CheckBufferOverrun: Fixed false positives caused by refactorings

2010-04-22 19:22:23 +02:00 · 2010-04-22 19:22:23 +02:00 · b9d8f52cca
parent 680a470741
commit b9d8f52cca
3 changed files with 16 additions and 2 deletions
--- a/lib/checkbufferoverrun.cpp
+++ b/lib/checkbufferoverrun.cpp
@ -390,7 +390,7 @@ static bool for_bailout(const Token * const tok1, unsigned int varid)

 void CheckBufferOverrun::parse_for_body(const Token *tok2, const ArrayInfo &arrayInfo, const std::string &strindex, bool condition_out_of_bounds, unsigned int counter_varid, const std::string &min_counter_value, const std::string &max_counter_value)
 {
-    const std::string pattern("%varid% [ " + strindex + " ]");
+    const std::string pattern((arrayInfo.varid ? std::string("%varid%") : arrayInfo.varname) + " [ " + strindex + " ]");

    int indentlevel2 = 0;
    for (; tok2; tok2 = tok2->next())
@ -420,7 +420,7 @@ void CheckBufferOverrun::parse_for_body(const Token *tok2, const ArrayInfo &arra
            break;
        }

-        else if (counter_varid > 0 && !min_counter_value.empty() && !max_counter_value.empty())
+        else if (arrayInfo.varid && counter_varid > 0 && !min_counter_value.empty() && !max_counter_value.empty())
        {
            int min_index = 0;
            int max_index = 0;
--- a/lib/token.cpp
+++ b/lib/token.cpp
@ -415,6 +415,7 @@ bool Token::Match(const Token *tok, const char pattern[], unsigned int varid)
            {
                if (varid == 0)
                {
+                    // TODO: Report this through ErrorLogger instead so these messages appear in the unit testing
                    std::cerr << "\n###### If you see this, there is a bug ######" << std::endl
                              << "Token::Match(\"" << pattern << "\", 0)" << std::endl;
                }
--- a/test/testbufferoverrun.cpp
+++ b/test/testbufferoverrun.cpp
@ -410,6 +410,19 @@ private:
              "}\n");
        ASSERT_EQUALS("[test.cpp:9]: (possible error) Array 'str[1]' index 1 out of bounds\n", errout.str());
        TODO_ASSERT_EQUALS("", errout.str());
+
+        check("struct foo\n"
+              "{\n"
+              "    char str[10];\n"
+              "};\n"
+              "\n"
+              "void x()\n"
+              "{\n"
+              "    foo f;\n"
+              "    for ( unsigned int i = 0; i < 64; ++i )\n"
+              "        f.str[i] = 0;\n"
+              "}\n");
+        ASSERT_EQUALS("[test.cpp:10]: (error) Buffer access out-of-bounds: f.str\n", errout.str());
    }