From a17f37c67d0c6e8ec83913c61190b10ab7dc3480 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Marjam=C3=A4ki?= Date: Sat, 22 Sep 2012 16:19:19 +0200 Subject: [PATCH] CheckBufferOverrun: Better handling of functions with variable arguments --- lib/checkbufferoverrun.cpp | 4 ++++ test/testbufferoverrun.cpp | 13 +++++++++++++ 2 files changed, 17 insertions(+) diff --git a/lib/checkbufferoverrun.cpp b/lib/checkbufferoverrun.cpp index bc09e63dc..a21b5a135 100644 --- a/lib/checkbufferoverrun.cpp +++ b/lib/checkbufferoverrun.cpp @@ -605,6 +605,10 @@ void CheckBufferOverrun::checkFunctionParameter(const Token &tok, unsigned int p if (!parameter || _tokenizer->sizeOfType(parameter->typeStartToken()) != arrayInfo.element_size()) return; + // Variable function arguments.. + if (Token::simpleMatch(parameter->typeStartToken(), ". . .")) + return; + // Check the parameter usage in the function scope.. for (const Token* ftok = func->functionScope->classStart; ftok != func->functionScope->classEnd; ftok = ftok->next()) { if (Token::Match(ftok, "if|for|while (")) { diff --git a/test/testbufferoverrun.cpp b/test/testbufferoverrun.cpp index ec143082e..95b10eb10 100644 --- a/test/testbufferoverrun.cpp +++ b/test/testbufferoverrun.cpp @@ -112,6 +112,7 @@ private: TEST_CASE(array_index_42); TEST_CASE(array_index_43); // struct with array TEST_CASE(array_index_44); // #3979 + TEST_CASE(array_index_45); // #4207 - calling function with variable number of parameters (...) TEST_CASE(array_index_multidim); TEST_CASE(array_index_switch_in_for); TEST_CASE(array_index_for_in_for); // FP: #2634 @@ -1452,6 +1453,18 @@ private: ASSERT_EQUALS("", errout.str()); } + void array_index_45() { // #4207 - handling of function with variable number of parameters + check("void f(const char *format, ...) {\n" + " va_args args;\n" + " va_start(args, format);\n" + "}\n" + "void test() {\n" + " CHAR buffer[1024];\n" + " f(\"%s\", buffer);\n" + "}\n"); + ASSERT_EQUALS("", errout.str()); + } + void array_index_multidim() { check("void f()\n" "{\n"