From c90558f730cff6177b7a61922f9f1c31ef72cb30 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Marjam=C3=A4ki?= Date: Sat, 3 Dec 2011 13:10:07 +0100 Subject: [PATCH] Fixed #3358 (False null pointer dereference positive with ternary ?: operator) --- lib/checknullpointer.cpp | 4 ++-- test/testnullpointer.cpp | 11 +++++++++++ 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/lib/checknullpointer.cpp b/lib/checknullpointer.cpp index 1d5ccbcfc..a8d4a7cb6 100644 --- a/lib/checknullpointer.cpp +++ b/lib/checknullpointer.cpp @@ -867,7 +867,7 @@ void CheckNullPointer::nullPointerByCheckAndDeRef() std::list var; parseFunctionCall(*tok2, var, 0); for (std::list::const_iterator it = var.begin(); it != var.end(); ++it) { - if ((*it)->varId() == varid) { + if (Token::Match(*it, "%varid% [,)]", varid)) { nullPointerError(*it, pointerName, linenr, inconclusive); break; } @@ -977,7 +977,7 @@ void CheckNullPointer::nullConstantDereference() // is one of the var items a NULL pointer? for (std::list::const_iterator it = var.begin(); it != var.end(); ++it) { - if ((*it)->str() == "0") { + if (Token::Match(*it, "0 [,)]")) { nullPointerError(*it); } } diff --git a/test/testnullpointer.cpp b/test/testnullpointer.cpp index 7ca5fbd55..204d15135 100644 --- a/test/testnullpointer.cpp +++ b/test/testnullpointer.cpp @@ -1422,6 +1422,12 @@ private: check(code, true); // inconclusive ASSERT_EQUALS("[test.cpp:3]: (error) Possible null pointer dereference: fred - otherwise it is redundant to check if fred is null at line 2\n", errout.str()); } + + check("void f(char *s) {\n" // #3358 + " if (s==0);\n" + " strcpy(a, s?b:c);\n" + "}\n"); + ASSERT_EQUALS("", errout.str()); } // Test CheckNullPointer::nullConstantDereference @@ -1487,6 +1493,11 @@ private: "}"); ASSERT_EQUALS("[test.cpp:3]: (error) Possible null pointer dereference: s\n", errout.str()); + check("void f() {\n" + " char *s = 0;\n" + " printf(\"%s\", s == 0 ? a : s);\n" + "}\n"); + ASSERT_EQUALS("", errout.str()); check("void f() {\n" " printf(\"%u%s\", 0, 0);\n"