From fd7e085c9de74a5cf59c77b7c1f9b8fc6f333c1f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Marjam=C3=A4ki?= Date: Fri, 5 Aug 2011 13:08:48 +0200 Subject: [PATCH] Array index out of bounds: prevent false positive when a dimension for an array is unknown --- lib/checkbufferoverrun.cpp | 4 ++++ test/testbufferoverrun.cpp | 8 +++++++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/lib/checkbufferoverrun.cpp b/lib/checkbufferoverrun.cpp index 22a853710..a44c047aa 100644 --- a/lib/checkbufferoverrun.cpp +++ b/lib/checkbufferoverrun.cpp @@ -1093,6 +1093,10 @@ void CheckBufferOverrun::checkScope(const Token *tok, const ArrayInfo &arrayInfo totalElements *= arrayInfo.num(ri); } + // totalElements == 0 => Unknown size + if (totalElements == 0) + continue; + // just taking the address? const bool addr(Token::Match(tok->previous(), "[.&]") || Token::simpleMatch(tok->tokAt(-2), "& (")); diff --git a/test/testbufferoverrun.cpp b/test/testbufferoverrun.cpp index fbd6a5701..9b4c998c3 100644 --- a/test/testbufferoverrun.cpp +++ b/test/testbufferoverrun.cpp @@ -1159,7 +1159,13 @@ private: "}\n"); ASSERT_EQUALS("[test.cpp:6]: (error) Array 'a[6][6][6]' index a[6][6][2] out of bounds\n", errout.str()); - + // unknown dim.. + check("void f()\n" + "{\n" + " int a[2][countof(x)] = {{1,2},{3,4}};\n" + " a[0][0] = 0;\n" + "}\n"); + ASSERT_EQUALS("", errout.str()); } void array_index_switch_in_for()