From f6c00fc47889a3282adcfaa1cc22d2a9bad55d38 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Marjam=C3=A4ki?= Date: Sat, 18 Dec 2010 10:54:36 +0100 Subject: [PATCH] Fixed #2323 (false positive: Buffer access out of bounds) --- lib/checkbufferoverrun.cpp | 2 +- test/testbufferoverrun.cpp | 10 ++++++++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/lib/checkbufferoverrun.cpp b/lib/checkbufferoverrun.cpp index 4f9bc3612..b0278dd03 100644 --- a/lib/checkbufferoverrun.cpp +++ b/lib/checkbufferoverrun.cpp @@ -1032,7 +1032,7 @@ void CheckBufferOverrun::checkScope(const Token *tok, const ArrayInfo &arrayInfo } // Detect few strcat() calls - if (Token::Match(tok, "strcat ( %varid% , %str% ) ;", arrayInfo.varid)) + if (total_size > 0 && Token::Match(tok, "strcat ( %varid% , %str% ) ;", arrayInfo.varid)) { size_t charactersAppend = 0; const Token *tok2 = tok; diff --git a/test/testbufferoverrun.cpp b/test/testbufferoverrun.cpp index 84079a805..8a33de23e 100644 --- a/test/testbufferoverrun.cpp +++ b/test/testbufferoverrun.cpp @@ -155,6 +155,7 @@ private: TEST_CASE(strcat1); TEST_CASE(strcat2); + TEST_CASE(strcat3); TEST_CASE(memfunc1); // memchr/memset/memcpy TEST_CASE(memfunc2); @@ -2033,6 +2034,15 @@ private: ASSERT_EQUALS("", errout.str()); } + void strcat3() + { + check("void f() {\n" + " INT str[10];\n" + " strcat(str, \"aa\");\n" + "}\n"); + ASSERT_EQUALS("", errout.str()); + } + // memchr/memset/memcpy/etc void memfunc1()