <a href="AbstractExecution_8cpp_source.html#l00128">AbstractExecution.cpp:128</a></div></div>
+<div class="ttc" id="acJSON_8h_html_ad4c68ea99a26b0a98ad9a79982960458"><div class="ttname"><a href="cJSON_8h.html#ad4c68ea99a26b0a98ad9a79982960458">string</a></div><div class="ttdeci">const char *const string</div><div class="ttdef"><b>Definition:</b> <a href="cJSON_8h_source.html#l00172">cJSON.h:172</a></div></div>
+<div class="ttc" id="aclassSVF_1_1AbstractExecution_html_a888fd56160afe0d431c47bcf10674dc0"><div class="ttname"><a href="classSVF_1_1AbstractExecution.html#a888fd56160afe0d431c47bcf10674dc0">SVF::AbstractExecution::getPointeeElement</a></div><div class="ttdeci">const SVFType * getPointeeElement(NodeID id)</div><div class="ttdef"><b>Definition:</b> <a href="AbstractExecution_8cpp_source.html#l01663">AbstractExecution.cpp:1663</a></div></div>
+<div class="ttc" id="aclassSVF_1_1ICFG_html_a5f2c0aaba07d6fdd63058da0fb60ca8b"><div class="ttname"><a href="classSVF_1_1ICFG.html#a5f2c0aaba07d6fdd63058da0fb60ca8b">SVF::ICFG::getICFGNode</a></div><div class="ttdeci">ICFGNode * getICFGNode(NodeID id) const</div><div class="ttdoc">Get a ICFG node.</div><div class="ttdef"><b>Definition:</b> <a href="ICFG_8h_source.html#l00092">ICFG.h:92</a></div></div>
+<div class="ttc" id="aclassSVF_1_1BufOverflowChecker_html_ace5ad1d6a63d5392044fee2ecbc9236e"><div class="ttname"><a href="classSVF_1_1BufOverflowChecker.html#ace5ad1d6a63d5392044fee2ecbc9236e">SVF::BufOverflowChecker::canSafelyAccessMemory</a></div><div class="ttdeci">bool canSafelyAccessMemory(const SVFValue *value, const IntervalValue &amp;len, const ICFGNode *curNode)</div><div class="ttdef"><b>Definition:</b> <a href="BufOverflowChecker_8cpp_source.html#l00485">BufOverflowChecker.cpp:485</a></div></div>
+<div class="ttc" id="aclassSVF_1_1AbstractExecution_html_a0a64bef0cc898059c50f6aec470cc6d9"><div class="ttname"><a href="classSVF_1_1AbstractExecution.html#a0a64bef0cc898059c50f6aec470cc6d9">SVF::AbstractExecution::_checkpoints</a></div><div class="ttdeci">Set&lt; const CallICFGNode * &gt; _checkpoints</div><div class="ttdef"><b>Definition:</b> <a href="AbstractExecution_8h_source.html#l00383">AbstractExecution.h:383</a></div></div>
+<div class="ttc" id="aclassSVF_1_1BufOverflowChecker_html_af83b65ed98cd4e0f6cd92962e7392d4d"><div class="ttname"><a href="classSVF_1_1BufOverflowChecker.html#af83b65ed98cd4e0f6cd92962e7392d4d">SVF::BufOverflowChecker::_extAPIBufOverflowCheckRules</a></div><div class="ttdeci">Map&lt; std::string, std::vector&lt; std::pair&lt; u32_t, u32_t &gt; &gt; &gt; _extAPIBufOverflowCheckRules</div><div class="ttdef"><b>Definition:</b> <a href="BufOverflowChecker_8h_source.html#l00202">BufOverflowChecker.h:202</a></div></div>
+<div class="ttc" id="aclassSVF_1_1AbstractExecution_html_ac1742440725909fee77526726424d135"><div class="ttname"><a href="classSVF_1_1AbstractExecution.html#ac1742440725909fee77526726424d135">SVF::AbstractExecution::_func_map</a></div><div class="ttdeci">Map&lt; std::string, std::function&lt; void(const CallSite &amp;)&gt; &gt; _func_map</div><div class="ttdef"><b>Definition:</b> <a href="AbstractExecution_8h_source.html#l00382">AbstractExecution.h:382</a></div></div>
+<div class="ttc" id="aclassSVF_1_1GenericGraph_html_a43c9c773bfa17abf481c33073e30d01b"><div class="ttname"><a href="classSVF_1_1GenericGraph.html#a43c9c773bfa17abf481c33073e30d01b">SVF::GenericGraph::getGNode</a></div><div class="ttdeci">NodeType * getGNode(NodeID id) const</div><div class="ttdoc">Get a node.</div><div class="ttdef"><b>Definition:</b> <a href="GenericGraph_8h_source.html#l00406">GenericGraph.h:406</a></div></div>
+<div class="ttc" id="aclassSVF_1_1Options_html_afbe432aabda95308e2c190a04d227a6d"><div class="ttname"><a href="classSVF_1_1Options.html#afbe432aabda95308e2c190a04d227a6d">SVF::Options::BufferOverflowCheck</a></div><div class="ttdeci">static const Option&lt; bool &gt; BufferOverflowCheck</div><div class="ttdoc">open buffer overflow checker, Default: false</div><div class="ttdef"><b>Definition:</b> <a href="Options_8h_source.html#l00271">Options.h:271</a></div></div>
+<div class="ttc" id="anamespaceSVF_html_a9b707002523ece2ac54ca893ee9a2d4e"><div class="ttname"><a href="namespaceSVF.html#a9b707002523ece2ac54ca893ee9a2d4e">SVF::s32_t</a></div><div class="ttdeci">signed s32_t</div><div class="ttdef"><b>Definition:</b> <a href="GeneralType_8h_source.html#l00047">GeneralType.h:47</a></div></div>
+<div class="ttc" id="aclassSVF_1_1SVFIR_html_abda052b73e869ed6d7c139ad1528da11"><div class="ttname"><a href="classSVF_1_1SVFIR.html#abda052b73e869ed6d7c139ad1528da11">SVF::SVFIR::getICFG</a></div><div class="ttdeci">ICFG * getICFG() const</div><div class="ttdef"><b>Definition:</b> <a href="SVFIR_8h_source.html#l00170">SVFIR.h:170</a></div></div>
+<div class="ttc" id="acJSON_8cpp_html_a95bf816579e97b6f33bdb5e25ed6d5de"><div class="ttname"><a href="cJSON_8cpp.html#a95bf816579e97b6f33bdb5e25ed6d5de">offset</a></div><div class="ttdeci">buffer offset</div><div class="ttdef"><b>Definition:</b> <a href="cJSON_8cpp_source.html#l01113">cJSON.cpp:1113</a></div></div>
+<div class="ttc" id="aclassSVF_1_1BufOverflowChecker_html_af0e2276001df7d51c45b22d5d11ca09b"><div class="ttname"><a href="classSVF_1_1BufOverflowChecker.html#af0e2276001df7d51c45b22d5d11ca09b">SVF::BufOverflowChecker::initExtFunMap</a></div><div class="ttdeci">virtual void initExtFunMap() override</div><div class="ttdef"><b>Definition:</b> <a href="BufOverflowChecker_8cpp_source.html#l00133">BufOverflowChecker.cpp:133</a></div></div>
+<div class="ttc" id="aclassSVF_1_1AbstractExecution_html_a84d8fedb7e9d23e92ffcb74b4cfbf78c"><div class="ttname"><a href="classSVF_1_1AbstractExecution.html#a84d8fedb7e9d23e92ffcb74b4cfbf78c">SVF::AbstractExecution::AbstractExecution</a></div><div class="ttdeci">AbstractExecution()</div><div class="ttdoc">Constructor.</div><div class="ttdef"><b>Definition:</b> <a href="AbstractExecution_8cpp_source.html#l00123">AbstractExecution.cpp:123</a></div></div>
+<div class="ttc" id="aclassSVF_1_1AbstractExecution_html_a49742e8c3a8fe598a0945a8d8ff394d0"><div class="ttname"><a href="classSVF_1_1AbstractExecution.html#a49742e8c3a8fe598a0945a8d8ff394d0">SVF::AbstractExecution::_svfir</a></div><div class="ttdeci">SVFIR * _svfir</div><div class="ttdoc">protected data members, also used in subclasses</div><div class="ttdef"><b>Definition:</b> <a href="AbstractExecution_8h_source.html#l00341">AbstractExecution.h:341</a></div></div>
+<div class="ttc" id="aclassSVF_1_1AbstractExecution_html_a442fb8eda087f72aa61816213dea43afa45836a81adf553b872a061e5fe4c5be8"><div class="ttname"><a href="classSVF_1_1AbstractExecution.html#a442fb8eda087f72aa61816213dea43afa45836a81adf553b872a061e5fe4c5be8">SVF::AbstractExecution::MEMSET</a></div><div class="ttdeci">@ MEMSET</div><div class="ttdef"><b>Definition:</b> <a href="AbstractExecution_8h_source.html#l00114">AbstractExecution.h:114</a></div></div>
+<div class="ttc" id="aclassSVF_1_1AbstractExecution_html_a442fb8eda087f72aa61816213dea43afa622ab5082468499be675c2783aaf3dcf"><div class="ttname"><a href="classSVF_1_1AbstractExecution.html#a442fb8eda087f72aa61816213dea43afa622ab5082468499be675c2783aaf3dcf">SVF::AbstractExecution::MEMCPY</a></div><div class="ttdeci">@ MEMCPY</div><div class="ttdef"><b>Definition:</b> <a href="AbstractExecution_8h_source.html#l00114">AbstractExecution.h:114</a></div></div>
+<div class="ttc" id="aclassSVF_1_1SVFIR2ItvExeState_html_a56434326130c8127c823097ad764947b"><div class="ttname"><a href="classSVF_1_1SVFIR2ItvExeState.html#a56434326130c8127c823097ad764947b">SVF::SVFIR2ItvExeState::getEs</a></div><div class="ttdeci">IntervalExeState &amp; getEs()</div><div class="ttdef"><b>Definition:</b> <a href="SVFIR2ItvExeState_8h_source.html#l00057">SVFIR2ItvExeState.h:57</a></div></div>
+<div class="ttc" id="aclassSVF_1_1AbstractExecution_html_a442fb8eda087f72aa61816213dea43afac9539311eec734c966b719990e869b12"><div class="ttname"><a href="classSVF_1_1AbstractExecution.html#a442fb8eda087f72aa61816213dea43afac9539311eec734c966b719990e869b12">SVF::AbstractExecution::STRCPY</a></div><div class="ttdeci">@ STRCPY</div><div class="ttdef"><b>Definition:</b> <a href="AbstractExecution_8h_source.html#l00114">AbstractExecution.h:114</a></div></div>
+<div class="ttc" id="aclassSVF_1_1AbstractExecution_html_a442fb8eda087f72aa61816213dea43af"><div class="ttname"><a href="classSVF_1_1AbstractExecution.html#a442fb8eda087f72aa61816213dea43af">SVF::AbstractExecution::ExtAPIType</a></div><div class="ttdeci">ExtAPIType</div><div class="ttdef"><b>Definition:</b> <a href="AbstractExecution_8h_source.html#l00114">AbstractExecution.h:114</a></div></div>
 <div class="ttc" id="anamespaceSVF_html_a43a65e0d33af3c743294f7a1139d2301"><div class="ttname"><a href="namespaceSVF.html#a43a65e0d33af3c743294f7a1139d2301">SVF::NodeID</a></div><div class="ttdeci">unsigned NodeID</div><div class="ttdef"><b>Definition:</b> <a href="svf-llvm_2tools_2MTA_2MTAResultValidator_8h_source.html#l00020">MTAResultValidator.h:20</a></div></div>
+<div class="ttc" id="aclassSVF_1_1SVFVar_html_ab6f95d3e7e099d75cfc9645ebc037047"><div class="ttname"><a href="classSVF_1_1SVFVar.html#ab6f95d3e7e099d75cfc9645ebc037047">SVF::SVFVar::getType</a></div><div class="ttdeci">virtual const SVFType * getType() const</div><div class="ttdoc">Return type of the value.</div><div class="ttdef"><b>Definition:</b> <a href="SVFVariables_8h_source.html#l00107">SVFVariables.h:107</a></div></div>
+<div class="ttc" id="aclassSVF_1_1BufOverflowChecker_html_a0088456e712c555cbfba6203aec38037"><div class="ttname"><a href="classSVF_1_1BufOverflowChecker.html#a0088456e712c555cbfba6203aec38037">SVF::BufOverflowChecker::_addrToGep</a></div><div class="ttdeci">Map&lt; NodeID, const GepStmt * &gt; _addrToGep</div><div class="ttdef"><b>Definition:</b> <a href="BufOverflowChecker_8h_source.html#l00201">BufOverflowChecker.h:201</a></div></div>
+<div class="ttc" id="aclassSVF_1_1AbstractExecution_html_a442fb8eda087f72aa61816213dea43afadcda19decab7b2d85523b1fdbceb23e6"><div class="ttname"><a href="classSVF_1_1AbstractExecution.html#a442fb8eda087f72aa61816213dea43afadcda19decab7b2d85523b1fdbceb23e6">SVF::AbstractExecution::STRCAT</a></div><div class="ttdeci">@ STRCAT</div><div class="ttdef"><b>Definition:</b> <a href="AbstractExecution_8h_source.html#l00114">AbstractExecution.h:114</a></div></div>
+<div class="ttc" id="anamespaceSVF_html_ad42bff8d0a7d60a085aa32d10f4955af"><div class="ttname"><a href="namespaceSVF.html#ad42bff8d0a7d60a085aa32d10f4955af">SVF::u32_t</a></div><div class="ttdeci">unsigned u32_t</div><div class="ttdef"><b>Definition:</b> <a href="GeneralType_8h_source.html#l00046">GeneralType.h:46</a></div></div>
+<div class="ttc" id="anamespaceSVF_1_1SVFUtil_html_ab65033f068bfbeb0a1c52dcec3beb6bc"><div class="ttname"><a href="namespaceSVF_1_1SVFUtil.html#ab65033f068bfbeb0a1c52dcec3beb6bc">SVF::SVFUtil::errs</a></div><div class="ttdeci">std::ostream &amp; errs()</div><div class="ttdoc">Overwrite llvm::errs()</div><div class="ttdef"><b>Definition:</b> <a href="SVFUtil_8h_source.html#l00056">SVFUtil.h:56</a></div></div>
+<div class="ttc" id="aclassSVF_1_1AbstractExecution_html_ae002abb8711300ff52200f78f1463369"><div class="ttname"><a href="classSVF_1_1AbstractExecution.html#ae002abb8711300ff52200f78f1463369">SVF::AbstractExecution::handleExtAPI</a></div><div class="ttdeci">virtual void handleExtAPI(const CallICFGNode *call)</div><div class="ttdef"><b>Definition:</b> <a href="AbstractExecution_8cpp_source.html#l01235">AbstractExecution.cpp:1235</a></div></div>
+<div class="ttc" id="aclassSVF_1_1SVFIR2ItvExeState_html_a999c358b80dd07591b0432eaa41c20c9"><div class="ttname"><a href="classSVF_1_1SVFIR2ItvExeState.html#a999c358b80dd07591b0432eaa41c20c9">SVF::SVFIR2ItvExeState::inVarToAddrsTable</a></div><div class="ttdeci">bool inVarToAddrsTable(u32_t id) const</div><div class="ttdoc">whether the variable is in varToAddrs table</div><div class="ttdef"><b>Definition:</b> <a href="SVFIR2ItvExeState_8h_source.html#l00123">SVFIR2ItvExeState.h:123</a></div></div>
+<div class="ttc" id="aclassSVF_1_1BufOverflowChecker_html_a7c11b81809cb087317cbea654a589f75"><div class="ttname"><a href="classSVF_1_1BufOverflowChecker.html#a7c11b81809cb087317cbea654a589f75">SVF::BufOverflowChecker::addBugToRecoder</a></div><div class="ttdeci">void addBugToRecoder(const BufOverflowException &amp;e, const ICFGNode *node)</div></div>
 <!-- start footer part -->
 <hr class="footer"/><address class="footer"><small>
 Generated by &#160;<a href="http://www.doxygen.org/index.html">