diff --git a/lib/checkbufferoverrun.cpp b/lib/checkbufferoverrun.cpp index bc90bcd71..df7bc0378 100644 --- a/lib/checkbufferoverrun.cpp +++ b/lib/checkbufferoverrun.cpp @@ -48,7 +48,7 @@ CheckBufferOverrun instance; void CheckBufferOverrun::arrayIndexOutOfBounds(const Token *tok, int size, int index) { - if (size > 1) + if (size >= 1) { std::ostringstream errmsg; errmsg << "Array '"; @@ -1278,6 +1278,11 @@ void CheckBufferOverrun::checkStructVariable() if (arrayInfo.num.size() > 1) continue; + // Skip array with only 0/1 elements because those are + // often overrun intentionally + if (arrayInfo.num[0] <= 1) + continue; + std::vector varname; varname.push_back(""); varname.push_back(arrayInfo.varname); diff --git a/test/testbufferoverrun.cpp b/test/testbufferoverrun.cpp index 7d4475b2e..79e14502b 100644 --- a/test/testbufferoverrun.cpp +++ b/test/testbufferoverrun.cpp @@ -1855,7 +1855,7 @@ private: " struct Foo x;\n" " sprintf(x.a, \"aa\");\n" "}\n"); - ASSERT_EQUALS("[test.cpp:5]: (error) Buffer access out-of-bounds\n", errout.str()); + ASSERT_EQUALS("", errout.str()); } void sprintf8() @@ -1937,7 +1937,7 @@ private: " struct Foo x;\n" " snprintf(x.a, 2, \"aa\");\n" "}\n"); - ASSERT_EQUALS("[test.cpp:5]: (error) snprintf size is out of bounds\n", errout.str()); + ASSERT_EQUALS("", errout.str()); } void snprintf6() @@ -2198,6 +2198,13 @@ private: " s[10] = 0;\n" "}\n"); ASSERT_EQUALS("[test.cpp:4]: (error) Array 's[4]' index 10 out of bounds\n", errout.str()); + + check("void foo()\n" + "{\n" + " char *s; s = \"\";\n" + " s[10] = 0;\n" + "}\n"); + ASSERT_EQUALS("[test.cpp:4]: (error) Array 's[1]' index 10 out of bounds\n", errout.str()); } void memset1()