CheckBufferOverrun: Detect overflows when buffer is allocated with alloca

lib/checkbufferoverrun.cpp

@@ -1302,7 +1302,7 @@ void CheckBufferOverrun::checkGlobalAndLocalVariable()
             varid = tok->next()->varId();
             nextTok = 4;
         }
-        else if (indentlevel > 0 && Token::Match(tok, "[*;{}] %var% = malloc ( %num% ) ;"))
+        else if (indentlevel > 0 && Token::Match(tok, "[*;{}] %var% = malloc|alloca ( %num% ) ;"))
         {
             size = MathLib::toLongNumber(tok->strAt(5));
             type = "char";   // minimum type, typesize=1

test/testbufferoverrun.cpp

@@ -187,6 +187,7 @@ private:
         TEST_CASE(alloc1);    // Buffer allocated with new
         TEST_CASE(alloc2);    // Buffer allocated with malloc
         TEST_CASE(alloc3);    // statically allocated buffer
+        TEST_CASE(alloc4);    // Buffer allocated with alloca
         TEST_CASE(malloc_memset);	// using memset on buffer allocated with malloc
 
         TEST_CASE(memset1);
@@ -2478,6 +2479,17 @@ private:
         ASSERT_EQUALS("[test.cpp:4]: (error) Array 's[1]' index 10 out of bounds\n", errout.str());
     }
 
+    // data is allocated with alloca
+    void alloc4()
+    {
+        check("void foo()\n"
+              "{\n"
+              "    char *s = (char *)alloca(10);\n"
+              "    s[10] = 0;\n"
+              "}\n");
+        ASSERT_EQUALS("[test.cpp:4]: (error) Array 's[10]' index 10 out of bounds\n", errout.str());
+    }
+
     void malloc_memset()
     {
         check("void f() {\n"