walkero
/
cppcheck
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Fixed #1787 (false negative: out of bounds in derived class)

This commit is contained in:
Robert Reif 2010-06-13 07:17:50 +02:00 committed by Daniel Marjamäki
parent 76221c0916
commit 18bb7488b9
4 changed files with 25 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib/checkbufferoverrun.cpp
View File

@ -1119,14 +1119,18 @@ void CheckBufferOverrun::checkGlobalAndLocalVariable()
void CheckBufferOverrun::checkStructVariable() void CheckBufferOverrun::checkStructVariable()
{ {
const char declstruct[] = "struct|class %var% {"; const char declstruct[] = "struct|class %var% {|:";
for (const Token *tok = Token::findmatch(_tokenizer->tokens(), declstruct); for (const Token *tok = Token::findmatch(_tokenizer->tokens(), declstruct);
tok; tok = Token::findmatch(tok->next(), declstruct)) tok; tok = Token::findmatch(tok->next(), declstruct))
{ {
const std::string &structname = tok->next()->str(); const std::string &structname = tok->next()->str();
const Token *tok2 = tok;
while (tok2->str() != "{")
tok2 = tok2->next();
// Found a struct declaration. Search for arrays.. // Found a struct declaration. Search for arrays..
for (const Token *tok2 = tok->tokAt(2); tok2; tok2 = tok2->next()) for (; tok2; tok2 = tok2->next())
{ {
// skip inner scopes.. // skip inner scopes..
if (tok2->next() && tok2->next()->str() == "{") if (tok2->next() && tok2->next()->str() == "{")

5
lib/checkclass.cpp
View File

@ -633,8 +633,11 @@ void CheckClass::privateFunctions()
if (!_settings->_checkCodingStyle) if (!_settings->_checkCodingStyle)
return; return;
const char pattern_class[] = "class|struct %var% {|:";
// Locate some class // Locate some class
for (const Token *tok1 = Token::findmatch(_tokenizer->tokens(), "class|struct %var% {"); tok1; tok1 = Token::findmatch(tok1->next(), "class|struct %var% {")) for (const Token *tok1 = Token::findmatch(_tokenizer->tokens(), pattern_class);
tok1; tok1 = Token::findmatch(tok1->next(), pattern_class))
{ {
/** @todo check that the whole class implementation is seen */ /** @todo check that the whole class implementation is seen */
// until the todo above is fixed we only check classes that are // until the todo above is fixed we only check classes that are

3
lib/tokenize.cpp
View File

@ -2910,11 +2910,10 @@ void Tokenizer::setVarId()
// class members.. // class members..
for (Token *tok = _tokens; tok; tok = tok->next()) for (Token *tok = _tokens; tok; tok = tok->next())
{ {
if (Token::Match(tok, "class %var% {")) if (Token::Match(tok, "class|struct %var% {|:"))
{ {
const std::string &classname(tok->next()->str()); const std::string &classname(tok->next()->str());
// What member variables are there in this class? // What member variables are there in this class?
std::map<std::string, unsigned int> varlist; std::map<std::string, unsigned int> varlist;
{ {

14
test/testbufferoverrun.cpp
View File

@ -124,6 +124,7 @@ private:
TEST_CASE(buffer_overrun_12); TEST_CASE(buffer_overrun_12);
TEST_CASE(buffer_overrun_13); TEST_CASE(buffer_overrun_13);
TEST_CASE(buffer_overrun_14); TEST_CASE(buffer_overrun_14);
TEST_CASE(buffer_overrun_15); // ticket #1787
TEST_CASE(sprintf1); TEST_CASE(sprintf1);
TEST_CASE(sprintf2); TEST_CASE(sprintf2);
@ -1624,6 +1625,19 @@ private:
ASSERT_EQUALS("[test.cpp:3]: (error) Buffer access out-of-bounds\n", errout.str()); ASSERT_EQUALS("[test.cpp:3]: (error) Buffer access out-of-bounds\n", errout.str());
} }
void buffer_overrun_15() // ticket #1787
{
check("class A : public B {\n"
" char val[12];\n"
" void f(int i, int ii);\n"
"};\n"
"void A::f(int i, int ii)\n"
"{\n"
" sprintf(val, \"drive_%d_partition_%d_size\", i, ii) ;\n"
"}\n");
ASSERT_EQUALS("[test.cpp:7]: (error) Buffer access out-of-bounds\n", errout.str());
}
void sprintf1() void sprintf1()
{ {
check("void f()\n" check("void f()\n"