From 047c3ed6baef4b7cfdc91f9dc1fe245b9d8384c7 Mon Sep 17 00:00:00 2001
From: Paul Fultz II <pfultz2@yahoo.com>
Date: Fri, 9 Oct 2020 10:21:27 -0500
Subject: [PATCH] Fix issue 9935: FP: knownConditionTrueFalse value flow
 doesn't account for virtual functions (#2839)

---
 lib/valueflow.cpp      |  2 +-
 test/testvalueflow.cpp | 15 +++++++++++++++
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/lib/valueflow.cpp b/lib/valueflow.cpp
index 4ba725f32..2575319a4 100644
--- a/lib/valueflow.cpp
+++ b/lib/valueflow.cpp
@@ -5858,7 +5858,7 @@ static bool isContainerSizeChangedByFunction(const Token *tok, int depth = 20)
     if (!ftok)
         return false; // not a function => variable not changed
     const Function * fun = ftok->function();
-    if (fun) {
+    if (fun && !fun->hasVirtualSpecifier()) {
         const Variable *arg = fun->getArgumentVar(narg);
         if (arg) {
             if (!arg->isReference() && !addressOf)
diff --git a/test/testvalueflow.cpp b/test/testvalueflow.cpp
index 0a3a58dac..f56e91340 100644
--- a/test/testvalueflow.cpp
+++ b/test/testvalueflow.cpp
@@ -4657,6 +4657,21 @@ private:
                "    return m.at(0);\n"
                "}\n";
         ASSERT_EQUALS("", isPossibleContainerSizeValue(tokenValues(code, "m . at", ValueFlow::Value::CONTAINER_SIZE), 0));
+
+        code = "struct Base {\n"
+               "    virtual bool GetString(std::string &) const { return false; }\n"
+               "};\n"
+               "int f() {\n"
+               "    std::string str;\n"
+               "    Base *b = GetClass();\n"
+               "    if (!b->GetString(str)) {\n"
+               "        return -2;\n"
+               "    }\n"
+               "    else {\n"
+               "        return str.front();\n"
+               "    }\n"
+               "}\n";
+        ASSERT_EQUALS(0U, tokenValues(code, "str . front").size());
     }
 
     void valueFlowDynamicBufferSize() {