Fix 10321: Two flags confuse null pointer check (#3300)

This commit is contained in:
Paul Fultz II 2021-06-19 06:58:57 -05:00 committed by GitHub
parent eb7b225fc1
commit 5922d5178b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 49 additions and 9 deletions

View File

@ -249,16 +249,27 @@ static void fillProgramMemoryFromAssignments(ProgramMemory& pm, const Token* tok
if (indentlevel <= 0)
break;
--indentlevel;
if (Token::simpleMatch(tok2->previous(), "else {"))
tok2 = tok2->linkAt(-2)->previous();
}
if (tok2->str() == "}") {
const Token *cond = tok2->link();
cond = Token::simpleMatch(cond->previous(), ") {") ? cond->linkAt(-1) : nullptr;
if (cond && conditionIsFalse(cond->astOperand2(), state))
tok2 = cond->previous();
else if (cond && conditionIsTrue(cond->astOperand2(), state)) {
const Token *cond = getCondTokFromEnd(tok2);
const bool inElse = Token::simpleMatch(tok2->link()->previous(), "else {");
if (cond) {
if (conditionIsFalse(cond, state)) {
if (inElse) {
++indentlevel;
continue;
} else
}
tok2 = cond->astParent()->previous();
}
else if (conditionIsTrue(cond, state)) {
if (inElse)
tok2 = tok2->link()->tokAt(-2);
++indentlevel;
continue;
}
}
break;
}
}

View File

@ -112,6 +112,7 @@ private:
TEST_CASE(nullpointer69); // #8143
TEST_CASE(nullpointer70);
TEST_CASE(nullpointer71); // #10178
TEST_CASE(nullpointer72); // #10321
TEST_CASE(nullpointer_addressOf); // address of
TEST_CASE(nullpointerSwitch); // #2626
TEST_CASE(nullpointer_cast); // #4692
@ -2239,6 +2240,34 @@ private:
ASSERT_EQUALS("", errout.str());
}
void nullpointer72() {
check("void f(bool flag2, int* ptr) {\n"
" bool flag1 = true;\n"
" if (flag2) {\n"
" if (ptr != nullptr)\n"
" (*ptr)++;\n"
" else\n"
" flag1 = false;\n"
" }\n"
" if (flag1 && flag2)\n"
" (*ptr)++;\n"
"}\n");
ASSERT_EQUALS("", errout.str());
check("void f(bool flag2, int* ptr) {\n"
" bool flag1 = true;\n"
" if (flag2) {\n"
" if (ptr != nullptr)\n"
" (*ptr)++;\n"
" else\n"
" flag1 = false;\n"
" }\n"
" if (!flag1 && flag2)\n"
" (*ptr)++;\n"
"}\n");
ASSERT_EQUALS("[test.cpp:4] -> [test.cpp:10]: (warning) Either the condition 'ptr!=nullptr' is redundant or there is possible null pointer dereference: ptr.\n", errout.str());
}
void nullpointer_addressOf() { // address of
check("void f() {\n"
" struct X *x = 0;\n"