Null pointers: better detection of null pointer dereference

2018-03-18 19:02:30 +01:00 · 2018-03-18 19:02:30 +01:00 · f7d537ea26
parent 0741c389c0
commit f7d537ea26
1 changed files with 14 additions and 0 deletions
--- a/lib/checknullpointer.cpp
+++ b/lib/checknullpointer.cpp
@ -27,6 +27,7 @@
 #include "token.h"
 #include "tokenize.h"
 #include "utils.h"
+#include "astutils.h"

 #include <algorithm>
 #include <cctype>
@ -427,6 +428,19 @@ void CheckNullPointer::nullConstantDereference()
            } else if (Token::Match(tok, "std :: string|wstring ( 0|NULL|nullptr )"))
                nullPointerError(tok);

+            else if (Token::Match(tok->previous(), "::|. %name% (")) {
+                std::vector<const Token *> args = getArguments(tok);
+                for (int argnr = 0; argnr < args.size(); ++argnr) {
+                    const Token *argtok = args[argnr];
+                    if (!argtok->hasKnownIntValue())
+                        continue;
+                    if (argtok->values().front().intvalue != 0)
+                        continue;
+                    if (_settings->library.isnullargbad(tok, argnr+1))
+                        nullPointerError(argtok);
+                }
+            }
+
            else if (Token::Match(tok->previous(), ">> 0|NULL|nullptr")) { // Only checking input stream operations is safe here, because otherwise 0 can be an integer as well
                const Token* tok2 = tok->previous(); // Find start of statement
                for (; tok2; tok2 = tok2->previous()) {