Refactoring: Moved function call check to checkFunctionCalls

This commit is contained in:
Daniel Marjamäki 2010-04-22 19:49:02 +02:00
parent b9d8f52cca
commit c0d0b0f63f
1 changed files with 18 additions and 19 deletions

View File

@ -476,6 +476,8 @@ void CheckBufferOverrun::checkFunctionCall(const Token &tok, unsigned int par, c
total_size["strncat"] = 3; total_size["strncat"] = 3;
total_size["strncpy"] = 3; total_size["strncpy"] = 3;
total_size["memset"] = 3; total_size["memset"] = 3;
total_size["fread"] = 1001; // parameter 2 * parameter 3
total_size["fwrite"] = 1001; // parameter 2 * parameter 3
} }
if (par == 2) if (par == 2)
@ -515,6 +517,22 @@ void CheckBufferOverrun::checkFunctionCall(const Token &tok, unsigned int par, c
} }
break; break;
} }
if (arg == 1000) // special code. This parameter multiplied with the next must not exceed total_size
{
if (Token::Match(tok2, ", %num% , %num% ,|)"))
{
const long sz = MathLib::toLongNumber(tok2->strAt(1)) * MathLib::toLongNumber(tok2->strAt(3));
unsigned int elements = 1;
for (unsigned int i = 0; i < arrayInfo.num.size(); ++i)
elements *= arrayInfo.num[i];
if (sz < 0 || sz > int(elements * arrayInfo.element_size))
{
bufferOverrun(&tok, arrayInfo.varname);
}
}
break;
}
} }
} }
} }
@ -901,25 +919,6 @@ void CheckBufferOverrun::checkScope(const Token *tok, const ArrayInfo &arrayInfo
} }
// fread|frwite
// size_t fread ( void * ptr, size_t size, size_t count, FILE * stream );
// ptr -> Pointer to a block of memory with a minimum size of (size*count) bytes.
// size -> Size in bytes of each element to be read.
// count -> Number of elements, each one with a size of size bytes.
// stream -> Pointer to a FILE object that specifies an input stream.
if (Token::Match(tok, "fread|fwrite ( %varid% , %num% , %num% , %any% )", arrayInfo.varid) &&
MathLib::isInt(tok->strAt(6)))
{
const unsigned long len = MathLib::toLongNumber(tok->strAt(4)) * MathLib::toLongNumber(tok->strAt(6));
if (len > total_size)
{
bufferOverrun(tok, arrayInfo.varname);
continue;
}
}
// Check function call.. // Check function call..
if (Token::Match(tok, "%var% ( %varid% ,", arrayInfo.varid)) if (Token::Match(tok, "%var% ( %varid% ,", arrayInfo.varid))
checkFunctionCall(*tok, 1, arrayInfo); checkFunctionCall(*tok, 1, arrayInfo);