From 096cb1bd88d248899f0cde68087ff0d4232a6c18 Mon Sep 17 00:00:00 2001 From: Frank Zingsheim Date: Mon, 21 Jan 2013 19:38:59 +0100 Subject: [PATCH] Fixed #3686: false positive: Possible null pointer dereference (inconclusive) --- lib/checknullpointer.cpp | 9 ++++++++- test/testnullpointer.cpp | 22 ++++++++++++++++++++++ 2 files changed, 30 insertions(+), 1 deletion(-) diff --git a/lib/checknullpointer.cpp b/lib/checknullpointer.cpp index 8657a6468..5a96947f2 100644 --- a/lib/checknullpointer.cpp +++ b/lib/checknullpointer.cpp @@ -403,8 +403,15 @@ bool CheckNullPointer::isPointerDeRef(const Token *tok, bool &unknown, const Sym if (Token::Match(tok->previous(), "!|& %var%")) return false; + // OK to check pointer in "= p ? : " + if (Token::Match(tok->next(),"?") && + (Token::Match(tok->previous(), "return|throw|;|{|}|:|[|(|,") || tok->previous()->isAssignmentOp())) + return false; + // OK to pass pointer to function - if (Token::Match(tok->previous(), "[(,] %var% [,)]")) + if (Token::Match(tok->previous(), "[(,] %var% [,)]") && + (!Token::Match(tok->previous(), "( %var%") || + Token::Match(tok->tokAt(-2), "%var% ( %var%"))) return false; // Compare pointer diff --git a/test/testnullpointer.cpp b/test/testnullpointer.cpp index 790c32bac..c58a32063 100644 --- a/test/testnullpointer.cpp +++ b/test/testnullpointer.cpp @@ -595,6 +595,28 @@ private: "}\n"); ASSERT_EQUALS("", errout.str()); + check("void f() {\n" + " int * a=0;\n" + " if (!a) {};\n" + " int c = a ? 0 : 1;\n" + "}\n",true); + ASSERT_EQUALS("", errout.str()); + + // #3686 + check("void f() {\n" + " int * a=0;\n" + " if (!a) {};\n" + " int c = a ? b : b+1;\n" + "}\n",true); + ASSERT_EQUALS("", errout.str()); + + check("void f() {\n" + " int * a=0;\n" + " if (!a) {};\n" + " int c = (a) ? b : b+1;\n" + "}\n",true); + ASSERT_EQUALS("", errout.str()); + check("void foo(P *p)\n" "{\n" " while (p)\n"