Fixed #3686: false positive: Possible null pointer dereference (inconclusive)

2013-01-21 19:38:59 +01:00 · 2013-01-21 19:38:59 +01:00 · 096cb1bd88
parent bfafd51ca1
commit 096cb1bd88
2 changed files with 30 additions and 1 deletions
--- a/lib/checknullpointer.cpp
+++ b/lib/checknullpointer.cpp
@ -403,8 +403,15 @@ bool CheckNullPointer::isPointerDeRef(const Token *tok, bool &unknown, const Sym
        if (Token::Match(tok->previous(), "!|& %var%"))
            return false;

+        // OK to check pointer in "= p ? : "
+        if (Token::Match(tok->next(),"?") &&
+            (Token::Match(tok->previous(), "return|throw|;|{|}|:|[|(|,") || tok->previous()->isAssignmentOp()))
+            return false;
+
        // OK to pass pointer to function
-        if (Token::Match(tok->previous(), "[(,] %var% [,)]"))
+        if (Token::Match(tok->previous(), "[(,] %var% [,)]") &&
+            (!Token::Match(tok->previous(), "( %var%") ||
+             Token::Match(tok->tokAt(-2), "%var% ( %var%")))
            return false;

        // Compare pointer
--- a/test/testnullpointer.cpp
+++ b/test/testnullpointer.cpp
@ -595,6 +595,28 @@ private:
              "}\n");
        ASSERT_EQUALS("", errout.str());

+        check("void f() {\n"
+              "    int * a=0;\n"
+              "    if (!a) {};\n"
+              "    int c = a ? 0 : 1;\n"
+              "}\n",true);
+        ASSERT_EQUALS("", errout.str());
+
+        // #3686
+        check("void f() {\n"
+              "    int * a=0;\n"
+              "    if (!a) {};\n"
+              "    int c = a ? b : b+1;\n"
+              "}\n",true);
+        ASSERT_EQUALS("", errout.str());
+
+        check("void f() {\n"
+              "    int * a=0;\n"
+              "    if (!a) {};\n"
+              "    int c = (a) ? b : b+1;\n"
+              "}\n",true);
+        ASSERT_EQUALS("", errout.str());
+
        check("void foo(P *p)\n"
              "{\n"
              "  while (p)\n"