Skip to content

Commit fd6bd97

Browse files
danmardanmar
committed
Fixed danmar#6495 (Improve check: uninitialized variable, 3rd function argument)
1 parent 42c4aa1 commit fd6bd97

File tree

2 files changed

+35
-11
lines changed

2 files changed

+35
-11
lines changed

lib/checknullpointer.cpp

Lines changed: 14 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -57,18 +57,22 @@ void CheckNullPointer::parseFunctionCall(const Token &tok, std::list<const Token
5757
(value == 0 && Token::Match(firstParam, "0|NULL ,|)"))) {
5858
if (value == 0 && Token::Match(&tok, "snprintf|vsnprintf|fnprintf|vfnprintf") && secondParam && secondParam->str() != "0") // Only if length (second parameter) is not zero
5959
var.push_back(firstParam);
60-
else if (value == 0 && library != nullptr && library->isnullargbad(&tok, 1) && checkNullpointerFunctionCallPlausibility(tok.function(), 1))
61-
var.push_back(firstParam);
62-
else if (value == 1 && library != nullptr && library->isuninitargbad(&tok, 1))
63-
var.push_back(firstParam);
6460
}
6561

66-
// 2nd parameter..
67-
if ((value == 0 && Token::Match(secondParam, "0|NULL ,|)")) || (secondParam && secondParam->varId() > 0 && Token::Match(secondParam->next(),"[,)]"))) {
68-
if (value == 0 && library != nullptr && library->isnullargbad(&tok, 2) && checkNullpointerFunctionCallPlausibility(tok.function(), 2))
69-
var.push_back(secondParam);
70-
else if (value == 1 && library != nullptr && library->isuninitargbad(&tok, 2))
71-
var.push_back(secondParam);
62+
// Library
63+
if (library) {
64+
const Token *param = tok.tokAt(2);
65+
int argnr = 1;
66+
while (param) {
67+
if (Token::Match(param, "%var% ,|)") || (value==0 && Token::Match(param, "0|NULL ,|)"))) {
68+
if (value == 0 && library->isnullargbad(&tok, argnr) && checkNullpointerFunctionCallPlausibility(tok.function(), argnr))
69+
var.push_back(param);
70+
else if (value == 1 && library->isuninitargbad(&tok, argnr))
71+
var.push_back(param);
72+
}
73+
param = param->nextArgument();
74+
argnr++;
75+
}
7276
}
7377

7478
if (Token::Match(&tok, "printf|sprintf|snprintf|fprintf|fnprintf|scanf|sscanf|fscanf|wprintf|swprintf|fwprintf|wscanf|swscanf|fwscanf")) {

test/testnullpointer.cpp

Lines changed: 21 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2196,7 +2196,7 @@ class TestNullPointer : public TestFixture {
21962196
void functioncalllibrary() {
21972197
Settings settings1;
21982198
Tokenizer tokenizer(&settings1,this);
2199-
std::istringstream code("void f() { int a,b; x(a,b); }");
2199+
std::istringstream code("void f() { int a,b,c; x(a,b,c); }");
22002200
tokenizer.tokenize(code,"test.c");
22012201
const Token *xtok = Token::findsimplematch(tokenizer.tokens(), "x");
22022202

@@ -2206,6 +2206,7 @@ class TestNullPointer : public TestFixture {
22062206
Library::ArgumentChecks arg;
22072207
library.argumentChecks["x"][1] = arg;
22082208
library.argumentChecks["x"][2] = arg;
2209+
library.argumentChecks["x"][3] = arg;
22092210

22102211
std::list<const Token *> null, uninit;
22112212
CheckNullPointer::parseFunctionCall(*xtok, null, &library, 0U);
@@ -2220,6 +2221,7 @@ class TestNullPointer : public TestFixture {
22202221
Library::ArgumentChecks arg;
22212222
library.argumentChecks["x"][1] = arg;
22222223
library.argumentChecks["x"][2] = arg;
2224+
library.argumentChecks["x"][3] = arg;
22232225
library.argumentChecks["x"][1].notnull = true;
22242226

22252227
std::list<const Token *> null,uninit;
@@ -2236,6 +2238,7 @@ class TestNullPointer : public TestFixture {
22362238
Library::ArgumentChecks arg;
22372239
library.argumentChecks["x"][1] = arg;
22382240
library.argumentChecks["x"][2] = arg;
2241+
library.argumentChecks["x"][3] = arg;
22392242
library.argumentChecks["x"][2].notuninit = true;
22402243

22412244
std::list<const Token *> null,uninit;
@@ -2245,6 +2248,23 @@ class TestNullPointer : public TestFixture {
22452248
ASSERT_EQUALS(1U, uninit.size());
22462249
ASSERT_EQUALS("b", uninit.front()->str());
22472250
}
2251+
2252+
// for 3rd parameter uninit data is not ok..
2253+
{
2254+
Library library;
2255+
Library::ArgumentChecks arg;
2256+
library.argumentChecks["x"][1] = arg;
2257+
library.argumentChecks["x"][2] = arg;
2258+
library.argumentChecks["x"][3] = arg;
2259+
library.argumentChecks["x"][3].notuninit = true;
2260+
2261+
std::list<const Token *> null,uninit;
2262+
CheckNullPointer::parseFunctionCall(*xtok, null, &library, 0U);
2263+
CheckNullPointer::parseFunctionCall(*xtok, uninit, &library, 1U);
2264+
ASSERT_EQUALS(0U, null.size());
2265+
ASSERT_EQUALS(1U, uninit.size());
2266+
ASSERT_EQUALS("c", uninit.front()->str());
2267+
}
22482268
}
22492269

22502270
void functioncallDefaultArguments() {

0 commit comments

Comments
 (0)