Fixed Ticket #82 (detect buffer overrun; dynamic memory)

This commit is contained in:
Daniel Marjamäki 2009-03-16 18:11:09 +01:00
parent 1c74978a92
commit 0cc7672673
2 changed files with 29 additions and 0 deletions

View File

@ -443,6 +443,14 @@ void CheckBufferOverrunClass::CheckBufferOverrun_GlobalAndLocalVariable()
varid = tok->tokAt(1)->varId(); varid = tok->tokAt(1)->varId();
nextTok = 8; nextTok = 8;
} }
else if (indentlevel > 0 && Token::Match(tok, "[*;{}] %var% = malloc ( %num% ) ;"))
{
varname[0] = tok->strAt(1);
size = std::strtoul(tok->strAt(5), NULL, 10);
type = "char";
varid = tok->tokAt(1)->varId();
nextTok = 7;
}
else else
{ {
continue; continue;

View File

@ -101,6 +101,8 @@ private:
TEST_CASE(varid2); TEST_CASE(varid2);
TEST_CASE(assign1); TEST_CASE(assign1);
TEST_CASE(alloc); // Buffer allocated with new
} }
@ -545,6 +547,25 @@ private:
"}\n"); "}\n");
ASSERT_EQUALS(std::string("[test.cpp:5]: (all) Array index out of bounds\n"), errout.str()); ASSERT_EQUALS(std::string("[test.cpp:5]: (all) Array index out of bounds\n"), errout.str());
} }
void alloc()
{
check("void foo()\n"
"{\n"
" char *s = new char[10];\n"
" s[10] = 0;\n"
"}\n");
ASSERT_EQUALS(std::string("[test.cpp:4]: (all) Array index out of bounds\n"), errout.str());
check("void foo()\n"
"{\n"
" char *s = malloc(10);\n"
" s[10] = 0;\n"
"}\n");
ASSERT_EQUALS(std::string("[test.cpp:4]: (all) Array index out of bounds\n"), errout.str());
}
}; };
REGISTER_TEST(TestBufferOverrun) REGISTER_TEST(TestBufferOverrun)