Fix #2840, False positive: Null pointer dereference

http://sourceforge.net/apps/trac/cppcheck/ticket/2840
This commit is contained in:
Reijo Tomperi 2011-06-26 22:46:33 +03:00
parent ece3c7fa83
commit 382520ee9f
2 changed files with 23 additions and 1 deletions

View File

@ -103,7 +103,9 @@ void CheckNullPointer::parseFunctionCall(const Token &tok, std::list<const Token
{
if (functionNames1.find(tok.str()) != functionNames1.end())
var.push_back(tok.tokAt(2));
else if (value == 0 && Token::Match(&tok, "memchr|memcmp|memcpy|memmove|memset|strcpy|printf|sprintf|snprintf"))
else if (value == 0 && Token::Match(&tok, "memchr|memcmp|memcpy|memmove|memset|strcpy|printf|sprintf"))
var.push_back(tok.tokAt(2));
else if (value == 0 && Token::simpleMatch(&tok, "snprintf") && tok.strAt(4) != "0")
var.push_back(tok.tokAt(2));
else if (value != 0 && Token::simpleMatch(&tok, "fflush"))
var.push_back(tok.tokAt(2));

View File

@ -49,6 +49,8 @@ private:
TEST_CASE(pointerCheckAndDeRef); // check if pointer is null and then dereference it
TEST_CASE(nullConstantDereference); // Dereference NULL constant
TEST_CASE(gcc_statement_expression); // Don't crash
TEST_CASE(snprintf_with_zero_size);
TEST_CASE(snprintf_with_non_zero_size);
}
void check(const char code[])
@ -1175,6 +1177,24 @@ private:
"}");
ASSERT_EQUALS("", errout.str());
}
void snprintf_with_zero_size()
{
// Ticket #2840
check("void f() {\n"
" int bytes = snprintf(0, 0, \"%u\", 1);\n"
"}");
ASSERT_EQUALS("", errout.str());
}
void snprintf_with_non_zero_size()
{
// Ticket #2840
check("void f() {\n"
" int bytes = snprintf(0, 10, \"%u\", 1);\n"
"}");
ASSERT_EQUALS("[test.cpp:2]: (error) Null pointer dereference\n", errout.str());
}
};
REGISTER_TEST(TestNullPointer)