Fix ticket #243 (boundary checking)

http://apps.sourceforge.net/trac/cppcheck/ticket/243
2009-04-04 21:05:48 +03:00 · 2009-04-04 21:05:48 +03:00 · 11858129d0
parent 07af9cf7c8
commit 11858129d0
2 changed files with 33 additions and 14 deletions
--- a/src/checkbufferoverrun.cpp
+++ b/src/checkbufferoverrun.cpp
@ -206,11 +206,11 @@ void CheckBufferOverrunClass::CheckBufferOverrun_CheckScope(const Token *tok, co
            const Token *tok2 = tok->tokAt(2);

            // for - setup..
-            if (Token::Match(tok2, "%var% = 0 ;"))
+            if (Token::Match(tok2, "%var% = %any% ;"))
                tok2 = tok2->tokAt(4);
-            else if (Token::Match(tok2, "%type% %var% = 0 ;"))
+            else if (Token::Match(tok2, "%type% %var% = %any% ;"))
                tok2 = tok2->tokAt(5);
-            else if (Token::Match(tok2, "%type% %type% %var% = 0 ;"))
+            else if (Token::Match(tok2, "%type% %type% %var% = %any% ;"))
                tok2 = tok2->tokAt(6);
            else
                continue;
--- a/test/testbufferoverrun.cpp
+++ b/test/testbufferoverrun.cpp
@ -230,13 +230,36 @@ private:

    void array_index_3()
    {
-        check("void f()\n"
-              "{\n"
-              "    int val[50];\n"
-              "    for (i = 0; i < 100; i++)\n"
-              "        sum += val[i];\n"
-              "}\n");
-        ASSERT_EQUALS(std::string("[test.cpp:5]: (all) Buffer overrun\n"), errout.str());
+        {
+            check("void f()\n"
+                  "{\n"
+                  "    int val[50];\n"
+                  "    for (i = 0; i < 100; i++)\n"
+                  "        sum += val[i];\n"
+                  "}\n");
+            ASSERT_EQUALS(std::string("[test.cpp:5]: (all) Buffer overrun\n"), errout.str());
+        }
+
+        {
+            check("void f()\n"
+                  "{\n"
+                  "    int val[50];\n"
+                  "    for (i = 1; i < 100; i++)\n"
+                  "        sum += val[i];\n"
+                  "}\n");
+            ASSERT_EQUALS(std::string("[test.cpp:5]: (all) Buffer overrun\n"), errout.str());
+        }
+
+
+        {
+            check("void f(int a)\n"
+                  "{\n"
+                  "    int val[50];\n"
+                  "    for (i = a; i < 100; i++)\n"
+                  "        sum += val[i];\n"
+                  "}\n");
+            ASSERT_EQUALS(std::string("[test.cpp:5]: (all) Buffer overrun\n"), errout.str());
+        }
    }


@ -385,10 +408,6 @@ private:
        ASSERT_EQUALS(std::string("[test.cpp:10]: (all) Array index out of bounds\n"), err);
    }

-
-
-
-
    void buffer_overrun_1()
    {
        check("void f()\n"