walkero
/
cppcheck
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

partial fix for #2960 (false negative: buffer access out of bounds)

This commit is contained in:
Robert Reif 2011-09-11 21:51:05 -04:00
parent 40009d091d
commit 3f517b5f23
2 changed files with 114 additions and 103 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lib/checkbufferoverrun.cpp
View File

@ -1511,7 +1511,7 @@ void CheckBufferOverrun::checkStructVariable()
if (func_scope->type != Scope::eFunction) if (func_scope->type != Scope::eFunction)
continue; continue;
// is this a member function of this class/struct? // check for member variables
if (func_scope->functionOf == &*scope) if (func_scope->functionOf == &*scope)
{ {
// only check non-empty function // only check non-empty function
@ -1523,9 +1523,6 @@ void CheckBufferOverrun::checkStructVariable()
} }
} }
// not a member function of this class/struct
else
{
// skip inner scopes.. // skip inner scopes..
/** @todo false negatives: handle inner scopes someday */ /** @todo false negatives: handle inner scopes someday */
if (scope->nestedIn->isClassOrStruct()) if (scope->nestedIn->isClassOrStruct())
@ -1651,7 +1648,6 @@ void CheckBufferOverrun::checkStructVariable()
} }
} }
} }
}
//--------------------------------------------------------------------------- //---------------------------------------------------------------------------
void CheckBufferOverrun::bufferOverrun() void CheckBufferOverrun::bufferOverrun()

15
test/testbufferoverrun.cpp
View File

@ -112,6 +112,7 @@ private:
TEST_CASE(array_index_33); // ticket #3044 TEST_CASE(array_index_33); // ticket #3044
TEST_CASE(array_index_34); // ticket #3063 TEST_CASE(array_index_34); // ticket #3063
TEST_CASE(array_index_35); // ticket #2889 TEST_CASE(array_index_35); // ticket #2889
TEST_CASE(array_index_36); // ticket #2960
TEST_CASE(array_index_multidim); TEST_CASE(array_index_multidim);
TEST_CASE(array_index_switch_in_for); TEST_CASE(array_index_switch_in_for);
TEST_CASE(array_index_for_in_for); // FP: #2634 TEST_CASE(array_index_for_in_for); // FP: #2634
@ -1281,6 +1282,20 @@ private:
ASSERT_EQUALS("", errout.str()); ASSERT_EQUALS("", errout.str());
} }
void array_index_36() // ticket #2960
{
check("class Fred {\n"
" Fred(const Fred &);\n"
"private:\n"
" bool m_b[2];\n"
"};\n"
"Fred::Fred(const Fred & rhs) {\n"
" m_b[2] = rhs.m_b[2];\n"
"}\n");
ASSERT_EQUALS("[test.cpp:7]: (error) Array 'm_b[2]' index 2 out of bounds\n"
"[test.cpp:7]: (error) Array 'rhs.m_b[2]' index 2 out of bounds\n", errout.str());
}
void array_index_multidim() void array_index_multidim()
{ {
check("void f()\n" check("void f()\n"