From 78c7e3351f7e3821f8ca5229032d1153af3a91ef Mon Sep 17 00:00:00 2001 From: chrchr-github <78114321+chrchr-github@users.noreply.github.com> Date: Tue, 20 Jun 2023 10:55:14 +0200 Subject: [PATCH] Fix #11697 FP negativeContainerIndex after index is validated (#5172) --- lib/checkstl.cpp | 4 +++- lib/valueflow.cpp | 2 +- test/teststl.cpp | 22 ++++++++++++++++++++++ 3 files changed, 26 insertions(+), 2 deletions(-) diff --git a/lib/checkstl.cpp b/lib/checkstl.cpp index 4fdfaa305..a8254aefa 100644 --- a/lib/checkstl.cpp +++ b/lib/checkstl.cpp @@ -1326,7 +1326,9 @@ void CheckStl::negativeIndexError(const Token *tok, const ValueFlow::Value &inde << ", otherwise there is negative array index " << index.intvalue << "."; else errmsg << "Array index " << index.intvalue << " is out of bounds."; - reportError(errorPath, index.errorSeverity() ? Severity::error : Severity::warning, "negativeContainerIndex", errmsg.str(), CWE786, index.isInconclusive() ? Certainty::inconclusive : Certainty::normal); + const auto severity = index.errorSeverity() && index.isKnown() ? Severity::error : Severity::warning; + const auto certainty = index.isInconclusive() ? Certainty::inconclusive : Certainty::normal; + reportError(errorPath, severity, "negativeContainerIndex", errmsg.str(), CWE786, certainty); } void CheckStl::erase() diff --git a/lib/valueflow.cpp b/lib/valueflow.cpp index ad778b722..0ad1bb226 100644 --- a/lib/valueflow.cpp +++ b/lib/valueflow.cpp @@ -7217,7 +7217,7 @@ struct MultiValueFlowAnalyzer : ValueFlowAnalyzer { void addErrorPath(const Token* tok, const std::string& s) override { for (auto&& p:values) { - p.second.errorPath.emplace_back(tok, "Assuming condition is " + s); + p.second.errorPath.emplace_back(tok, s); } } diff --git a/test/teststl.cpp b/test/teststl.cpp index c7e28d283..c43191248 100644 --- a/test/teststl.cpp +++ b/test/teststl.cpp @@ -82,6 +82,7 @@ private: TEST_CASE(STLSize); TEST_CASE(STLSizeNoErr); TEST_CASE(negativeIndex); + TEST_CASE(negativeIndexMultiline); TEST_CASE(erase1); TEST_CASE(erase2); TEST_CASE(erase3); @@ -2324,7 +2325,28 @@ private: settings = oldSettings; } + void negativeIndexMultiline() { + setMultiline(); + const auto oldSettings = settings; + settings.verbose = true; + check("bool valid(int);\n" // #11697 + "void f(int i, const std::vector& v) {\n" + " if (!valid(i))\n" + " return;\n" + " if (v[i]) {}\n" + "}\n" + "void g(const std::vector& w) {\n" + " f(-1, w);\n" + "}\n"); + ASSERT_EQUALS("test.cpp:5:warning:Array index -1 is out of bounds.\n" + "test.cpp:8:note:Calling function 'f', 1st argument '-1' value is -1\n" + "test.cpp:3:note:Assuming condition is false\n" + "test.cpp:5:note:Negative array index\n", + errout.str()); + + settings = oldSettings; + } void erase1() { check("void f()\n"