From 696550abd3890faa6a2695788532b76d32bfdc48 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Marjam=C3=A4ki?= Date: Fri, 17 Dec 2010 21:09:12 +0100 Subject: [PATCH] Fixed #2299 (false positive: possible nullpointer dereference) --- lib/checknullpointer.cpp | 21 ++++++++++++++++++++- test/testnullpointer.cpp | 8 ++++++++ 2 files changed, 28 insertions(+), 1 deletion(-) diff --git a/lib/checknullpointer.cpp b/lib/checknullpointer.cpp index 766c0243c..88a6d8a29 100644 --- a/lib/checknullpointer.cpp +++ b/lib/checknullpointer.cpp @@ -315,7 +315,21 @@ void CheckNullPointer::nullPointerStructByDeRefAndChec() else if (Token::Match(tok1->tokAt(-2), "%var% ( %var% . %var%") || Token::Match(tok1->previous(), ", %var% . %var%")) { - + // Is the function return value taken by the pointer? + bool assignment = false; + const unsigned int varid1(tok1->varId()); + const Token *tok2 = tok1->previous(); + while (tok2 && !Token::Match(tok2, "[;{}]")) + { + if (Token::Match(tok2, "%varid% =", varid1)) + { + assignment = true; + break; + } + tok2 = tok2->previous(); + } + if (assignment) + continue; } // Goto next token @@ -399,6 +413,11 @@ void CheckNullPointer::nullPointerByDeRefAndChec() for (const Token *tok1 = tok->previous(); tok1 && tok1 != decltok; tok1 = tok1->previous()) { + if (tok1->str() == ")" && Token::Match(tok1->link()->tokAt(-3), "%varid% = %var%", varid)) + { + break; + } + if (tok1->varId() == varid) { bool unknown = false; diff --git a/test/testnullpointer.cpp b/test/testnullpointer.cpp index 1b12745ad..a355ac3c2 100644 --- a/test/testnullpointer.cpp +++ b/test/testnullpointer.cpp @@ -387,6 +387,14 @@ private: " ;\n" "}\n"); ASSERT_EQUALS("", errout.str()); + + check("void foo(x *p)\n" + "{\n" + " p = bar(p->next);\n" + " if (!p)\n" + " ;\n" + "}\n"); + ASSERT_EQUALS("", errout.str()); } void nullpointer5()