From 75f2ab20e8bd0745c697aa29113a7815c35b08a1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Marjam=C3=A4ki?= Date: Thu, 17 Dec 2020 07:26:56 +0100 Subject: [PATCH] Bug hunting; void* => might point at uninitialized data --- lib/exprengine.cpp | 2 +- test/testexprengine.cpp | 10 ++++++++++ test/testvalueflow.cpp | 2 +- 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/lib/exprengine.cpp b/lib/exprengine.cpp index 20ca78621..7850d7269 100644 --- a/lib/exprengine.cpp +++ b/lib/exprengine.cpp @@ -2123,7 +2123,7 @@ static ExprEngine::ValuePtr executeCast(const Token *tok, Data &data) ::ValueType vt(*tok->valueType()); vt.pointer = 0; - auto range = getValueRangeFromValueType(&vt, data); + auto range = std::make_shared(); if (tok->valueType()->pointer == 0) return range; diff --git a/test/testexprengine.cpp b/test/testexprengine.cpp index 1cb1a5357..f868f1fdd 100644 --- a/test/testexprengine.cpp +++ b/test/testexprengine.cpp @@ -108,6 +108,7 @@ private: TEST_CASE(pointer1); TEST_CASE(pointer2); + TEST_CASE(pointer3); TEST_CASE(pointerAlias1); TEST_CASE(pointerAlias2); TEST_CASE(pointerAlias3); @@ -794,6 +795,15 @@ private: expr(code, "==")); } + void pointer3() { + const char code[] = "void f(void *p) {\n" + " double *data = (double *)p;\n" + " return *data;" + "}"; + ASSERT_EQUALS("[$1],[:]=?,null", getRange(code, "p")); + ASSERT_EQUALS("[$4],[:]=?,null", getRange(code, "data")); + } + void pointerAlias1() { ASSERT_EQUALS("3", getRange("int f() { int x; int *p = &x; x = 3; return *p; }", "return*p")); } diff --git a/test/testvalueflow.cpp b/test/testvalueflow.cpp index 7063f2a38..038b43b8a 100644 --- a/test/testvalueflow.cpp +++ b/test/testvalueflow.cpp @@ -5018,7 +5018,7 @@ private: void valueFlowIdempotent() { const char *code; - + code = "void f(bool a, bool b) {\n" " bool x = true;\n" " if (a)\n"