From 11858129d091e753d5ad09cbb2765faed0c51176 Mon Sep 17 00:00:00 2001
From: Reijo Tomperi <aggro80@users.sourceforge.net>
Date: Sat, 4 Apr 2009 21:05:48 +0300
Subject: [PATCH] Fix ticket #243 (boundary checking)
 http://apps.sourceforge.net/trac/cppcheck/ticket/243

---
 src/checkbufferoverrun.cpp |  6 +++---
 test/testbufferoverrun.cpp | 41 ++++++++++++++++++++++++++++----------
 2 files changed, 33 insertions(+), 14 deletions(-)

diff --git a/src/checkbufferoverrun.cpp b/src/checkbufferoverrun.cpp
index f6a35d6c1..5be8dbefa 100644
--- a/src/checkbufferoverrun.cpp
+++ b/src/checkbufferoverrun.cpp
@@ -206,11 +206,11 @@ void CheckBufferOverrunClass::CheckBufferOverrun_CheckScope(const Token *tok, co
             const Token *tok2 = tok->tokAt(2);
 
             // for - setup..
-            if (Token::Match(tok2, "%var% = 0 ;"))
+            if (Token::Match(tok2, "%var% = %any% ;"))
                 tok2 = tok2->tokAt(4);
-            else if (Token::Match(tok2, "%type% %var% = 0 ;"))
+            else if (Token::Match(tok2, "%type% %var% = %any% ;"))
                 tok2 = tok2->tokAt(5);
-            else if (Token::Match(tok2, "%type% %type% %var% = 0 ;"))
+            else if (Token::Match(tok2, "%type% %type% %var% = %any% ;"))
                 tok2 = tok2->tokAt(6);
             else
                 continue;
diff --git a/test/testbufferoverrun.cpp b/test/testbufferoverrun.cpp
index b99c532f0..5578b205d 100644
--- a/test/testbufferoverrun.cpp
+++ b/test/testbufferoverrun.cpp
@@ -230,13 +230,36 @@ private:
 
     void array_index_3()
     {
-        check("void f()\n"
-              "{\n"
-              "    int val[50];\n"
-              "    for (i = 0; i < 100; i++)\n"
-              "        sum += val[i];\n"
-              "}\n");
-        ASSERT_EQUALS(std::string("[test.cpp:5]: (all) Buffer overrun\n"), errout.str());
+        {
+            check("void f()\n"
+                  "{\n"
+                  "    int val[50];\n"
+                  "    for (i = 0; i < 100; i++)\n"
+                  "        sum += val[i];\n"
+                  "}\n");
+            ASSERT_EQUALS(std::string("[test.cpp:5]: (all) Buffer overrun\n"), errout.str());
+        }
+
+        {
+            check("void f()\n"
+                  "{\n"
+                  "    int val[50];\n"
+                  "    for (i = 1; i < 100; i++)\n"
+                  "        sum += val[i];\n"
+                  "}\n");
+            ASSERT_EQUALS(std::string("[test.cpp:5]: (all) Buffer overrun\n"), errout.str());
+        }
+
+
+        {
+            check("void f(int a)\n"
+                  "{\n"
+                  "    int val[50];\n"
+                  "    for (i = a; i < 100; i++)\n"
+                  "        sum += val[i];\n"
+                  "}\n");
+            ASSERT_EQUALS(std::string("[test.cpp:5]: (all) Buffer overrun\n"), errout.str());
+        }
     }
 
 
@@ -385,10 +408,6 @@ private:
         ASSERT_EQUALS(std::string("[test.cpp:10]: (all) Array index out of bounds\n"), err);
     }
 
-
-
-
-
     void buffer_overrun_1()
     {
         check("void f()\n"