walkero
/
cppcheck
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Fix #9510: Crash in valueflow.cpp solveExprValues() (division by zero) (#2420) 

`break` if divider `intval` is 0 to avoid division by 0 as suggested by @pfultz2
Trac ticket: https://trac.cppcheck.net/ticket/9510
This commit is contained in:
Sebastian 2019-12-06 08:08:40 +01:00 committed by GitHub
parent f637d97080
commit 95e0b0d0f9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/valueflow.cpp
View File

@ -2990,6 +2990,8 @@ static const Token* solveExprValues(const Token* expr, std::list<ValueFlow::Valu
return solveExprValues(binaryTok, values); return solveExprValues(binaryTok, values);
} }
case '*': { case '*': {
if (intval == 0)
break;
transformIntValues(values, [&](MathLib::bigint x) { transformIntValues(values, [&](MathLib::bigint x) {
return x / intval; return x / intval;
}); });

11
test/testvalueflow.cpp
View File

@ -130,6 +130,8 @@ private:
TEST_CASE(valueFlowPointerAliasDeref); TEST_CASE(valueFlowPointerAliasDeref);
TEST_CASE(valueFlowCrashIncompleteCode); TEST_CASE(valueFlowCrashIncompleteCode);
TEST_CASE(valueFlowCrash);
} }
static bool isNotTokValue(const ValueFlow::Value &val) { static bool isNotTokValue(const ValueFlow::Value &val) {
@ -4343,6 +4345,15 @@ private:
"}\n"; "}\n";
valueOfTok(code, "0"); valueOfTok(code, "0");
} }
void valueFlowCrash() {
const char* code;
code = "void f(int x) {\n"
" if (0 * (x > 2)) {}\n"
"}\n";
valueOfTok(code, "x");
}
}; };
REGISTER_TEST(TestValueFlow) REGISTER_TEST(TestValueFlow)