walkero
/
cppcheck
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Another fix for 10728: Crash in CheckStl::checkDereferenceInvalidIterator2() (#3735) 

* Another fix for 10728: Crash in CheckStl::checkDereferenceInvalidIterator2()

* Format
This commit is contained in:
Paul Fultz II 2022-01-21 02:56:41 -06:00 committed by GitHub
parent 0737cc4d8c
commit 6c2b1f093d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lib/checkstl.cpp
View File

@ -2332,6 +2332,9 @@ void CheckStl::checkDereferenceInvalidIterator2()
} }
if (cValue) { if (cValue) {
const ValueFlow::Value& lValue = getLifetimeIteratorValue(tok, cValue->path); const ValueFlow::Value& lValue = getLifetimeIteratorValue(tok, cValue->path);
assert(cValue->isInconclusive() || value.isInconclusive() || lValue.isLifetimeValue());
if (!lValue.isLifetimeValue())
continue;
if (emptyAdvance) if (emptyAdvance)
outOfBoundsError(emptyAdvance, outOfBoundsError(emptyAdvance,
lValue.tokvalue->expressionString(), lValue.tokvalue->expressionString(),

12
test/teststl.cpp
View File

@ -705,6 +705,18 @@ private:
true); true);
ASSERT_EQUALS("test.cpp:4:error:Out of bounds access in expression 'd+c.length()' because 'buf' is empty.\n", ASSERT_EQUALS("test.cpp:4:error:Out of bounds access in expression 'd+c.length()' because 'buf' is empty.\n",
errout.str()); errout.str());
check("template<class Iterator>\n"
"void b(Iterator d) {\n"
" std::string c = \"a\";\n"
" sort(d, d + c.length());\n"
"}\n"
"void f() {\n"
" std::string buf;\n"
" b(buf.begin());\n"
"}\n",
true);
ASSERT_EQUALS("", errout.str());
} }
void outOfBoundsSymbolic() void outOfBoundsSymbolic()