Array index overrun: Improved the checking of class variables

2008-11-16 18:21:46 +00:00 · 2008-11-16 18:21:46 +00:00 · 2dd4dba90e
parent 15b5d0abc7
commit 2dd4dba90e
2 changed files with 30 additions and 6 deletions
--- a/CheckBufferOverrun.cpp
+++ b/CheckBufferOverrun.cpp
@ -377,9 +377,6 @@ void CheckBufferOverrunClass::CheckBufferOverrun_StructVariable()
            if ( Match(tok2, "}") )
                break;

-            if (!Match(tok2,"[;{,(]"))
-                continue;
-
            int ivar = 0;
            if ( Match(tok2->next, "%type% %var% [ %num% ] ;") )
                ivar = 2;
@ -398,6 +395,30 @@ void CheckBufferOverrunClass::CheckBufferOverrun_StructVariable()
            int total_size = arrsize * _tokenizer->SizeOfType(tok2->next->str);
            if (total_size == 0)
                continue;
+
+
+            // Class member variable => Check functions
+            if ( Match(tok, "class") )
+            {
+                std::string func_pattern(structname + std::string(" :: %var% ("));
+                const TOKEN *tok3 = findmatch(_tokenizer->tokens(), func_pattern.c_str());
+                while ( tok3 )
+                {
+                    for ( const TOKEN *tok4 = tok3; tok4; tok4 = tok4->next )
+                    {
+                        if ( Match(tok4,"[;{}]") )
+                            break;
+
+                        if ( Match(tok4, ") {") )
+                        {
+                            const char *names[2] = {varname[1], 0};
+                            CheckBufferOverrun_CheckScope( Tokenizer::gettok(tok4, 2), names, arrsize, total_size );
+                            break;
+                        }
+                    }
+                    tok3 = findmatch(tok3->next, func_pattern.c_str());
+                }
+            }

            for ( const TOKEN *tok3 = _tokenizer->tokens(); tok3; tok3 = tok3->next )
            {
@ -451,6 +472,8 @@ void CheckBufferOverrunClass::CheckBufferOverrun_StructVariable()
    }
 }
 //---------------------------------------------------------------------------
+
+

 void CheckBufferOverrunClass::CheckBufferOverrun()
 {
--- a/testbufferoverrun.cpp
+++ b/testbufferoverrun.cpp
@ -77,7 +77,7 @@ private:
        TEST_CASE( array_index_9 );
        TEST_CASE( array_index_10 );
        TEST_CASE( array_index_11 );
-        //TEST_CASE( array_index_12 );
+        TEST_CASE( array_index_12 );

        TEST_CASE( buffer_overrun_1 );
        TEST_CASE( buffer_overrun_2 );
@ -323,8 +323,9 @@ private:
               "Fred::Fred()\n"
               "{\n"
               "    str[10] = 0;\n"
-               "}\n" );
-        ASSERT_EQUALS( std::string("[test.cpp:5]: Array index out of bounds\n"), errout.str() );
+               "}\n" );
+        std::string err( errout.str() );
+        ASSERT_EQUALS( std::string("[test.cpp:10]: Array index out of bounds\n"), err );
    }