walkero
/
cppcheck
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Fixed #3163 (Out of bounds pointer arithmetic not reset)

This commit is contained in:
Daniel Marjamäki 2011-10-12 20:54:39 +02:00
parent 371871b0b7
commit b73896bcc5
2 changed files with 17 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
lib/checkbufferoverrun.cpp
View File

@ -912,11 +912,14 @@ void CheckBufferOverrun::checkScope(const Token *tok, const std::vector<std::str
break;
}
// reassign buffer => bailout
if (varid > 0 &&
Token::Match(tok, "[;{}] %varid% =", varid) &&
!Token::Match(tok->tokAt(3), "%varid%", varid))
break;
// reassign buffer
if (varid > 0 && Token::Match(tok, "[;{}] %varid% =", varid))
{
// using varid .. bailout
if (!Token::Match(tok->tokAt(3), "%varid%", varid))
break;
pointerIsOutOfBounds = false;
}
// Array index..
if ((varid > 0 && ((tok->str() == "return" || (!tok->isName() && !Token::Match(tok, "[.&]"))) && Token::Match(tok->next(), "%varid% [ %num% ]", varid))) ||

9
test/testbufferoverrun.cpp
View File

@ -2446,6 +2446,15 @@ private:
"}");
ASSERT_EQUALS("[test.cpp:4]: (error) p is out of bounds\n", errout.str());
check("void f() {\n"
" char *p = malloc(10);\n"
" p += 10;\n"
" p -= 10;\n"
" *p = 0;\n"
" free(p);"
"}");
ASSERT_EQUALS("", errout.str());
check("void f() {\n"
" char *p = malloc(10);\n"
" p += 10;\n"