From 6da42a3d63f397da5b60d7c7a599a0742e4f8488 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20Marjam=C3=A4ki?= <daniel.marjamaki@gmail.com>
Date: Wed, 1 May 2019 13:00:14 +0200
Subject: [PATCH] Fixed #9112 (false positive: (error) Array index out of
 bounds; buffer 'x' is accessed at offset n.)

---
 lib/checkbufferoverrun.cpp |  2 +-
 test/testbufferoverrun.cpp | 13 +++++++++++++
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/lib/checkbufferoverrun.cpp b/lib/checkbufferoverrun.cpp
index b1df39f95..8497f090e 100644
--- a/lib/checkbufferoverrun.cpp
+++ b/lib/checkbufferoverrun.cpp
@@ -749,7 +749,7 @@ bool CheckBufferOverrun::isCtuUnsafeBufferUsage(const Check *check, const Token
     const CheckBufferOverrun *c = dynamic_cast<const CheckBufferOverrun *>(check);
     if (!c)
         return false;
-    if (!argtok->valueType())
+    if (!argtok->valueType() || argtok->valueType()->typeSize(*c->mSettings) == 0)
         return false;
     const Token *indexTok = nullptr;
     if (type == 1 && Token::Match(argtok, "%name% [") && argtok->astParent() == argtok->next() && !Token::simpleMatch(argtok->linkAt(1), "] ["))
diff --git a/test/testbufferoverrun.cpp b/test/testbufferoverrun.cpp
index 124912a38..fdd962015 100644
--- a/test/testbufferoverrun.cpp
+++ b/test/testbufferoverrun.cpp
@@ -4176,6 +4176,19 @@ private:
             "    foo(p+1);\n"
             "}");
         ASSERT_EQUALS("", errout.str());
+
+        // #9112
+        ctu("static void get_mac_address(const u8 *strbuf)\n"
+            "{\n"
+            "    (strbuf[2]);\n"
+            "}\n"
+            "\n"
+            "static void program_mac_address(u32 mem_base)\n"
+            "{\n"
+            "    u8 macstrbuf[17] = { 0 };\n"
+            "    get_mac_address(macstrbuf);\n"
+            "}");
+        ASSERT_EQUALS("", errout.str());
     }
 
     void ctu_variable() {