walkero
/
cppcheck
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Avoid crash reported in #5943 (using the example from duplicate ticket #5971) 

Replace a few size_t/unsigned int by std::size_t
This commit is contained in:
amai2012 2014-07-06 14:48:24 +02:00
parent f1bf38004b
commit 0ddd7752b5
3 changed files with 24 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
lib/checkbufferoverrun.cpp
View File

@ -44,13 +44,13 @@ namespace {
static void makeArrayIndexOutOfBoundsError(std::ostream& oss, const CheckBufferOverrun::ArrayInfo &arrayInfo, const std::vector<MathLib::bigint> &index) static void makeArrayIndexOutOfBoundsError(std::ostream& oss, const CheckBufferOverrun::ArrayInfo &arrayInfo, const std::vector<MathLib::bigint> &index)
{ {
oss << "Array '" << arrayInfo.varname(); oss << "Array '" << arrayInfo.varname();
for (size_t i = 0; i < arrayInfo.num().size(); ++i) for (std::size_t i = 0; i < arrayInfo.num().size(); ++i)
oss << "[" << arrayInfo.num(i) << "]"; oss << "[" << arrayInfo.num(i) << "]";
if (index.size() == 1) if (index.size() == 1)
oss << "' accessed at index " << index[0] << ", which is"; oss << "' accessed at index " << index[0] << ", which is";
else { else {
oss << "' index " << arrayInfo.varname(); oss << "' index " << arrayInfo.varname();
for (size_t i = 0; i < index.size(); ++i) for (std::size_t i = 0; i < index.size(); ++i)
oss << "[" << index[i] << "]"; oss << "[" << index[i] << "]";
} }
oss << " out of bounds."; oss << " out of bounds.";
@ -67,19 +67,19 @@ void CheckBufferOverrun::arrayIndexOutOfBoundsError(const Token *tok, const Arra
std::ostringstream errmsg; std::ostringstream errmsg;
errmsg << "Array '" << arrayInfo.varname(); errmsg << "Array '" << arrayInfo.varname();
for (size_t i = 0; i < arrayInfo.num().size(); ++i) for (std::size_t i = 0; i < arrayInfo.num().size(); ++i)
errmsg << "[" << arrayInfo.num(i) << "]"; errmsg << "[" << arrayInfo.num(i) << "]";
if (index.size() == 1) if (index.size() == 1)
errmsg << "' accessed at index " << index[0].intvalue << ", which is out of bounds."; errmsg << "' accessed at index " << index[0].intvalue << ", which is out of bounds.";
else { else {
errmsg << "' index " << arrayInfo.varname(); errmsg << "' index " << arrayInfo.varname();
for (size_t i = 0; i < index.size(); ++i) for (std::size_t i = 0; i < index.size(); ++i)
errmsg << "[" << index[i].intvalue << "]"; errmsg << "[" << index[i].intvalue << "]";
errmsg << " out of bounds."; errmsg << " out of bounds.";
} }
const Token *condition = nullptr; const Token *condition = nullptr;
for (size_t i = 0; i < index.size(); ++i) { for (std::size_t i = 0; i < index.size(); ++i) {
if (condition == nullptr) if (condition == nullptr)
condition = index[i].condition; condition = index[i].condition;
} }
@ -324,11 +324,11 @@ void CheckBufferOverrun::checkFunctionParameter(const Token &ftok, unsigned int
return; return;
MathLib::bigint arraySize = arrayInfo.element_size(); MathLib::bigint arraySize = arrayInfo.element_size();
for (size_t i = 0; i < arrayInfo.num().size(); ++i) for (std::size_t i = 0; i < arrayInfo.num().size(); ++i)
arraySize *= arrayInfo.num(i); arraySize *= arrayInfo.num(i);
const Token *charSizeToken = nullptr; const Token *charSizeToken = nullptr;
if (checkMinSizes(*minsizes, &ftok, (size_t)arraySize, &charSizeToken)) if (checkMinSizes(*minsizes, &ftok, (std::size_t)arraySize, &charSizeToken))
bufferOverrunError(callstack, arrayInfo.varname()); bufferOverrunError(callstack, arrayInfo.varname());
if (charSizeToken) if (charSizeToken)
sizeArgumentAsCharError(charSizeToken); sizeArgumentAsCharError(charSizeToken);
@ -428,7 +428,7 @@ void CheckBufferOverrun::checkFunctionParameter(const Token &ftok, unsigned int
MathLib::bigint arraysize = arrayInfo.element_size(); MathLib::bigint arraysize = arrayInfo.element_size();
if (arraysize == 100) // unknown size if (arraysize == 100) // unknown size
arraysize = 0; arraysize = 0;
for (size_t i = 0; i < arrayInfo.num().size(); i++) for (std::size_t i = 0; i < arrayInfo.num().size(); i++)
arraysize *= arrayInfo.num(i); arraysize *= arrayInfo.num(i);
if (Token::Match(tok2, "[,)]") && arraysize > 0 && argsize > arraysize) if (Token::Match(tok2, "[,)]") && arraysize > 0 && argsize > arraysize)
@ -1274,7 +1274,7 @@ void CheckBufferOverrun::checkStructVariable()
ArrayInfo temp = arrayInfo; ArrayInfo temp = arrayInfo;
temp.declarationId(0); // do variable lookup by variable and member names rather than varid temp.declarationId(0); // do variable lookup by variable and member names rather than varid
std::string varnames; // use class and member name for messages std::string varnames; // use class and member name for messages
for (unsigned int k = 0; k < varname.size(); ++k) for (std::size_t k = 0; k < varname.size(); ++k)
varnames += (k == 0 ? "" : ".") + varname[k]; varnames += (k == 0 ? "" : ".") + varname[k];
temp.varname(varnames); temp.varname(varnames);
@ -1661,7 +1661,7 @@ CheckBufferOverrun::ArrayInfo CheckBufferOverrun::ArrayInfo::limit(MathLib::bigi
{ {
MathLib::bigint uvalue = std::max(MathLib::bigint(0), value); MathLib::bigint uvalue = std::max(MathLib::bigint(0), value);
MathLib::bigint n = 1; MathLib::bigint n = 1;
for (unsigned int i = 0; i < _num.size(); ++i) for (std::size_t i = 0; i < _num.size(); ++i)
n *= _num[i]; n *= _num[i];
if (uvalue > n) if (uvalue > n)
n = uvalue; n = uvalue;

2
lib/checknullpointer.cpp
View File

@ -214,7 +214,7 @@ bool CheckNullPointer::isPointerDeRef(const Token *tok, bool &unknown)
if (Token::Match(parent, "+|==|!=") || (parent->str() == "=" && !firstOperand)) { if (Token::Match(parent, "+|==|!=") || (parent->str() == "=" && !firstOperand)) {
if (parent->astOperand1() == tok && parent->astOperand2()) if (parent->astOperand1() == tok && parent->astOperand2())
ovar = parent->astOperand2()->variable(); ovar = parent->astOperand2()->variable();
else if (parent->astOperand2() == tok) else if (parent->astOperand1() && parent->astOperand2() == tok)
ovar = parent->astOperand1()->variable(); ovar = parent->astOperand1()->variable();
} }
if (ovar && !ovar->isPointer() && !ovar->isArray() && Token::Match(ovar->typeStartToken(), "std :: string|wstring !!::")) if (ovar && !ovar->isPointer() && !ovar->isArray() && Token::Match(ovar->typeStartToken(), "std :: string|wstring !!::"))

13
test/testuninitvar.cpp
View File

@ -67,6 +67,7 @@ private:
TEST_CASE(uninitvar2_while); TEST_CASE(uninitvar2_while);
TEST_CASE(uninitvar2_4494); // #4494 TEST_CASE(uninitvar2_4494); // #4494
TEST_CASE(uninitvar2_malloc); // malloc returns uninitialized data TEST_CASE(uninitvar2_malloc); // malloc returns uninitialized data
TEST_CASE(uninitvar7); // ticket #5971
TEST_CASE(syntax_error); // Ticket #5073 TEST_CASE(syntax_error); // Ticket #5073
@ -2635,6 +2636,18 @@ private:
ASSERT_EQUALS("[test.c:4]: (error) Uninitialized variable: ab\n", errout.str()); ASSERT_EQUALS("[test.c:4]: (error) Uninitialized variable: ab\n", errout.str());
} }
void uninitvar7() {
const char code[] = "void eDBauth_user() {\n"
" char *blid_cert;\n"
" if( ) {\n"
" blid_cert = ;\n"
" } \n"
"}\n";
// Assume dfs is a non POD type if file is C++
checkUninitVar2(code, "test.cpp");
}
// Handling of function calls // Handling of function calls
void uninitvar2_func() { void uninitvar2_func() {
// non-pointer variable // non-pointer variable