add CERT STR11-C check (#1902)

* add CERT STR11-C check

* fix some logical checks

* fix merge issue

* update str11 check

addons/cert.py

@@ -278,6 +278,39 @@ def str07(data):
             continue
         reportError(token, 'style', 'Use the bounds-checking interfaces %s_s()' % (token.str), 'STR07-C')
 
+# STR11-C
+# Do not specify the bound of a character array initialized with a string literal
+def str11(data):
+    for token in data.tokenlist:
+        if not token.isString:
+            continue
+
+        strlen = token.strlen
+        parent = token.astParent
+
+        if parent is None:
+            continue
+        parentOp1 = parent.astOperand1
+        if parentOp1 is None or parentOp1.str!='[':
+            continue
+
+        if not parent.isAssignmentOp:
+            continue
+            
+        varToken = parentOp1.astOperand1
+        if varToken is None or not varToken.isName:
+            continue
+        if varToken.variable is None:
+            continue
+        if varToken != varToken.variable.nameToken:
+            continue
+        valueToken = parentOp1.astOperand2
+        if valueToken is None:
+            continue
+            
+        if valueToken.isNumber and int(valueToken.str)==strlen:
+            reportError(valueToken, 'style', 'Do not specify the bound of a character array initialized with a string literal', 'STR11-C')
+
 for arg in sys.argv[1:]:
     if arg == '-verify':
         VERIFY = True
@@ -307,6 +340,7 @@ for arg in sys.argv[1:]:
         str03(cfg)
         str05(cfg)
         str07(cfg)
+        str11(cfg)
         msc30(cfg)
 
     if VERIFY:

addons/test/cert-test.c

@@ -102,3 +102,10 @@ void str07(char *buf, const char *newBuf)
     strcat(buf, newBuf); //cert-STR07-C
     strcpy(str, newBuf); //cert-STR07-C
 }
+
+void str11()
+{
+    const char str[3]="abc";    //cert-STR11-C
+    const char *x[10]; x[3]="def";
+}
+