From 111f4e17da57c59d23740e75b60002535e2fa266 Mon Sep 17 00:00:00 2001
From: chrchr-github <78114321+chrchr-github@users.noreply.github.com>
Date: Fri, 3 Jun 2022 13:11:54 +0200
Subject: [PATCH] Fix #11117 FP nullPointerArithmetic when adding 0 (#4167)

---
 lib/checknullpointer.cpp |  3 +++
 test/testnullpointer.cpp | 11 +++++++++++
 2 files changed, 14 insertions(+)

diff --git a/lib/checknullpointer.cpp b/lib/checknullpointer.cpp
index 56d256b0b..b10522b3a 100644
--- a/lib/checknullpointer.cpp
+++ b/lib/checknullpointer.cpp
@@ -475,6 +475,9 @@ void CheckNullPointer::arithmetic()
                 continue;
             if (numericOperand && numericOperand->valueType() && !numericOperand->valueType()->isIntegral())
                 continue;
+            const ValueFlow::Value* numValue = numericOperand ? numericOperand->getValue(0) : nullptr;
+            if (numValue && numValue->intvalue == 0) // don't warn for arithmetic with 0
+                continue;
             const ValueFlow::Value* value = pointerOperand->getValue(0);
             if (!value)
                 continue;
diff --git a/test/testnullpointer.cpp b/test/testnullpointer.cpp
index f2705009d..239be7e6e 100644
--- a/test/testnullpointer.cpp
+++ b/test/testnullpointer.cpp
@@ -4209,6 +4209,17 @@ private:
               "const char* get() const { return 0; }\n"
               "void f(foo x) { if (get()) x += get(); }");
         ASSERT_EQUALS("", errout.str());
+
+        check("typedef struct { uint8_t* buf, *buf_end; } S;\n" // #11117
+              "void f(S* s, uint8_t* buffer, int buffer_size) {\n"
+              "    if (buffer_size < 0) {\n"
+              "        buffer_size = 0;\n"
+              "        buffer = NULL;\n"
+              "    }\n"
+              "    s->buf = buffer;\n"
+              "    s->buf_end = s->buf + buffer_size;\n"
+              "}\n");
+        ASSERT_EQUALS("", errout.str());
     }
 
     void isPointerDeRefFunctionDecl() {