diff --git a/lib/checkother.cpp b/lib/checkother.cpp index cb93df782..21dd4aead 100644 --- a/lib/checkother.cpp +++ b/lib/checkother.cpp @@ -1265,11 +1265,15 @@ private: { if (Token::Match(tok.previous(), "[;{}=] %var% = 0 ;")) setnull(checks, tok.varId()); - else if (Token::Match(tok.tokAt(-2), "[;{}=] * %var%")) + else if (Token::Match(tok.tokAt(-2), "[;{}=+-/(,] * %var%")) + dereference(foundError, checks, &tok); + else if (Token::Match(tok.tokAt(-2), "return * %var%")) dereference(foundError, checks, &tok); else if (Token::Match(tok.next(), ". %var%")) dereference(foundError, checks, &tok); - else if (Token::Match(tok.previous(), "[;{}] %var% [ %num% ] =")) + else if (Token::Match(tok.previous(), "[;{}=+-/(,] %var% [ %any% ]")) + dereference(foundError, checks, &tok); + else if (Token::Match(tok.previous(), "return %var% [ %any% ]")) dereference(foundError, checks, &tok); else bailOutVar(checks, tok.varId()); @@ -1277,7 +1281,8 @@ private: if (Token::simpleMatch(&tok, "* 0")) { - if (Token::Match(tok.previous(), "[;{}=]")) + if (Token::Match(tok.previous(), "[;{}=+-/(,]") || + Token::simpleMatch(tok.previous(), "return")) { CheckOther *checkOther = dynamic_cast(owner); if (checkOther) diff --git a/test/testother.cpp b/test/testother.cpp index 29176b765..0cb17db2f 100644 --- a/test/testother.cpp +++ b/test/testother.cpp @@ -922,6 +922,13 @@ private: "}\n"); ASSERT_EQUALS("[test.cpp:4]: (error) Null pointer dereference\n", errout.str()); + checkNullPointer("static void foo(int x)\n" + "{\n" + " int *p = 0;\n" + " int y = 5 + *p;\n" + "}\n"); + ASSERT_EQUALS("[test.cpp:4]: (error) Null pointer dereference\n", errout.str()); + // no false positive.. checkNullPointer("static void foo()\n" "{\n"