Fix #995 (false positive: buffer access out of bounds when using fgets)
http://sourceforge.net/apps/trac/cppcheck/ticket/995
This commit is contained in:
parent
6417704577
commit
9bdf4502ed
|
@ -482,7 +482,7 @@ void CheckBufferOverrun::checkScope(const Token *tok, const char *varname[], con
|
||||||
MathLib::isInt(tok->strAt(4)))
|
MathLib::isInt(tok->strAt(4)))
|
||||||
{
|
{
|
||||||
size_t len = MathLib::toLongNumber(tok->strAt(4));
|
size_t len = MathLib::toLongNumber(tok->strAt(4));
|
||||||
if (len >= static_cast<size_t>(size))
|
if (len > static_cast<size_t>(size))
|
||||||
{
|
{
|
||||||
bufferOverrun(tok);
|
bufferOverrun(tok);
|
||||||
continue;
|
continue;
|
||||||
|
|
|
@ -779,14 +779,14 @@ private:
|
||||||
check("void f()\n"
|
check("void f()\n"
|
||||||
"{\n"
|
"{\n"
|
||||||
" char str[3];\n"
|
" char str[3];\n"
|
||||||
" fgets(str, 2, stdin);\n"
|
" fgets(str, 3, stdin);\n"
|
||||||
"}\n");
|
"}\n");
|
||||||
ASSERT_EQUALS("", errout.str());
|
ASSERT_EQUALS("", errout.str());
|
||||||
|
|
||||||
check("void f()\n"
|
check("void f()\n"
|
||||||
"{\n"
|
"{\n"
|
||||||
" char str[3];\n"
|
" char str[3];\n"
|
||||||
" fgets(str, 3, stdin);\n"
|
" fgets(str, 4, stdin);\n"
|
||||||
"}\n");
|
"}\n");
|
||||||
ASSERT_EQUALS("[test.cpp:4]: (error) Buffer access out-of-bounds\n", errout.str());
|
ASSERT_EQUALS("[test.cpp:4]: (error) Buffer access out-of-bounds\n", errout.str());
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue