From 772b8cc37de2e56998d352bceca57cdd7b9d568c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20Marjam=C3=A4ki?= <daniel.marjamaki@gmail.com>
Date: Sun, 18 Dec 2011 08:12:42 +0100
Subject: [PATCH] Array index out of bounds: Avoid false positives when there
 are duplicate names for structs

---
 lib/checkbufferoverrun.cpp | 12 ++++++++++++
 test/testbufferoverrun.cpp | 14 ++++++++++++++
 2 files changed, 26 insertions(+)

diff --git a/lib/checkbufferoverrun.cpp b/lib/checkbufferoverrun.cpp
index 8dde61b1a..90fcb1c4d 100644
--- a/lib/checkbufferoverrun.cpp
+++ b/lib/checkbufferoverrun.cpp
@@ -1405,6 +1405,18 @@ void CheckBufferOverrun::checkStructVariable()
         if (!scope->isClassOrStruct())
             continue;
 
+        // are there duplicate names for classes/structs?
+        bool duplicateNames = false;
+        for (std::list<Scope>::const_iterator scope2 = symbolDatabase->scopeList.begin(); scope2 != symbolDatabase->scopeList.end(); ++scope2) {
+            if (scope2 != scope && scope2->isClassOrStruct() && scope2->className == scope->className) {
+                duplicateNames = true;
+                break;
+            }
+        }
+        // TODO: handle duplicate names better (TestBufferOverrun::array_index_41)
+        if (duplicateNames)
+            continue;
+
         // check all variables to see if they are arrays
         std::list<Variable>::const_iterator var;
         for (var = scope->varlist.begin(); var != scope->varlist.end(); ++var) {
diff --git a/test/testbufferoverrun.cpp b/test/testbufferoverrun.cpp
index f29e69752..1313ea8c4 100644
--- a/test/testbufferoverrun.cpp
+++ b/test/testbufferoverrun.cpp
@@ -110,6 +110,7 @@ private:
         TEST_CASE(array_index_38); // ticket #3273
         TEST_CASE(array_index_39);
         TEST_CASE(array_index_40); // loop variable calculation, taking address
+        TEST_CASE(array_index_41); // structs with the same name
         TEST_CASE(array_index_multidim);
         TEST_CASE(array_index_switch_in_for);
         TEST_CASE(array_index_for_in_for);   // FP: #2634
@@ -1319,6 +1320,19 @@ private:
         ASSERT_EQUALS("", errout.str());
     }
 
+    void array_index_41() {
+        // Don't generate false positives when structs have the same name
+        check("void a() {\n"
+              "    struct Fred { char data[6]; } fred;\n"
+              "    fred.data[4] = 0;\n"  // <- no error
+              "}\n"
+              "\n"
+              "void b() {\n"
+              "    struct Fred { char data[3]; } fred;\n"
+              "}\n");
+        ASSERT_EQUALS("", errout.str());
+    }
+
     void array_index_multidim() {
         check("void f()\n"
               "{\n"