checkbufferoverrun: Refactorings

This commit is contained in:
Daniel Marjamäki 2010-03-09 12:04:22 +01:00
parent 2c210b8ff9
commit 5d68952bd2
1 changed files with 9 additions and 12 deletions

View File

@ -182,11 +182,8 @@ void CheckBufferOverrun::checkScope(const Token *tok, const std::vector<std::str
for (unsigned int i = 0; i < varname.size(); ++i) for (unsigned int i = 0; i < varname.size(); ++i)
varnames += (i == 0 ? "" : " . ") + varname[i]; varnames += (i == 0 ? "" : " . ") + varname[i];
unsigned int varc = varname.size(); const unsigned int varc(varname.empty() ? 0 : (varname.size() - 1) * 2);
if (varc == 0)
varc = 1;
varc = 2 * (varc - 1);
if (Token::Match(tok, "return")) if (Token::Match(tok, "return"))
{ {
tok = tok->next(); tok = tok->next();
@ -584,8 +581,8 @@ void CheckBufferOverrun::checkScope(const Token *tok, const std::vector<std::str
if ((varid > 0 && Token::Match(tok, "strcpy|strcat ( %varid% , %str% )", varid)) || if ((varid > 0 && Token::Match(tok, "strcpy|strcat ( %varid% , %str% )", varid)) ||
(varid == 0 && Token::Match(tok, ("strcpy|strcat ( " + varnames + " , %str% )").c_str()))) (varid == 0 && Token::Match(tok, ("strcpy|strcat ( " + varnames + " , %str% )").c_str())))
{ {
size_t len = Token::getStrLength(tok->tokAt(varc + 4)); long len = Token::getStrLength(tok->tokAt(varc + 4));
if (len >= static_cast<size_t>(total_size)) if (len < 0 || len >= total_size)
{ {
bufferOverrun(tok, varid > 0 ? "" : varnames.c_str()); bufferOverrun(tok, varid > 0 ? "" : varnames.c_str());
continue; continue;
@ -597,8 +594,8 @@ void CheckBufferOverrun::checkScope(const Token *tok, const std::vector<std::str
Token::Match(tok, "read|write ( %any% , %varid% , %num% )", varid) && Token::Match(tok, "read|write ( %any% , %varid% , %num% )", varid) &&
MathLib::isInt(tok->strAt(6))) MathLib::isInt(tok->strAt(6)))
{ {
size_t len = MathLib::toLongNumber(tok->strAt(6)); long len = MathLib::toLongNumber(tok->strAt(6));
if (len > static_cast<size_t>(total_size)) if (len < 0 || len > total_size)
{ {
bufferOverrun(tok); bufferOverrun(tok);
continue; continue;
@ -610,8 +607,8 @@ void CheckBufferOverrun::checkScope(const Token *tok, const std::vector<std::str
Token::Match(tok, "fgets ( %varid% , %num% , %any% )", varid) && Token::Match(tok, "fgets ( %varid% , %num% , %any% )", varid) &&
MathLib::isInt(tok->strAt(4))) MathLib::isInt(tok->strAt(4)))
{ {
size_t len = MathLib::toLongNumber(tok->strAt(4)); long len = MathLib::toLongNumber(tok->strAt(4));
if (len > static_cast<size_t>(total_size)) if (len < 0 || len > total_size)
{ {
bufferOverrun(tok); bufferOverrun(tok);
continue; continue;
@ -622,7 +619,7 @@ void CheckBufferOverrun::checkScope(const Token *tok, const std::vector<std::str
if (varid > 0 && Token::Match(tok, "strncat ( %varid% , %any% , %num% )", varid)) if (varid > 0 && Token::Match(tok, "strncat ( %varid% , %any% , %num% )", varid))
{ {
int n = MathLib::toLongNumber(tok->strAt(6)); int n = MathLib::toLongNumber(tok->strAt(6));
if (n >= total_size) if (n < 0 || n >= total_size)
strncatUsage(tok); strncatUsage(tok);
} }