diff --git a/lib/checknullpointer.cpp b/lib/checknullpointer.cpp index 61e99e7b0..5ca5a3159 100644 --- a/lib/checknullpointer.cpp +++ b/lib/checknullpointer.cpp @@ -141,18 +141,24 @@ void CheckNullPointer::parseFunctionCall(const Token &tok, std::liststr() == "0") || (Token::Match(argListTok, "%var%") && argListTok->varId() > 0)) { var.push_back(argListTok); } } for (; argListTok; argListTok = argListTok->next()) { // Find next argument + if (argListTok->str() == "(") + argListTok = argListTok->link(); + if(argListTok == 0) + break; if (argListTok->str() == ",") { argListTok = argListTok->next(); break; } } + if(!argListTok) + break; percent = false; } } diff --git a/test/testnullpointer.cpp b/test/testnullpointer.cpp index f5fda9642..b7225d851 100644 --- a/test/testnullpointer.cpp +++ b/test/testnullpointer.cpp @@ -1406,8 +1406,38 @@ private: " printf(\"%s\", s);\n" "}"); ASSERT_EQUALS("", errout.str()); + + check("void f(char* foo) {\n" + " char location[200];\n" + " int width, height;\n" + " sscanf(imgInfo, \"%s %d %d\", location, &width, &height);\n" + "}"); + ASSERT_EQUALS("", errout.str()); // ticket #3207 + + check("void f(char *dummy) {\n" + " int iVal;\n" + " sscanf(dummy, \"%d%c\", &iVal);\n" + "}"); + ASSERT_EQUALS("", errout.str()); // ticket #3211 + + check("void f(char *dummy) {\n" + " int* iVal = 0;\n" + " sscanf(dummy, \"%d\", iVal);\n" + "}"); + ASSERT_EQUALS("[test.cpp:3]: (error) Possible null pointer dereference: iVal\n", errout.str()); + + check("void f(char *dummy) {\n" + " int* iVal;\n" + " sscanf(dummy, \"%d\", foo(iVal));\n" + "}"); + ASSERT_EQUALS("", errout.str()); + + check("void f(char *dummy) {\n" + " int* iVal = 0;\n" + " sscanf(dummy, \"%d%d\", foo(iVal), iVal);\n" + "}"); + ASSERT_EQUALS("[test.cpp:3]: (error) Possible null pointer dereference: iVal\n", errout.str()); } }; REGISTER_TEST(TestNullPointer) -