From b0b31feaddea2adb1a6a6b523e99f3774d779225 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Marjam=C3=A4ki?= Date: Sat, 5 Sep 2020 21:09:11 +0200 Subject: [PATCH] fix ubsan errors --- .github/workflows/asan.yml | 4 ++-- lib/exprengine.cpp | 2 ++ lib/valueflow.cpp | 10 +++++++++- 3 files changed, 13 insertions(+), 3 deletions(-) diff --git a/.github/workflows/asan.yml b/.github/workflows/asan.yml index 874bdb49a..3f49c58f5 100644 --- a/.github/workflows/asan.yml +++ b/.github/workflows/asan.yml @@ -33,7 +33,7 @@ jobs: run: | ./testrunner - - name: checkcfg + - name: Bughunting lib run: | - make checkcfg + ./cppcheck -D__CPPCHECK__ --bug-hunting -j$(nproc) lib diff --git a/lib/exprengine.cpp b/lib/exprengine.cpp index 0898db1aa..9050c2c1a 100644 --- a/lib/exprengine.cpp +++ b/lib/exprengine.cpp @@ -1910,6 +1910,8 @@ static ExprEngine::ValuePtr executeFunctionCall(const Token *tok, Data &data) static ExprEngine::ValuePtr executeArrayIndex(const Token *tok, Data &data) { + if (tok->tokType() == Token::eLambda) + throw ExprEngineException(tok, "FIXME: lambda"); const Token *tok2 = tok; while (Token::simpleMatch(tok2->astOperand1(), "[")) tok2 = tok2->astOperand1(); diff --git a/lib/valueflow.cpp b/lib/valueflow.cpp index 4b34b13f5..047d945b5 100644 --- a/lib/valueflow.cpp +++ b/lib/valueflow.cpp @@ -617,6 +617,10 @@ static void setTokenValue(Token* tok, const ValueFlow::Value &value, const Setti result.valueType = ValueFlow::Value::FLOAT; result.floatValue = floatValue1 - floatValue2; } else { + // Avoid overflow + if (value1.intvalue < 0 && value2.intvalue > value1.intvalue - LLONG_MIN) + break; + result.intvalue = value1.intvalue - value2.intvalue; } // If the bound comes from the second value then invert the bound @@ -781,8 +785,12 @@ static void setTokenValue(Token* tok, const ValueFlow::Value &value, const Setti if (!val.isIntValue() && !val.isFloatValue()) continue; ValueFlow::Value v(val); - if (v.isIntValue()) + if (v.isIntValue()) { + if (v.intvalue == LLONG_MIN) + // Value can't be inverted + continue; v.intvalue = -v.intvalue; + } else v.floatValue = -v.floatValue; v.invertBound();