From 935351c60147333f8ad47d854c48b7e819054985 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Marjam=C3=A4ki?= Date: Fri, 22 Jun 2012 09:10:30 +0200 Subject: [PATCH] Fixed #3895 (Improve check: double deallocation not detected (if-else)) --- lib/checkleakautovar.cpp | 5 ++++- lib/checkother.h | 2 +- test/testleakautovar.cpp | 13 +++++++++++++ 3 files changed, 18 insertions(+), 2 deletions(-) diff --git a/lib/checkleakautovar.cpp b/lib/checkleakautovar.cpp index 8b6853cc4..730b8cd47 100644 --- a/lib/checkleakautovar.cpp +++ b/lib/checkleakautovar.cpp @@ -22,6 +22,8 @@ #include "checkleakautovar.h" +#include "checkother.h" // <- doubleFreeError + #include "tokenize.h" #include "errorlogger.h" #include "symboldatabase.h" @@ -423,7 +425,8 @@ void CheckLeakAutoVar::functionCall(const Token *tok, VarInfo *varInfo, const st // possible usage possibleUsage[arg->varId()] = tok->str(); } else if (var->second == "dealloc") { - // double deallocation is reported by CheckOther::checkDoubleFree + CheckOther checkOther(_tokenizer, _settings, _errorLogger); + checkOther.doubleFreeError(tok, arg->str()); } else if (var->second != dealloc) { // mismatching allocation and deallocation mismatchError(tok, arg->str()); diff --git a/lib/checkother.h b/lib/checkother.h index ac2c35b87..001ba0ae0 100644 --- a/lib/checkother.h +++ b/lib/checkother.h @@ -234,6 +234,7 @@ public: /** @brief %Check for double free or double close operations */ void checkDoubleFree(); + void doubleFreeError(const Token *tok, const std::string &varname); private: // Error messages.. @@ -285,7 +286,6 @@ private: void bitwiseOnBooleanError(const Token *tok, const std::string &varname, const std::string &op); void comparisonOfBoolExpressionWithIntError(const Token *tok, bool n0o1); void SuspiciousSemicolonError(const Token *tok); - void doubleFreeError(const Token *tok, const std::string &varname); void doubleCloseDirError(const Token *tok, const std::string &varname); void moduloAlwaysTrueFalseError(const Token* tok, const std::string& maxVal); diff --git a/test/testleakautovar.cpp b/test/testleakautovar.cpp index 2de124b49..e770ddaec 100644 --- a/test/testleakautovar.cpp +++ b/test/testleakautovar.cpp @@ -49,6 +49,8 @@ private: TEST_CASE(deallocuse3); TEST_CASE(deallocuse4); + TEST_CASE(doublefree); + // exit TEST_CASE(exit1); TEST_CASE(exit2); @@ -240,6 +242,17 @@ private: ASSERT_EQUALS("[test.c:3]: (error) Returning/using deallocated pointer p\n", errout.str()); } + void doublefree() { // #3895 + check("void f(char *p) {\n" + " if (x)\n" + " free(p);\n" + " else\n" + " p = 0;\n" + " free(p);\n" + "}"); + ASSERT_EQUALS("[test.c:6]: (error) Memory pointed to by 'p' is freed twice.\n", errout.str()); + } + void exit1() { check("void f() {\n" " char *p = malloc(10);\n"