walkero
/
cppcheck
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Fix 10429: Regression: invalidIterator (#3603)

This commit is contained in:
Paul Fultz II 2021-12-05 08:46:52 -06:00 committed by GitHub
parent c0af66bb52
commit f64bcac004
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 32 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
lib/calculate.h
View File

@ -50,6 +50,9 @@ R calculate(const std::string& s, const T& x, const T& y, bool* error = nullptr)
auto wrap = [](T z) { auto wrap = [](T z) {
return R{z}; return R{z};
}; };
const MathLib::bigint maxBitsShift = sizeof(MathLib::bigint) * 8;
// For portability we cannot shift signed integers by 63 bits
const MathLib::bigint maxBitsSignedShift = maxBitsShift - 1;
switch (MathLib::encodeMultiChar(s)) { switch (MathLib::encodeMultiChar(s)) {
case '+': case '+':
return wrap(x + y); return wrap(x + y);
@ -82,14 +85,14 @@ R calculate(const std::string& s, const T& x, const T& y, bool* error = nullptr)
case '<': case '<':
return wrap(x < y); return wrap(x < y);
case '<<': case '<<':
if (y >= sizeof(MathLib::bigint) * 8 || y < 0 || x < 0) { if (y >= maxBitsSignedShift || y < 0 || x < 0) {
if (error) if (error)
*error = true; *error = true;
return R{}; return R{};
} }
return wrap(MathLib::bigint(x) << MathLib::bigint(y)); return wrap(MathLib::bigint(x) << MathLib::bigint(y));
case '>>': case '>>':
if (y >= sizeof(MathLib::bigint) * 8 || y < 0 || x < 0) { if (y >= maxBitsSignedShift || y < 0 || x < 0) {
if (error) if (error)
*error = true; *error = true;
return R{}; return R{};

18
lib/forwardanalyzer.cpp
View File

@ -145,7 +145,8 @@ struct ForwardTraversal {
// Evaluate: // Evaluate:
// 1. RHS of assignment before LHS // 1. RHS of assignment before LHS
// 2. Unary op before operand // 2. Unary op before operand
if (tok->isAssignmentOp() || !secondOp) // 3. Function arguments before function call
if (tok->isAssignmentOp() || !secondOp || isFunctionCall(tok))
std::swap(firstOp, secondOp); std::swap(firstOp, secondOp);
if (firstOp && traverseRecursive(firstOp, f, traverseUnknown, recursion+1) == Progress::Break) if (firstOp && traverseRecursive(firstOp, f, traverseUnknown, recursion+1) == Progress::Break)
return Break(); return Break();
@ -757,6 +758,21 @@ struct ForwardTraversal {
return false; return false;
} }
static bool isFunctionCall(const Token* tok)
{
if (!Token::simpleMatch(tok, "("))
return false;
if (tok->isCast())
return false;
if (!tok->isBinaryOp())
return false;
if (Token::simpleMatch(tok->link(), ") {"))
return false;
if (isUnevaluated(tok))
return false;
return Token::Match(tok->previous(), "%name%|)|]|>");
}
static Token* assignExpr(Token* tok) { static Token* assignExpr(Token* tok) {
while (tok->astParent() && astIsLHS(tok)) { while (tok->astParent() && astIsLHS(tok)) {
if (tok->astParent()->isAssignmentOp()) if (tok->astParent()->isAssignmentOp())

2
lib/valueflow.cpp
View File

@ -2651,7 +2651,7 @@ struct ExpressionAnalyzer : SingleValueFlowAnalyzer {
return; return;
visitAstNodes(start, [&](const Token* tok) { visitAstNodes(start, [&](const Token* tok) {
const bool top = depth == 0 && tok == start; const bool top = depth == 0 && tok == start;
const bool ispointer = astIsPointer(tok) || astIsSmartPointer(tok); const bool ispointer = astIsPointer(tok) || astIsSmartPointer(tok) || astIsIterator(tok);
if (!top || !ispointer || value.indirect != 0) { if (!top || !ispointer || value.indirect != 0) {
for (const ValueFlow::Value& v : tok->values()) { for (const ValueFlow::Value& v : tok->values()) {
if (!(v.isLocalLifetimeValue() || (ispointer && v.isSymbolicValue() && v.isKnown()))) if (!(v.isLocalLifetimeValue() || (ispointer && v.isSymbolicValue() && v.isKnown())))

9
test/teststl.cpp
View File

@ -4173,6 +4173,15 @@ private:
" return v;\n" " return v;\n"
"}\n"); "}\n");
ASSERT_EQUALS("", errout.str()); ASSERT_EQUALS("", errout.str());
check("extern bool bar(int);\n"
"void f(std::vector<int> & v) {\n"
" std::vector<int>::iterator i= v.begin();\n"
" if(i == v.end() && bar(*(i+1)) ) {}\n"
"}\n");
ASSERT_EQUALS(
"[test.cpp:4] -> [test.cpp:4]: (warning) Either the condition 'i==v.end()' is redundant or there is possible dereference of an invalid iterator: i+1.\n",
errout.str());
} }
void dereferenceInvalidIterator2() { void dereferenceInvalidIterator2() {