1 files changed, 66 insertions, 0 deletions

diff --git a/gcc/testsuite/gcc.dg/analyzer/taint-divisor-1.c b/gcc/testsuite/gcc.dg/analyzer/taint-divisor-1.c
index 5a5a0b93ce0..b7c1faef1c4 100644
--- a/gcc/testsuite/gcc.dg/analyzer/taint-divisor-1.c
+++ b/gcc/testsuite/gcc.dg/analyzer/taint-divisor-1.c
@@ -24,3 +24,69 @@ int test_2 (FILE *f)
   fread (&s, sizeof (s), 1, f);
   return s.a % s.b;  /* { dg-warning "use of attacker-controlled value 's\\.b' as divisor without checking for zero" } */
 }
+
+/* We shouldn't complain if the divisor has been checked for zero.  */
+
+int test_checked_ne_zero (FILE *f)
+{
+  struct st1 s;
+  fread (&s, sizeof (s), 1, f);
+  if (s.b)
+    return s.a / s.b; /* { dg-bogus "divisor" } */
+  else
+    return 0;
+}
+
+int test_checked_gt_zero (FILE *f)
+{
+  struct st1 s;
+  fread (&s, sizeof (s), 1, f);
+  if (s.b > 0)
+    return s.a / s.b; /* { dg-bogus "divisor" } */
+  else
+    return 0;
+}
+
+int test_checked_lt_zero (FILE *f)
+{
+  struct st1 s;
+  fread (&s, sizeof (s), 1, f);
+  if (s.b < 0)
+    return s.a / s.b; /* { dg-bogus "divisor" } */
+  else
+    return 0;
+}
+
+/* We should complain if the check on the divisor still allows it to be
+   zero.  */
+
+int test_checked_ge_zero (FILE *f)
+{
+  struct st1 s;
+  fread (&s, sizeof (s), 1, f);
+  if (s.b >= 0)
+    return s.a / s.b;  /* { dg-warning "use of attacker-controlled value 's\\.b' as divisor without checking for zero" } */
+  else
+    return 0;
+}
+
+int test_checked_le_zero (FILE *f)
+{
+  struct st1 s;
+  fread (&s, sizeof (s), 1, f);
+  if (s.b <= 0)
+    return s.a / s.b;  /* { dg-warning "use of attacker-controlled value 's\\.b' as divisor without checking for zero" } */
+  else
+    return 0;
+}
+
+int test_checked_eq_zero (FILE *f)
+{
+  struct st1 s;
+  fread (&s, sizeof (s), 1, f);
+  /* Wrong sense of test.  */
+  if (s.b != 0)
+    return 0;
+  else
+    return s.a / s.b;  /* { dg-warning "use of attacker-controlled value 's\\.b' as divisor without checking for zero" } */
+}