From 9852ab86e937b739496425d67c9f8412617dca1b Mon Sep 17 00:00:00 2001 From: Reijo Tomperi Date: Fri, 5 Feb 2010 23:55:10 +0200 Subject: [PATCH] Fix #1358 (False negative: out-of-bounds not found near return) http://sourceforge.net/apps/trac/cppcheck/ticket/1358 --- lib/checkbufferoverrun.cpp | 6 ++++++ test/testbufferoverrun.cpp | 20 ++++++++++++++++++++ 2 files changed, 26 insertions(+) diff --git a/lib/checkbufferoverrun.cpp b/lib/checkbufferoverrun.cpp index 4408cc9d2..f60b3d7cb 100644 --- a/lib/checkbufferoverrun.cpp +++ b/lib/checkbufferoverrun.cpp @@ -160,6 +160,12 @@ void CheckBufferOverrun::checkScope(const Token *tok, const char *varname[], con varc = 1; varc = 2 * (varc - 1); + if (Token::Match(tok, "return")) + { + tok = tok->next(); + if (!tok) + return; + } // Array index.. if (varid > 0) diff --git a/test/testbufferoverrun.cpp b/test/testbufferoverrun.cpp index 1541096cd..bbcb1eddf 100644 --- a/test/testbufferoverrun.cpp +++ b/test/testbufferoverrun.cpp @@ -264,6 +264,13 @@ private: " str[16] = 0;\n" "}\n"); ASSERT_EQUALS("[test.cpp:5]: (error) Array 'str[16]' index 16 out of bounds\n", errout.str()); + + check("char f()\n" + "{\n" + " char str[16];\n" + " return str[16];\n" + "}\n"); + ASSERT_EQUALS("[test.cpp:4]: (error) Array 'str[16]' index 16 out of bounds\n", errout.str()); } @@ -526,6 +533,19 @@ private: " str[10] = 0;\n" "}\n"); ASSERT_EQUALS("[test.cpp:10]: (error) Array 'str[10]' index 10 out of bounds\n", errout.str()); + + check("class Fred\n" + "{\n" + "private:\n" + " char str[10];\n" + "public:\n" + " char c();\n" + "};\n" + "char Fred::c()\n" + "{\n" + " return str[10];\n" + "}\n"); + ASSERT_EQUALS("[test.cpp:10]: (error) Array 'str[10]' index 10 out of bounds\n", errout.str()); } void array_index_13()