From d8b50e73df559c2b67580d2c83303da1ec36f1ef Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Marjam=C3=A4ki?= Date: Mon, 20 Oct 2014 15:54:02 +0200 Subject: [PATCH] Fixed #6002 (Defect: False positive due to pointer address not being associated with variable in for loop) --- lib/valueflow.cpp | 14 ++++++++++++++ test/testvalueflow.cpp | 21 +++++++++++++++++++++ 2 files changed, 35 insertions(+) diff --git a/lib/valueflow.cpp b/lib/valueflow.cpp index 9464fa279..84bf8a53d 100644 --- a/lib/valueflow.cpp +++ b/lib/valueflow.cpp @@ -946,6 +946,20 @@ static bool valueFlowForward(Token * const startToken, setTokenValue(tok2, *it); } + // bailout if address of var is taken.. + if (tok2->astParent() && tok2->astParent()->str() == "&" && !tok2->astParent()->astOperand2()) { + if (settings->debugwarnings) + bailout(tokenlist, errorLogger, tok2, "Taking address of " + tok2->str()); + return false; + } + + // bailout if reference is created.. + if (tok2->astParent() && Token::Match(tok2->astParent()->tokAt(-2), "& %var% =")) { + if (settings->debugwarnings) + bailout(tokenlist, errorLogger, tok2, "Reference of " + tok2->str()); + return false; + } + // assigned by subfunction? bool inconclusive = false; if (bailoutFunctionPar(tok2, ValueFlow::Value(), settings, &inconclusive)) { diff --git a/test/testvalueflow.cpp b/test/testvalueflow.cpp index 2ecc0ca12..d105bf7fe 100644 --- a/test/testvalueflow.cpp +++ b/test/testvalueflow.cpp @@ -834,6 +834,27 @@ private: "}"; ASSERT_EQUALS(false, testValueOfX(code, 6U, 3)); + // pointer/reference to x + code = "int f(void) {\n" + " int x = 2;\n" + " int *px = &x;\n" + " for (int i = 0; i < 1; i++) {\n" + " *px = 1;\n" + " }\n" + " return x;\n" + "}"; + ASSERT_EQUALS(false, testValueOfX(code, 7U, 2)); + + code = "int f(void) {\n" + " int x = 5;\n" + " int &rx = x;\n" + " for (int i = 0; i < 1; i++) {\n" + " rx = 1;\n" + " }\n" + " return x;\n" + "}"; + ASSERT_EQUALS(false, testValueOfX(code, 7U, 5)); + // break code = "void f() {\n" " for (;;) {\n"