From 03fd308dbf7ac406dc62d9a830d7bb88a4702e32 Mon Sep 17 00:00:00 2001 From: Thomas Jarosch Date: Wed, 26 Oct 2011 21:07:48 +0200 Subject: [PATCH] STL check: Look for string.c_str() / stringstream.str().c_str() "return" usage (object is destroyed on return) --- lib/checkstl.cpp | 8 ++++++++ test/teststl.cpp | 12 ++++++++++++ 2 files changed, 20 insertions(+) diff --git a/lib/checkstl.cpp b/lib/checkstl.cpp index 3be2e5694..d4cf80a58 100644 --- a/lib/checkstl.cpp +++ b/lib/checkstl.cpp @@ -1019,6 +1019,14 @@ void CheckStl::string_c_str() tok->next()->varId() > 0 && localvar.find(tok->next()->varId()) != localvar.end()) { string_c_strError(tok); + } else if (Token::Match(tok, "return %var% . c_str ( ) ;") && + tok->next()->varId() > 0 && + localvar.find(tok->next()->varId()) != localvar.end()) { + string_c_strError(tok); + } else if (Token::Match(tok, "return %var% . str ( ) . c_str ( ) ;") && + tok->next()->varId() > 0 && + localvar.find(tok->next()->varId()) != localvar.end()) { + string_c_strError(tok); } else if (Token::Match(tok, "[;{}] %var% = %var% . str ( ) . c_str ( ) ;") && tok->next()->varId() > 0 && pointers.find(tok->next()->varId()) != pointers.end()) { diff --git a/test/teststl.cpp b/test/teststl.cpp index e3297c8ad..1ad0cfbb1 100644 --- a/test/teststl.cpp +++ b/test/teststl.cpp @@ -1311,6 +1311,18 @@ private: "}"); ASSERT_EQUALS("[test.cpp:3]: (error) Dangerous usage of c_str()\n", errout.str()); + check("const char *get_msg() {\n" + " std::string errmsg;\n" + " return errmsg.c_str();\n" + "}"); + ASSERT_EQUALS("[test.cpp:3]: (error) Dangerous usage of c_str()\n", errout.str()); + + check("const char *get_msg() {\n" + " std::ostringstream errmsg;\n" + " return errmsg.str().c_str();\n" + "}"); + ASSERT_EQUALS("[test.cpp:3]: (error) Dangerous usage of c_str()\n", errout.str()); + check("void f() {\n" " std::ostringstream errmsg;\n" " const char *c = errmsg.str().c_str();\n"