Array index overrun: Improved the checking of class variables
This commit is contained in:
Daniel Marjamäki
parent
15b5d0abc7
commit
2dd4dba90e
|
|
@ -377,9 +377,6 @@ void CheckBufferOverrunClass::CheckBufferOverrun_StructVariable()
|
||||||
if ( Match(tok2, "}") )
|
if ( Match(tok2, "}") )
|
||||||
break;
|
break;
|
||||||
|
|
||||||
if (!Match(tok2,"[;{,(]"))
|
|
||||||
continue;
|
|
||||||
|
|
||||||
int ivar = 0;
|
int ivar = 0;
|
||||||
if ( Match(tok2->next, "%type% %var% [ %num% ] ;") )
|
if ( Match(tok2->next, "%type% %var% [ %num% ] ;") )
|
||||||
ivar = 2;
|
ivar = 2;
|
||||||
|
|
@ -398,6 +395,30 @@ void CheckBufferOverrunClass::CheckBufferOverrun_StructVariable()
|
||||||
int total_size = arrsize * _tokenizer->SizeOfType(tok2->next->str);
|
int total_size = arrsize * _tokenizer->SizeOfType(tok2->next->str);
|
||||||
if (total_size == 0)
|
if (total_size == 0)
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
|
|
||||||
|
// Class member variable => Check functions
|
||||||
|
if ( Match(tok, "class") )
|
||||||
|
{
|
||||||
|
std::string func_pattern(structname + std::string(" :: %var% ("));
|
||||||
|
const TOKEN *tok3 = findmatch(_tokenizer->tokens(), func_pattern.c_str());
|
||||||
|
while ( tok3 )
|
||||||
|
{
|
||||||
|
for ( const TOKEN *tok4 = tok3; tok4; tok4 = tok4->next )
|
||||||
|
{
|
||||||
|
if ( Match(tok4,"[;{}]") )
|
||||||
|
break;
|
||||||
|
|
||||||
|
if ( Match(tok4, ") {") )
|
||||||
|
{
|
||||||
|
const char *names[2] = {varname[1], 0};
|
||||||
|
CheckBufferOverrun_CheckScope( Tokenizer::gettok(tok4, 2), names, arrsize, total_size );
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
tok3 = findmatch(tok3->next, func_pattern.c_str());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
for ( const TOKEN *tok3 = _tokenizer->tokens(); tok3; tok3 = tok3->next )
|
for ( const TOKEN *tok3 = _tokenizer->tokens(); tok3; tok3 = tok3->next )
|
||||||
{
|
{
|
||||||
|
|
@ -451,6 +472,8 @@ void CheckBufferOverrunClass::CheckBufferOverrun_StructVariable()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
void CheckBufferOverrunClass::CheckBufferOverrun()
|
void CheckBufferOverrunClass::CheckBufferOverrun()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -77,7 +77,7 @@ private:
|
||||||
TEST_CASE( array_index_9 );
|
TEST_CASE( array_index_9 );
|
||||||
TEST_CASE( array_index_10 );
|
TEST_CASE( array_index_10 );
|
||||||
TEST_CASE( array_index_11 );
|
TEST_CASE( array_index_11 );
|
||||||
//TEST_CASE( array_index_12 );
|
TEST_CASE( array_index_12 );
|
||||||
|
|
||||||
TEST_CASE( buffer_overrun_1 );
|
TEST_CASE( buffer_overrun_1 );
|
||||||
TEST_CASE( buffer_overrun_2 );
|
TEST_CASE( buffer_overrun_2 );
|
||||||
|
|
@ -323,8 +323,9 @@ private:
|
||||||
"Fred::Fred()\n"
|
"Fred::Fred()\n"
|
||||||
"{\n"
|
"{\n"
|
||||||
" str[10] = 0;\n"
|
" str[10] = 0;\n"
|
||||||
"}\n" );
|
"}\n" );
|
||||||
ASSERT_EQUALS( std::string("[test.cpp:5]: Array index out of bounds\n"), errout.str() );
|
std::string err( errout.str() );
|
||||||
|
ASSERT_EQUALS( std::string("[test.cpp:10]: Array index out of bounds\n"), err );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue