Refactor and fix "After a strncpy() the buffer should be zero-terminated" checking,

2010-04-05 21:47:50 +03:00 · 2010-04-05 21:47:50 +03:00 · d3c251f53a
parent 4bc325f077
commit d3c251f53a
2 changed files with 25 additions and 17 deletions
--- a/lib/checkbufferoverrun.cpp
+++ b/lib/checkbufferoverrun.cpp
@ -267,29 +267,22 @@ void CheckBufferOverrun::checkScope(const Token *tok, const std::vector<std::str
            if (_settings->_checkCodingStyle)
            {
                // check for strncpy which is not terminated
-                if (Token::Match(tok, "strncpy ( %varid% , %any% , %any% )", varid))
+                if (Token::Match(tok, "strncpy ( %varid% , %any% , %num% )", varid))
                {
-                    const Token *tokSz = tok->tokAt(6);
+                    // strncpy takes entire variable length as input size
-                    if (tokSz->isNumber())
+                    if (MathLib::toLongNumber(tok->strAt(6)) == total_size)
                    {
-                        // strncpy takes entire variable length as input size
+                        const Token *tok2 = tok->next()->link()->next();
-                        const std::string num = tok->strAt(6);
+                        for (; tok2; tok2 = tok2->next())
                        if (MathLib::toLongNumber(num) == total_size)
                        {
-                            const Token *tok2 = tok->next()->link()->next()->next();
+                            if (tok2->varId() == tok->tokAt(2)->varId())
                            for (; tok2; tok2 = tok2->next())
                            {
-                                if (Token::Match(tok2, "%varid%", tok->tokAt(2)->varId()))
+                                if (!Token::Match(tok2, "%varid% [ %any% ]  = 0 ;", tok->tokAt(2)->varId()))
                                {
-                                    if (!Token::Match(tok2, "%varid% [ %any% ]  = 0 ;", tok->tokAt(2)->varId()))
+                                    terminateStrncpyError(tok);
                                    {
                                        terminateStrncpyError(tok);
                                    }
                                    else
                                    {
                                        break;
                                    }
                                }
                                break;
                            }
                        }
                    }
--- a/test/testbufferoverrun.cpp
+++ b/test/testbufferoverrun.cpp
@ -1775,6 +1775,21 @@ private:
              "    bar[99] = 0;\n"
              "}\n");
        ASSERT_EQUALS("[test.cpp:4]: (style) After a strncpy() the buffer should be zero-terminated\n", errout.str());
        // Test with invalid code that there is no segfault
        check("char baz[100];\n"
              "strncpy(baz, \"var\", sizeof(baz))\n");
        ASSERT_EQUALS("", errout.str());
        // Test that there are no duplicate error messages
        check("void foo ( char *bar )\n"
              "{\n"
              "    char baz[100];\n"
              "    strncpy(baz, bar, sizeof(baz));\n"
              "    foo(baz);\n"
              "    foo(baz);\n"
              "}\n");
        ASSERT_EQUALS("[test.cpp:4]: (style) After a strncpy() the buffer should be zero-terminated\n", errout.str());
    }
    void terminateStrncpy2()