From a951d34aa8f8485c83058e1639b9de17f76c6d48 Mon Sep 17 00:00:00 2001 From: Edoardo Prezioso Date: Mon, 9 Jan 2012 12:36:05 +0100 Subject: [PATCH] Fixed ticket #3480 (segmentation fault of cppcheck) --- lib/executionpath.cpp | 38 ++++++++++++++++++-------------------- test/testuninitvar.cpp | 7 +++++++ 2 files changed, 25 insertions(+), 20 deletions(-) diff --git a/lib/executionpath.cpp b/lib/executionpath.cpp index d83ed9de5..7411d3d3d 100644 --- a/lib/executionpath.cpp +++ b/lib/executionpath.cpp @@ -300,29 +300,27 @@ void ExecutionPath::checkScope(const Token *tok, std::list &che // bailout used variables in '; FOREACH ( .. ) { .. }' else if (tok->str() != "if" && Token::Match(tok->previous(), "[;{}] %var% (")) { // goto { - const Token *tok2 = tok->next()->link(); - if (tok2 && tok2->str() == ")") { - tok2 = tok2->next(); - if (tok2 && tok2->str() == "{") { - // goto "}" - tok2 = tok2->link(); + const Token *tok2 = tok->next()->link()->next(); + if (tok2 && tok2->str() == "{") { + // goto "}" + tok2 = tok2->link(); - // bail out all variables used in "{ .. }" - for (; tok && tok != tok2; tok = tok->next()) { - if (tok->varId()) - ExecutionPath::bailOutVar(checks, tok->varId()); - } + // bail out all variables used in "{ .. }" + for (; tok && tok != tok2; tok = tok->next()) { + if (tok->varId()) + ExecutionPath::bailOutVar(checks, tok->varId()); } } } // .. ) { ... } => bail out - if (Token::simpleMatch(tok, ") {")) { + if (tok->str() == ")" && tok->next() && tok->next()->str() == "{") { ExecutionPath::bailOut(checks); return; } - if (Token::Match(tok, "abort|exit (")) { + if ((tok->str() == "abort" || tok->str() == "exit") && + tok->next() && tok->next()->str() == "(") { ExecutionPath::bailOut(checks); return; } @@ -360,12 +358,12 @@ void ExecutionPath::checkScope(const Token *tok, std::list &che continue; } - if (tok->str() == "if") { + if (tok->str() == "if" && tok->next() && tok->next()->str() == "(") { // what variable ids should the numberOfIf be counted for? std::set countif; std::list newchecks; - while (tok->str() == "if") { + while (tok->str() == "if" && tok->next() && tok->next()->str() == "(") { // goto "(" tok = tok->next(); @@ -377,12 +375,12 @@ void ExecutionPath::checkScope(const Token *tok, std::list &che } // goto ")" - tok = tok ? tok->link() : 0; + tok = tok->link(); // goto "{" - tok = tok ? tok->next() : 0; + tok = tok->next(); - if (!Token::simpleMatch(tok, "{")) { + if (!tok || tok->str() != "{") { ExecutionPath::bailOut(checks); ExecutionPath::bailOut(newchecks); return; @@ -395,12 +393,12 @@ void ExecutionPath::checkScope(const Token *tok, std::list &che tok = tok->link(); // there is no else => break out - if (Token::Match(tok, "} !!else")) + if (!tok->next() || tok->next()->str() != "else") break; // parse next "if".. tok = tok->tokAt(2); - if (tok->str() == "if") + if (tok && tok->str() == "if") continue; // there is no "if".. diff --git a/test/testuninitvar.cpp b/test/testuninitvar.cpp index 96e8235cf..60607beb4 100644 --- a/test/testuninitvar.cpp +++ b/test/testuninitvar.cpp @@ -527,6 +527,13 @@ private: " return x() ? i : 0;\n" "}\n"); TODO_ASSERT_EQUALS("[test.cpp:2]: (error) Uninitialized variable: i\n", "", errout.str()); + + // Ticket #3480 - Don't crash garbage code + checkUninitVar("int f()\n" + "{\n" + " return if\n" + "}\n"); + ASSERT_EQUALS("", errout.str()); }