From 751a31ed91c2b181e05328f97c7ebd981c14465d Mon Sep 17 00:00:00 2001 From: Reijo Tomperi Date: Tue, 30 Jun 2009 00:42:46 +0300 Subject: [PATCH] Fix ticket #445 (simple to avoid false positive for buffer overflow) http://sourceforge.net/apps/trac/cppcheck/ticket/445 Simple bailout in case "if" is found inside the for-loop. --- src/checkbufferoverrun.cpp | 6 ++++++ test/testbufferoverrun.cpp | 15 ++++++++++++++- 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/src/checkbufferoverrun.cpp b/src/checkbufferoverrun.cpp index 430fd149c..6d2f68c85 100644 --- a/src/checkbufferoverrun.cpp +++ b/src/checkbufferoverrun.cpp @@ -249,6 +249,12 @@ void CheckBufferOverrunClass::CheckBufferOverrun_CheckScope(const Token *tok, co break; } + if (tok2->str() == "if") + { + // Bailout + break; + } + if (Token::Match(tok2, pattern.str().c_str())) { bufferOverrun(tok2); diff --git a/test/testbufferoverrun.cpp b/test/testbufferoverrun.cpp index 4ee0694b4..6cced3eb9 100644 --- a/test/testbufferoverrun.cpp +++ b/test/testbufferoverrun.cpp @@ -82,6 +82,7 @@ private: TEST_CASE(array_index_10); TEST_CASE(array_index_11); TEST_CASE(array_index_12); + TEST_CASE(array_index_13); TEST_CASE(buffer_overrun_1); TEST_CASE(buffer_overrun_2); @@ -417,7 +418,19 @@ private: ASSERT_EQUALS("[test.cpp:10]: (all) Array index out of bounds\n", errout.str()); } - + void array_index_13() + { + check("void f()\n" + "{\n" + " char buf[10];\n" + " for (int i = 0; i < 100; i++)\n" + " {\n" + " if (i < 10)\n" + " int x = buf[i];\n" + " }\n" + "}\n"); + ASSERT_EQUALS("", errout.str()); + } void buffer_overrun_1() {