diff --git a/lib/reverseanalyzer.cpp b/lib/reverseanalyzer.cpp index a34ffde7a..9d6207816 100644 --- a/lib/reverseanalyzer.cpp +++ b/lib/reverseanalyzer.cpp @@ -177,7 +177,9 @@ struct ReverseTraversal { } if (!continueB) break; - valueFlowGenericForward(assignTop->astOperand2(), analyzer, settings); + Analyzer::Action a = valueFlowGenericForward(assignTop->astOperand2(), analyzer, settings); + if (a.isModified()) + break; tok = previousBeforeAstLeftmostLeaf(assignTop)->next(); continue; } diff --git a/test/testnullpointer.cpp b/test/testnullpointer.cpp index 8a3738fe9..0bd5f5f21 100644 --- a/test/testnullpointer.cpp +++ b/test/testnullpointer.cpp @@ -107,6 +107,7 @@ private: TEST_CASE(nullpointer64); TEST_CASE(nullpointer65); // #9980 TEST_CASE(nullpointer66); // #10024 + TEST_CASE(nullpointer67); // #10062 TEST_CASE(nullpointer_addressOf); // address of TEST_CASE(nullpointerSwitch); // #2626 TEST_CASE(nullpointer_cast); // #4692 @@ -2050,6 +2051,33 @@ private: ASSERT_EQUALS("", errout.str()); } + void nullpointer67() { + check("int result;\n" + "\n" + "int test_b(void) {\n" + " char **string = NULL;\n" + "\n" + " /* The bug disappears if \"result =\" is omitted. */\n" + " result = some_other_call(&string);\n" + " if (string && string[0])\n" + " return 0;\n" + " return -1;\n" + "}\n"); + ASSERT_EQUALS("", errout.str()); + + check("int result;\n" + "\n" + "int test_b(void) {\n" + " char **string = NULL;\n" + "\n" + " some_other_call(&string);\n" + " if (string && string[0])\n" + " return 0;\n" + " return -1;\n" + "}\n"); + ASSERT_EQUALS("", errout.str()); + } + void nullpointer_addressOf() { // address of check("void f() {\n" " struct X *x = 0;\n"