From b5e023a46cec986c9bfdbd2cf5bb9b8e08d544e3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20Marjam=C3=A4ki?= <daniel.marjamaki@gmail.com>
Date: Tue, 29 Apr 2014 20:09:11 +0200
Subject: [PATCH] Fixed #5472 (sizeof not handled as operator with respect to
 null pointer dereference)

---
 lib/valueflow.cpp      | 8 ++++++++
 test/testvalueflow.cpp | 6 ++++++
 2 files changed, 14 insertions(+)

diff --git a/lib/valueflow.cpp b/lib/valueflow.cpp
index a3bb2f479..11ccc542e 100644
--- a/lib/valueflow.cpp
+++ b/lib/valueflow.cpp
@@ -409,6 +409,14 @@ static void valueFlowBeforeCondition(TokenList *tokenlist, ErrorLogger *errorLog
                     break;
                 }
 
+                if (Token::Match(tok2->previous(), "sizeof|.")) {
+                    const Token *prev = tok2->previous();
+                    while (Token::Match(prev,"%var%|.") && prev->str() != "sizeof")
+                        prev = prev->previous();
+                    if (Token::Match(prev,"sizeof"))
+                        continue;
+                }
+
                 // assigned by subfunction?
                 bool inconclusive = false;
                 if (bailoutFunctionPar(tok2,val2.condition ? val2 : val, settings, &inconclusive)) {
diff --git a/test/testvalueflow.cpp b/test/testvalueflow.cpp
index 3b6089bcd..0637128ba 100644
--- a/test/testvalueflow.cpp
+++ b/test/testvalueflow.cpp
@@ -374,6 +374,12 @@ private:
                "    if (x==63){}\n"
                "}";
         ASSERT_EQUALS(false, testValueOfX(code, 2U, 63));
+
+        code = "void f(int *x) {\n"
+               "    char a[sizeof x.y];\n"
+               "    if (x==0){}\n"
+               "}";
+        ASSERT_EQUALS(false, testValueOfX(code, 2U, 0));
     }
 
     void valueFlowBeforeConditionIfElse() { // bailout: if/else/etc