CheckBufferOverrun: Fixed minsize checking of string literals. Check sizeof string instead of strlen.
This commit is contained in:
parent
25846cf223
commit
5de1e35350
|
@ -1540,7 +1540,13 @@ void CheckBufferOverrun::checkStringArgument()
|
|||
const std::list<Library::ArgumentChecks::MinSize> *minsizes = _settings->library.argminsizes(tok->str(), argnr);
|
||||
if (!minsizes)
|
||||
continue;
|
||||
if (checkMinSizes(*minsizes, tok, Token::getStrLength(argtok)+1U, nullptr))
|
||||
unsigned int sizeofstring = 1;
|
||||
for (unsigned int i = 0U; i < argtok->str().size(); i++) {
|
||||
if (argtok->str()[i] == '\\')
|
||||
++i;
|
||||
++sizeofstring;
|
||||
}
|
||||
if (checkMinSizes(*minsizes, tok, sizeofstring, nullptr))
|
||||
bufferOverrunError(argtok);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -3272,6 +3272,12 @@ private:
|
|||
"memcpy (&str2,str1,15);\n" // <-- strlen(str1) + 1 = 15
|
||||
"}");
|
||||
ASSERT_EQUALS("[test.cpp:4]: (error) Buffer is accessed out of bounds: str1\n", errout.str());
|
||||
|
||||
checkstd("void f() { \n"
|
||||
" char str[5];\n"
|
||||
" memcpy (str, \"\\0\\0\\0\\0\\0\", 5);\n"
|
||||
"}");
|
||||
ASSERT_EQUALS("", errout.str());
|
||||
}
|
||||
|
||||
void varid1() {
|
||||
|
|
Loading…
Reference in New Issue