walkero
/
cppcheck
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

invalid pointer usage: broke out CheckOther::invalidPointer from the CheckOther::nullPointer (#485)

This commit is contained in:
Daniel Marjamäki 2009-07-21 12:09:58 +02:00
parent ce595dd5c7
commit 45f8560537
3 changed files with 113 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
src/checkother.cpp
View File

@ -1028,7 +1028,11 @@ void CheckOther::nullPointer()
tok2 = tok2->next(); tok2 = tok2->next();
} }
} }
}
void CheckOther::invalidPointer()
{
// Dereferencing a pointer and then checking if it's NULL.. // Dereferencing a pointer and then checking if it's NULL..
for (const Token *tok1 = _tokenizer->tokens(); tok1; tok1 = tok1->next()) for (const Token *tok1 = _tokenizer->tokens(); tok1; tok1 = tok1->next())
{ {
@ -1037,11 +1041,16 @@ void CheckOther::nullPointer()
if (std::string(tok1->strAt(1)) == tok1->strAt(3)) if (std::string(tok1->strAt(1)) == tok1->strAt(3))
continue; continue;
const unsigned int varid1(tok1->next()->varId());
tok1 = tok1->tokAt(3); tok1 = tok1->tokAt(3);
const unsigned int varid1(tok1->varId()); const unsigned int varid2(tok1->varId());
if (varid1 == 0) if (varid1 == 0 || varid2 == 0)
continue; continue;
// token where the variable is dereferenced..
const Token * dereferenced = 0;
unsigned int indentlevel2 = 0; unsigned int indentlevel2 = 0;
for (const Token *tok2 = tok1->tokAt(3); tok2; tok2 = tok2->next()) for (const Token *tok2 = tok1->tokAt(3); tok2; tok2 = tok2->next())
{ {
@ -1055,13 +1064,26 @@ void CheckOther::nullPointer()
--indentlevel2; --indentlevel2;
} }
else if (Token::Match(tok2, "%varid% =", varid1)) else if (Token::Match(tok2, "* %varid%", varid1))
dereferenced = tok2;
// Reassignment of the struct
else if (tok2->varId() == varid1)
{
if (Token::Match(tok2->next(), "="))
break;
if (Token::Match(tok2->tokAt(-2), "[,(] &"))
break;
}
// return at base level => stop checking
else if (indentlevel2 == 0 && tok2->str() == "return")
break; break;
else if (tok2->str() == "if") else if (dereferenced && tok2->str() == "if")
{ {
if (Token::Match(tok2, "if ( !| %varid% )", varid1)) if (Token::Match(tok2, "if ( !| %varid% )", varid2))
nullPointerError(tok1); invalidPointerError(dereferenced);
} }
} }
} }
@ -1167,6 +1189,11 @@ void CheckOther::nullPointerError(const Token *tok)
reportError(tok, Severity::error, "nullPointer", "Possible null pointer dereference"); reportError(tok, Severity::error, "nullPointer", "Possible null pointer dereference");
} }
void CheckOther::invalidPointerError(const Token *tok)
{
reportError(tok, Severity::error, "invalidPointer", "Possible invalid pointer dereference");
}
void CheckOther::zerodivError(const Token *tok) void CheckOther::zerodivError(const Token *tok)
{ {
reportError(tok, Severity::error, "zerodiv", "Division by zero"); reportError(tok, Severity::error, "zerodiv", "Division by zero");

7
src/checkother.h
View File

@ -72,6 +72,7 @@ public:
checkOther.strPlusChar(); checkOther.strPlusChar();
checkOther.invalidFunctionUsage(); checkOther.invalidFunctionUsage();
checkOther.nullPointer(); checkOther.nullPointer();
checkOther.invalidPointer();
checkOther.checkZeroDivision(); checkOther.checkZeroDivision();
} }
@ -111,6 +112,9 @@ public:
/** possible null pointer dereference */ /** possible null pointer dereference */
void nullPointer(); void nullPointer();
/** possible invalid pointer dereference */
void invalidPointer();
/** Check zero division*/ /** Check zero division*/
void checkZeroDivision(); void checkZeroDivision();
@ -141,6 +145,7 @@ private:
void conditionAlwaysTrueFalse(const Token *tok, const std::string &truefalse); void conditionAlwaysTrueFalse(const Token *tok, const std::string &truefalse);
void strPlusChar(const Token *tok); void strPlusChar(const Token *tok);
void nullPointerError(const Token *tok); void nullPointerError(const Token *tok);
void invalidPointerError(const Token *tok);
void zerodivError(const Token *tok); void zerodivError(const Token *tok);
void getErrorMessages() void getErrorMessages()
@ -163,6 +168,7 @@ private:
conditionAlwaysTrueFalse(0, "true/false"); conditionAlwaysTrueFalse(0, "true/false");
strPlusChar(0); strPlusChar(0);
nullPointerError(0); nullPointerError(0);
invalidPointerError(0);
zerodivError(0); zerodivError(0);
} }
@ -186,6 +192,7 @@ private:
" * condition that is always true/false\n" " * condition that is always true/false\n"
" * unusal pointer arithmetic. For example: \"abc\" + 'd'\n" " * unusal pointer arithmetic. For example: \"abc\" + 'd'\n"
" * dereferencing a null pointer\n" " * dereferencing a null pointer\n"
" * dereferencing an invalid pointer\n"
" * [[IncompleteStatement|Incomplete statement]]\n"; " * [[IncompleteStatement|Incomplete statement]]\n";
} }
}; };

78
test/testother.cpp
View File

@ -58,9 +58,8 @@ private:
TEST_CASE(nullpointer1); TEST_CASE(nullpointer1);
TEST_CASE(nullpointer2); TEST_CASE(nullpointer2);
TEST_CASE(nullpointer3);
TEST_CASE(nullpointer4); TEST_CASE(invalidpointer);
TEST_CASE(nullpointer5);
TEST_CASE(oldStylePointerCast); TEST_CASE(oldStylePointerCast);
} }
@ -447,32 +446,40 @@ private:
ASSERT_EQUALS("", errout.str()); ASSERT_EQUALS("", errout.str());
} }
void nullpointer3()
void checkInvalidPointer(const char code[])
{ {
checkNullPointer("void foo(struct ABC *abc)\n" // Tokenize..
Tokenizer tokenizer;
std::istringstream istr(code);
tokenizer.tokenize(istr, "test.cpp");
tokenizer.setVarId();
// Clear the error buffer..
errout.str("");
// Check for redundant code..
Settings settings;
settings._checkCodingStyle = true;
CheckOther checkOther(&tokenizer, &settings, this);
checkOther.invalidPointer();
}
void invalidpointer()
{
// errors..
checkInvalidPointer("void foo(struct ABC *abc)\n"
"{\n" "{\n"
" int *a = abc->a;\n" " int *a = abc->a;\n"
" *a;\n"
" if (!abc)\n" " if (!abc)\n"
" ;\n" " ;\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:3]: (error) Possible null pointer dereference\n", errout.str()); ASSERT_EQUALS("[test.cpp:4]: (error) Possible invalid pointer dereference\n", errout.str());
}
void nullpointer4()
{
checkNullPointer("void foo(struct ABC *abc)\n"
"{\n"
" int *a = abc->a;\n"
" if (abc)\n"
" ;\n"
"}\n");
ASSERT_EQUALS("[test.cpp:3]: (error) Possible null pointer dereference\n", errout.str());
}
void nullpointer5()
{
// ok dereferencing in a condition // ok dereferencing in a condition
checkNullPointer("void foo(struct ABC *abc)\n" checkInvalidPointer("void foo(struct ABC *abc)\n"
"{\n" "{\n"
" if (abc && abc->a);\n" " if (abc && abc->a);\n"
" if (!abc)\n" " if (!abc)\n"
@ -481,7 +488,7 @@ private:
ASSERT_EQUALS("", errout.str()); ASSERT_EQUALS("", errout.str());
// ok to use a linked list.. // ok to use a linked list..
checkNullPointer("void foo(struct ABC *abc)\n" checkInvalidPointer("void foo(struct ABC *abc)\n"
"{\n" "{\n"
" abc = abc->next;\n" " abc = abc->next;\n"
" if (!abc)\n" " if (!abc)\n"
@ -490,14 +497,39 @@ private:
ASSERT_EQUALS("", errout.str()); ASSERT_EQUALS("", errout.str());
// reassign struct.. // reassign struct..
checkNullPointer("void foo(struct ABC *abc)\n" checkInvalidPointer("void foo(struct ABC *abc)\n"
"{\n" "{\n"
" a = abc->a;\n" " a = abc->a;\n"
" *a;\n"
" abc = abc->next;\n" " abc = abc->next;\n"
" if (!abc)\n" " if (!abc)\n"
" ;\n" " ;\n"
"}\n"); "}\n");
ASSERT_EQUALS("", errout.str()); ASSERT_EQUALS("", errout.str());
checkInvalidPointer("void foo(struct ABC *abc)\n"
"{\n"
" a = abc->a;\n"
" *a;\n"
" f(&abc);\n"
" if (!abc)\n"
" ;\n"
"}\n");
ASSERT_EQUALS("", errout.str());
// goto..
checkInvalidPointer("void foo(struct ABC *abc)\n"
"{\n"
" if (!abc)\n"
" goto out;"
" a = abc->a;\n"
" *a;\n"
" return;\n"
"out:\n"
" if (!abc)\n"
" ;\n"
"}\n");
ASSERT_EQUALS("", errout.str());
} }
void checkOldStylePointerCast(const char code[]) void checkOldStylePointerCast(const char code[])