sprintf: fixed false positives with "sprintf(buf, "%i", sizeof(buf));

2009-01-10 11:19:17 +00:00 · 2009-01-10 11:19:17 +00:00 · 985b8fa05f
parent 8842172821
commit 985b8fa05f
2 changed files with 12 additions and 1 deletions
--- a/src/checkother.cpp
+++ b/src/checkother.cpp
@ -355,7 +355,7 @@ void CheckOther::InvalidFunctionUsage()
                if (parlevel < 0)
                    break;
            }
-            else if (tok2->varId() == varid)
+            else if (parlevel == 0 && tok2->varId() == varid)
            {
                std::ostringstream ostr;
                ostr << _tokenizer->fileLine(tok2) << ": Overlapping data buffer " << tok2->str();
--- a/test/testother.cpp
+++ b/test/testother.cpp
@ -38,6 +38,7 @@ private:
        TEST_CASE(delete2);

        TEST_CASE(sprintf1);    // Dangerous usage of sprintf
+        TEST_CASE(sprintf2);
    }

    void check(const char code[])
@ -114,6 +115,16 @@ private:
                     "}\n");
        ASSERT_EQUALS(std::string("[test.cpp:4]: Overlapping data buffer buf\n"), errout.str());
    }
+
+    void sprintf2()
+    {
+        sprintfUsage("void foo()\n"
+                     "{\n"
+                     "    char buf[100];\n"
+                     "    sprintf(buf,\"%i\",sizeof(buf));\n"
+                     "}\n");
+        ASSERT_EQUALS(std::string(""), errout.str());
+    }
 };

 REGISTER_TEST(TestOther)