walkero
/
cppcheck
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Fixed #2935 (possible null pointer dereference when using strcpy etc)

This commit is contained in:
Daniel Marjamäki 2011-07-31 14:07:35 +02:00
parent ad166d3a54
commit dd6982a616
2 changed files with 26 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
lib/checknullpointer.cpp
View File

@ -537,17 +537,26 @@ void CheckNullPointer::nullPointerByDeRefAndChec()
tok2 = tok2->previous(); tok2 = tok2->previous();
if (Token::Match(tok2, "[;{}] %varid% = %var%", varid)) if (Token::Match(tok2, "[;{}] %varid% = %var%", varid))
break; break;
}
if (tok1->str() == ")" && Token::Match(tok1->link()->previous(), "while ( %varid%", varid)) if (Token::Match(tok1->link()->previous(), "while ( %varid%", varid))
{ break;
break;
}
if (tok1->str() == ")" && Token::simpleMatch(tok1->link()->previous(), "sizeof (")) if (Token::simpleMatch(tok1->link()->previous(), "sizeof ("))
{ {
tok1 = tok1->link()->previous(); tok1 = tok1->link()->previous();
continue; continue;
}
if (Token::Match(tok2, "[;{}] %var% ( %varid% ,", varid))
{
std::list<const Token *> var;
parseFunctionCall(*(tok2->next()), var, 0);
if (!var.empty() && var.front() == tok2->tokAt(3))
{
nullPointerError(tok2->tokAt(3), varname, tok->linenr());
break;
}
}
} }
if (tok1->str() == "break") if (tok1->str() == "break")

8
test/testnullpointer.cpp
View File

@ -410,6 +410,14 @@ private:
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:3]: (error) Possible null pointer dereference: p - otherwise it is redundant to check if p is null at line 4\n", errout.str()); ASSERT_EQUALS("[test.cpp:3]: (error) Possible null pointer dereference: p - otherwise it is redundant to check if p is null at line 4\n", errout.str());
check("void foo(char *p)\n"
"{\n"
" strcpy(p, \"abc\");\n"
" if (!p)\n"
" ;\n"
"}\n");
ASSERT_EQUALS("[test.cpp:3]: (error) Possible null pointer dereference: p - otherwise it is redundant to check if p is null at line 4\n", errout.str());
// no error // no error
check("void foo()\n" check("void foo()\n"
"{\n" "{\n"