From 318f2e8a5733adb2e863dd229b8102bd6c4e2d06 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Marjam=C3=A4ki?= Date: Sat, 12 Feb 2011 11:31:10 +0100 Subject: [PATCH] Fixed #2561 (False positive on array index when using conditional operator) --- lib/checkbufferoverrun.cpp | 5 +++++ test/testbufferoverrun.cpp | 13 +++++++++++++ 2 files changed, 18 insertions(+) diff --git a/lib/checkbufferoverrun.cpp b/lib/checkbufferoverrun.cpp index 0df90e43d..a0f417975 100644 --- a/lib/checkbufferoverrun.cpp +++ b/lib/checkbufferoverrun.cpp @@ -464,6 +464,11 @@ void CheckBufferOverrun::parse_for_body(const Token *tok2, const ArrayInfo &arra break; } + // TODO: try to reduce false negatives. This is just a quick fix + // for TestBufferOverrun::array_index_for_question + if (tok2->str() == "?") + break; + if (Token::Match(tok2, "if|switch")) { if (bailoutIfSwitch(tok2, arrayInfo.varid)) diff --git a/test/testbufferoverrun.cpp b/test/testbufferoverrun.cpp index e065d2e87..d7137ee35 100644 --- a/test/testbufferoverrun.cpp +++ b/test/testbufferoverrun.cpp @@ -116,6 +116,7 @@ private: TEST_CASE(array_index_for_break); // FP: for,break TEST_CASE(array_index_for); // FN: for,if TEST_CASE(array_index_for_neq); // #2211: Using != in condition + TEST_CASE(array_index_for_question); // #2561: for, ?: TEST_CASE(buffer_overrun_1); TEST_CASE(buffer_overrun_2); @@ -1381,6 +1382,18 @@ private: ASSERT_EQUALS("[test.cpp:4]: (error) Buffer access out-of-bounds: a\n", errout.str()); } + void array_index_for_question() + { + // Ticket #2561 - using ?: inside for loop + check("void f() {\n" + " int a[10];\n" + " for (int i = 0; i != 10; ++i) {\n" + " i == 0 ? 0 : a[i-1];\n" + " }\n" + "}"); + ASSERT_EQUALS("", errout.str()); + } + void buffer_overrun_1() { check("void f()\n"