From d34de745c05209d4d9e845a1602fd0511a9dde30 Mon Sep 17 00:00:00 2001 From: Paul Fultz II Date: Sun, 18 Sep 2022 01:29:10 -0500 Subject: [PATCH] Fix 11306: FP knownConditionTrueFalse with strlen() (#4477) * Fix 11306: FP knownConditionTrueFalse with strlen() * Add another test --- lib/valueflow.cpp | 9 ++------- test/testvalueflow.cpp | 17 +++++++++++++++++ 2 files changed, 19 insertions(+), 7 deletions(-) diff --git a/lib/valueflow.cpp b/lib/valueflow.cpp index b77aa9481..07be00436 100644 --- a/lib/valueflow.cpp +++ b/lib/valueflow.cpp @@ -5223,16 +5223,11 @@ static void valueFlowSymbolicOperators(TokenList* tokenlist, SymbolDatabase* sym continue; if (value.intvalue != 0) continue; - if (value.bound == ValueFlow::Value::Bound::Upper) - continue; - if (value.isImpossible() && value.bound != ValueFlow::Value::Bound::Lower) - continue; - if (value.isKnown() && value.bound != ValueFlow::Value::Bound::Point) - continue; const Token* strlenTok = isStrlenOf(value.tokvalue, arrayTok); if (!strlenTok) continue; ValueFlow::Value v = value; + v.bound = ValueFlow::Value::Bound::Point; v.valueType = ValueFlow::Value::ValueType::INT; v.errorPath.emplace_back(strlenTok, "Return index of string to the first element that is 0"); setTokenValue(tok, v, tokenlist->getSettings()); @@ -8865,7 +8860,7 @@ void ValueFlow::setValues(TokenList *tokenlist, SymbolDatabase* symboldatabase, std::size_t values = 0; std::size_t n = 4; - while (n > 0 && values < getTotalValues(tokenlist)) { + while (n > 0 && values != getTotalValues(tokenlist)) { values = getTotalValues(tokenlist); valueFlowImpossibleValues(tokenlist, settings); valueFlowSymbolicOperators(tokenlist, symboldatabase); diff --git a/test/testvalueflow.cpp b/test/testvalueflow.cpp index 11ab7e6aa..97313df97 100644 --- a/test/testvalueflow.cpp +++ b/test/testvalueflow.cpp @@ -7585,6 +7585,23 @@ private: " return 0;\n" "}\n"; ASSERT_EQUALS(true, testValueOfXImpossible(code, 4U, 0)); + + code = "int f(char *s, size_t i) {\n" + " if (i < strlen(s)) {\n" + " int x = s[i] != ' ';\n" + " return x;\n" + " }\n" + " return 0;\n" + "}\n"; + ASSERT_EQUALS(false, testValueOfXKnown(code, 4U, 1)); + + code = "int f(char *s, size_t i) {\n" + " if (i == strlen(s)) {}\n" + " int x = s[i];\n" + " return x;\n" + "}\n"; + ASSERT_EQUALS(false, testValueOfXKnown(code, 4U, 0)); + ASSERT_EQUALS(true, testValueOfX(code, 4U, 0)); } void valueFlowSmartPointer()