CheckBufferOverrun: Better handling of functions with variable arguments

This commit is contained in:
Daniel Marjamäki 2012-09-22 16:19:19 +02:00
parent 458b8ce2cc
commit a17f37c67d
2 changed files with 17 additions and 0 deletions

View File

@ -605,6 +605,10 @@ void CheckBufferOverrun::checkFunctionParameter(const Token &tok, unsigned int p
if (!parameter || _tokenizer->sizeOfType(parameter->typeStartToken()) != arrayInfo.element_size())
return;
// Variable function arguments..
if (Token::simpleMatch(parameter->typeStartToken(), ". . ."))
return;
// Check the parameter usage in the function scope..
for (const Token* ftok = func->functionScope->classStart; ftok != func->functionScope->classEnd; ftok = ftok->next()) {
if (Token::Match(ftok, "if|for|while (")) {

View File

@ -112,6 +112,7 @@ private:
TEST_CASE(array_index_42);
TEST_CASE(array_index_43); // struct with array
TEST_CASE(array_index_44); // #3979
TEST_CASE(array_index_45); // #4207 - calling function with variable number of parameters (...)
TEST_CASE(array_index_multidim);
TEST_CASE(array_index_switch_in_for);
TEST_CASE(array_index_for_in_for); // FP: #2634
@ -1452,6 +1453,18 @@ private:
ASSERT_EQUALS("", errout.str());
}
void array_index_45() { // #4207 - handling of function with variable number of parameters
check("void f(const char *format, ...) {\n"
" va_args args;\n"
" va_start(args, format);\n"
"}\n"
"void test() {\n"
" CHAR buffer[1024];\n"
" f(\"%s\", buffer);\n"
"}\n");
ASSERT_EQUALS("", errout.str());
}
void array_index_multidim() {
check("void f()\n"
"{\n"