From d735918a8a3abb87731c889c77c21fb25751b6c0 Mon Sep 17 00:00:00 2001 From: Dmitry-Me Date: Wed, 25 Mar 2015 14:56:45 +0300 Subject: [PATCH] Constructor parameter type need not be a number --- lib/checkbufferoverrun.cpp | 2 +- test/testbufferoverrun.cpp | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/lib/checkbufferoverrun.cpp b/lib/checkbufferoverrun.cpp index 8e766707e..c01e74bf9 100644 --- a/lib/checkbufferoverrun.cpp +++ b/lib/checkbufferoverrun.cpp @@ -1064,7 +1064,7 @@ void CheckBufferOverrun::checkGlobalAndLocalVariable() if (size < 0) { negativeMemoryAllocationSizeError(tok->next()->next()); } - } else if (Token::Match(tok, "[*;{}] %var% = new %type% ( %num% )")) { + } else if (Token::Match(tok, "[*;{}] %var% = new %type% ( %num%|%name% )")) { size = 1; type = tok->strAt(4); var = tok->next()->variable(); diff --git a/test/testbufferoverrun.cpp b/test/testbufferoverrun.cpp index 170c72236..3f80c4e84 100644 --- a/test/testbufferoverrun.cpp +++ b/test/testbufferoverrun.cpp @@ -3242,6 +3242,12 @@ private: "}", settings); ASSERT_EQUALS("[test.cpp:3]: (error) Buffer is accessed out of bounds.\n", errout.str()); + check("void f(char value) {\n" + " char *a = new char(value);\n" + " mysprintf(a, \"a\");\n" + "}", settings); + ASSERT_EQUALS("[test.cpp:3]: (error) Buffer is accessed out of bounds.\n", errout.str()); + // This is out of bounds if 'sizeof(ABC)' is 1 (No padding) check("struct Foo { char a[1]; };\n" "void f() {\n"