noisymime
/
cppcheck
mirror of https://github.com/noisymime/cppcheck.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixed #3163 (Out of bounds pointer arithmetic not reset)

This commit is contained in:
Daniel Marjamäki 2011-10-12 20:54:39 +02:00
parent 371871b0b7
commit b73896bcc5
2 changed files with 17 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
lib/checkbufferoverrun.cpp
View File

@ -912,11 +912,14 @@ void CheckBufferOverrun::checkScope(const Token *tok, const std::vector<std::str
break; break;
} }
// reassign buffer => bailout // reassign buffer
if (varid > 0 && if (varid > 0 && Token::Match(tok, "[;{}] %varid% =", varid))
Token::Match(tok, "[;{}] %varid% =", varid) && {
!Token::Match(tok->tokAt(3), "%varid%", varid)) // using varid .. bailout
if (!Token::Match(tok->tokAt(3), "%varid%", varid))
break; break;
pointerIsOutOfBounds = false;
}
// Array index.. // Array index..
if ((varid > 0 && ((tok->str() == "return" || (!tok->isName() && !Token::Match(tok, "[.&]"))) && Token::Match(tok->next(), "%varid% [ %num% ]", varid))) || if ((varid > 0 && ((tok->str() == "return" || (!tok->isName() && !Token::Match(tok, "[.&]"))) && Token::Match(tok->next(), "%varid% [ %num% ]", varid))) ||

9
test/testbufferoverrun.cpp
View File

@ -2446,6 +2446,15 @@ private:
"}"); "}");
ASSERT_EQUALS("[test.cpp:4]: (error) p is out of bounds\n", errout.str()); ASSERT_EQUALS("[test.cpp:4]: (error) p is out of bounds\n", errout.str());
check("void f() {\n"
" char *p = malloc(10);\n"
" p += 10;\n"
" p -= 10;\n"
" *p = 0;\n"
" free(p);"
"}");
ASSERT_EQUALS("", errout.str());
check("void f() {\n" check("void f() {\n"
" char *p = malloc(10);\n" " char *p = malloc(10);\n"
" p += 10;\n" " p += 10;\n"