Uninitialized pointers: It's allowed to dereference uninitialized non-pointer variables
This commit is contained in:
parent
44a9c9b458
commit
765c824c6f
|
@ -1160,7 +1160,7 @@ void CheckOther::nullPointer()
|
||||||
nullPointerConditionalAssignment();
|
nullPointerConditionalAssignment();
|
||||||
}
|
}
|
||||||
|
|
||||||
static const Token *uninitvar_checkscope(const Token *tok, const unsigned int varid, bool &init)
|
static const Token *uninitvar_checkscope(const Token *tok, const unsigned int varid, bool &init, const bool pointer)
|
||||||
{
|
{
|
||||||
/* limit the checking in conditional code..
|
/* limit the checking in conditional code..
|
||||||
* int x;
|
* int x;
|
||||||
|
@ -1203,7 +1203,7 @@ static const Token *uninitvar_checkscope(const Token *tok, const unsigned int va
|
||||||
|
|
||||||
// Recursively check into the if ..
|
// Recursively check into the if ..
|
||||||
bool init2 = false;
|
bool init2 = false;
|
||||||
const Token *tokerr = uninitvar_checkscope(tok->next(), varid, init2);
|
const Token *tokerr = uninitvar_checkscope(tok->next(), varid, init2, pointer);
|
||||||
if (!limit && tokerr)
|
if (!limit && tokerr)
|
||||||
return tokerr;
|
return tokerr;
|
||||||
|
|
||||||
|
@ -1228,7 +1228,7 @@ static const Token *uninitvar_checkscope(const Token *tok, const unsigned int va
|
||||||
|
|
||||||
// there is no "if"..
|
// there is no "if"..
|
||||||
init2 = false;
|
init2 = false;
|
||||||
tokerr = uninitvar_checkscope(tok->next(), varid, init2);
|
tokerr = uninitvar_checkscope(tok->next(), varid, init2, pointer);
|
||||||
if (!limit && tokerr)
|
if (!limit && tokerr)
|
||||||
return tokerr;
|
return tokerr;
|
||||||
|
|
||||||
|
@ -1283,8 +1283,14 @@ static const Token *uninitvar_checkscope(const Token *tok, const unsigned int va
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (Token::Match(tok, "return| %varid% .|", varid))
|
if (tok->varId() == varid)
|
||||||
|
{
|
||||||
|
if (Token::simpleMatch(tok->previous(), "return"))
|
||||||
return tok;
|
return tok;
|
||||||
|
|
||||||
|
if (pointer && Token::simpleMatch(tok->next(), "."))
|
||||||
|
return tok;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -1309,6 +1315,9 @@ void CheckOther::uninitvar()
|
||||||
}
|
}
|
||||||
if (Token::Match(tok, "[{};] %type% *| %var% ;"))
|
if (Token::Match(tok, "[{};] %type% *| %var% ;"))
|
||||||
{
|
{
|
||||||
|
// if it's a pointer, dereferencing is forbidden
|
||||||
|
const bool pointer(tok->strAt(2) == std::string("*"));
|
||||||
|
|
||||||
// goto the variable
|
// goto the variable
|
||||||
tok = tok->tokAt(2);
|
tok = tok->tokAt(2);
|
||||||
if (tok->str() == "*")
|
if (tok->str() == "*")
|
||||||
|
@ -1320,7 +1329,7 @@ void CheckOther::uninitvar()
|
||||||
|
|
||||||
// check if variable is accessed uninitialized..
|
// check if variable is accessed uninitialized..
|
||||||
bool init = false;
|
bool init = false;
|
||||||
const Token *tokerr = uninitvar_checkscope(tok->next(), tok->varId(), init);
|
const Token *tokerr = uninitvar_checkscope(tok->next(), tok->varId(), init, pointer);
|
||||||
if (tokerr)
|
if (tokerr)
|
||||||
uninitvarError(tokerr, tok->str());
|
uninitvarError(tokerr, tok->str());
|
||||||
}
|
}
|
||||||
|
|
|
@ -933,6 +933,21 @@ private:
|
||||||
|
|
||||||
void uninitvar1()
|
void uninitvar1()
|
||||||
{
|
{
|
||||||
|
// dereferencing uninitialized pointer..
|
||||||
|
checkUninitVar("static void foo()\n"
|
||||||
|
"{\n"
|
||||||
|
" Foo *p;\n"
|
||||||
|
" p->abcd();\n"
|
||||||
|
"}\n");
|
||||||
|
ASSERT_EQUALS("[test.cpp:4]: (error) Uninitialized variable: p\n", errout.str());
|
||||||
|
|
||||||
|
checkUninitVar("static void foo()\n"
|
||||||
|
"{\n"
|
||||||
|
" Foo p;\n"
|
||||||
|
" p.abcd();\n"
|
||||||
|
"}\n");
|
||||||
|
ASSERT_EQUALS("", errout.str());
|
||||||
|
|
||||||
// if..
|
// if..
|
||||||
checkUninitVar("static void foo()\n"
|
checkUninitVar("static void foo()\n"
|
||||||
"{\n"
|
"{\n"
|
||||||
|
|
Loading…
Reference in New Issue