Fixed #4991: False Positive - Dangerous usage of 'arr' (not null-terminated)

2013-08-29 08:12:05 -03:00 · 2013-08-29 08:12:05 -03:00 · acd65a6829
parent 2950eb08cb
commit acd65a6829
2 changed files with 21 additions and 0 deletions
--- a/lib/checkuninitvar.cpp
+++ b/lib/checkuninitvar.cpp
@ -284,6 +284,9 @@ private:
                        if (!Token::Match(c->var->typeStartToken(), "char|wchar_t")) {
                            continue;
                        }
+                        if (Token::Match(tok->next(), "[")) { // Check if it's not being accesed like: 'str[1]'
+                            continue;
+                        }
                        checkUninitVar->uninitstringError(tok, c->var->name(), c->strncpy_);
                    } else if (c->var->isPointer() && !c->var->isArray() && c->alloc)
                        checkUninitVar->uninitdataError(tok, c->var->name());
--- a/test/testuninitvar.cpp
+++ b/test/testuninitvar.cpp
@ -46,6 +46,7 @@ private:
        TEST_CASE(uninitvar_strncpy);   // strncpy doesn't always null-terminate
        TEST_CASE(uninitvar_memset);    // not null-terminated
        TEST_CASE(uninitvar_memset_nonchar);
+        TEST_CASE(uninitvar_memset_char_access);
        TEST_CASE(uninitvar_func);      // analyse functions
        TEST_CASE(func_uninit_var);     // analyse function calls for: 'int a(int x) { return x+x; }'
        TEST_CASE(func_uninit_pointer); // analyse function calls for: 'void a(int *p) { *p = 0; }'
@ -1627,6 +1628,14 @@ private:
                       "    strncpy(str, buf, 10);\n"
                       "}");
        ASSERT_EQUALS("", errout.str());
+
+        checkUninitVar("void f() {\n"
+                       "  char dst[4];\n"
+                       "  const char* source = \"You\";\n"
+                       "  strncpy(dst, source, sizeof(dst));\n"
+                       "  char value = dst[2];\n"
+                       "}");
+        ASSERT_EQUALS("", errout.str());
    }

    // initialization with memset (not 0-terminating string)..
@ -1648,6 +1657,15 @@ private:
        ASSERT_EQUALS(errout.str(), "");
    }

+    void uninitvar_memset_char_access() {
+        checkUninitVar("void f() {\n"
+                       "    unsigned char c[10];\n"
+                       "    memset(c, 32, 10);\n"
+                       "    unsigned char value = c[3];\n"
+                       "}");
+        ASSERT_EQUALS(errout.str(), "");
+    }
+
    std::string analyseFunctions(const char code[]) {
        // Clear the error buffer..
        errout.str("");