value flow: start implementing value flow analysis of assigned value

This commit is contained in:
Daniel Marjamäki 2014-01-21 21:13:49 +01:00
parent a84fdf98cc
commit a27ccbd0f8
3 changed files with 61 additions and 1 deletions

View File

@ -432,6 +432,45 @@ static void valueFlowBeforeCondition(TokenList *tokenlist, ErrorLogger *errorLog
}
}
static void valueFlowAfterAssign(TokenList *tokenlist, ErrorLogger *errorLogger, const Settings *settings)
{
for (Token *tok = tokenlist->front(); tok; tok = tok->next()) {
// Assignment
if ((tok->str() != "=") || (tok->astParent()))
continue;
// Rhs should be a variable
if (!tok->astOperand1() || !tok->astOperand1()->isName())
continue;
unsigned int varid = tok->astOperand1()->varId();
if (varid == 0U)
continue;
const Variable *var = tok->astOperand1()->variable();
if (!var || !var->isLocal())
continue;
// Lhs values..
if (!tok->astOperand2() || tok->astOperand2()->values.empty())
continue;
std::list<ValueFlow::Value> values = tok->astOperand2()->values;
for (Token *tok2 = tok; tok2; tok2 = tok2->next()) {
if (Token::Match(tok2, "[{}]"))
break;
if (Token::Match(tok2, "sizeof ("))
tok2 = tok2->linkAt(1);
if (tok2->varId() == varid) {
if (!Token::Match(tok2->previous(), "= %var% %cop%|;"))
break;
std::list<ValueFlow::Value>::const_iterator it;
for (it = values.begin(); it != values.end(); ++it)
setTokenValue(tok2, *it);
}
}
}
}
static void valueFlowForLoop(TokenList *tokenlist, ErrorLogger *errorLogger, const Settings *settings)
{
for (Token *tok = tokenlist->front(); tok; tok = tok->next()) {
@ -582,5 +621,6 @@ void ValueFlow::setValues(TokenList *tokenlist, ErrorLogger *errorLogger, const
valueFlowNumber(tokenlist);
valueFlowForLoop(tokenlist, errorLogger, settings);
valueFlowBeforeCondition(tokenlist, errorLogger, settings);
valueFlowAfterAssign(tokenlist, errorLogger, settings);
valueFlowSubFunction(tokenlist, errorLogger, settings);
}

View File

@ -1969,7 +1969,9 @@ private:
" std::string s5(p);\n"
" foo(std::string(p));\n"
"}", true);
ASSERT_EQUALS("[test.cpp:3]: (error) Null pointer dereference\n"
ASSERT_EQUALS("[test.cpp:7]: (error) Null pointer dereference\n"
"[test.cpp:8]: (error) Null pointer dereference\n"
"[test.cpp:3]: (error) Null pointer dereference\n"
"[test.cpp:4]: (error) Null pointer dereference\n"
"[test.cpp:5]: (error) Null pointer dereference\n"
"[test.cpp:6]: (error) Null pointer dereference\n"

View File

@ -51,6 +51,8 @@ private:
TEST_CASE(valueFlowBeforeConditionSwitch);
TEST_CASE(valueFlowBeforeConditionTernaryOp);
TEST_CASE(valueFlowAfterAssign);
TEST_CASE(valueFlowForLoop);
TEST_CASE(valueFlowSubFunction);
}
@ -454,6 +456,22 @@ private:
ASSERT_EQUALS("[test.cpp:3]: (debug) ValueFlow bailout: variable x stopping on goto label\n", errout.str());
}
void valueFlowAfterAssign() {
const char *code;
code = "void f() {\n"
" int x = 123;\n"
" a = x;\n"
"}";
ASSERT_EQUALS(true, testValueOfX(code, 3U, 123));
code = "void f() {\n"
" int x = 123;\n"
" a = sizeof(x);\n"
"}";
ASSERT_EQUALS(false, testValueOfX(code, 3U, 123));
}
void valueFlowForLoop() {
const char *code;