diff --git a/lib/checkstl.cpp b/lib/checkstl.cpp index 3be2e5694..d4cf80a58 100644 --- a/lib/checkstl.cpp +++ b/lib/checkstl.cpp @@ -1019,6 +1019,14 @@ void CheckStl::string_c_str() tok->next()->varId() > 0 && localvar.find(tok->next()->varId()) != localvar.end()) { string_c_strError(tok); + } else if (Token::Match(tok, "return %var% . c_str ( ) ;") && + tok->next()->varId() > 0 && + localvar.find(tok->next()->varId()) != localvar.end()) { + string_c_strError(tok); + } else if (Token::Match(tok, "return %var% . str ( ) . c_str ( ) ;") && + tok->next()->varId() > 0 && + localvar.find(tok->next()->varId()) != localvar.end()) { + string_c_strError(tok); } else if (Token::Match(tok, "[;{}] %var% = %var% . str ( ) . c_str ( ) ;") && tok->next()->varId() > 0 && pointers.find(tok->next()->varId()) != pointers.end()) { diff --git a/test/teststl.cpp b/test/teststl.cpp index e3297c8ad..1ad0cfbb1 100644 --- a/test/teststl.cpp +++ b/test/teststl.cpp @@ -1311,6 +1311,18 @@ private: "}"); ASSERT_EQUALS("[test.cpp:3]: (error) Dangerous usage of c_str()\n", errout.str()); + check("const char *get_msg() {\n" + " std::string errmsg;\n" + " return errmsg.c_str();\n" + "}"); + ASSERT_EQUALS("[test.cpp:3]: (error) Dangerous usage of c_str()\n", errout.str()); + + check("const char *get_msg() {\n" + " std::ostringstream errmsg;\n" + " return errmsg.str().c_str();\n" + "}"); + ASSERT_EQUALS("[test.cpp:3]: (error) Dangerous usage of c_str()\n", errout.str()); + check("void f() {\n" " std::ostringstream errmsg;\n" " const char *c = errmsg.str().c_str();\n"