Fix #9228 (FN common realloc mistake with assignment of NULL)

rikardfalkeborn · rikardfalkeborn · commit 791051ced0b3 · 2020-09-13T21:49:49.000+02:00
Do not match for assignments with NULL.
diff --git a/lib/checkmemoryleak.cpp b/lib/checkmemoryleak.cpp
@@ -547,7 +547,7 @@ void CheckMemoryLeakInFunction::checkReallocUsage()
 
                 // Check that another copy of the pointer wasn't saved earlier in the function
                 if (Token::findmatch(scope->bodyStart, "%name% = %varid% ;", tok, tok->varId()) ||
-                    Token::findmatch(scope->bodyStart, "[{};] %varid% = *| %name% .| %name%| [;=]", tok, tok->varId()))
+                    Token::findmatch(scope->bodyStart, "[{};] %varid% = *| %var% .| %var%| [;=]", tok, tok->varId()))
                     continue;
 
                 // Check if the argument is known to be null, which means it is not a memory leak
diff --git a/test/testmemleak.cpp b/test/testmemleak.cpp
@@ -169,6 +169,7 @@ class TestMemleakInFunction : public TestFixture {
         TEST_CASE(realloc21);
         TEST_CASE(realloc22);
         TEST_CASE(realloc23);
+        TEST_CASE(realloc24); // #9228
         TEST_CASE(reallocarray1);
     }
 
@@ -410,6 +411,35 @@ class TestMemleakInFunction : public TestFixture {
         ASSERT_EQUALS("", errout.str());
     }
 
+    void realloc24() { // #9228
+        check("void f() {\n"
+              "void *a = NULL;\n"
+              "a = realloc(a, 20);\n"
+              "}");
+        ASSERT_EQUALS("", errout.str());
+
+        check("void f() {\n"
+              "void *a = NULL;\n"
+              "a = malloc(10);\n"
+              "a = realloc(a, 20);\n"
+              "}");
+        ASSERT_EQUALS("[test.cpp:4]: (error) Common realloc mistake: \'a\' nulled but not freed upon failure\n", errout.str());
+
+        check("void f() {\n"
+              "void *a = std::nullptr;\n"
+              "a = malloc(10);\n"
+              "a = realloc(a, 20);\n"
+              "}");
+        ASSERT_EQUALS("[test.cpp:4]: (error) Common realloc mistake: \'a\' nulled but not freed upon failure\n", errout.str());
+
+        check("void f(char *b) {\n"
+              "void *a = NULL;\n"
+              "a = b;\n"
+              "a = realloc(a, 20);\n"
+              "}");
+        ASSERT_EQUALS("", errout.str());
+    }
+
     void reallocarray1() {
         check("void foo()\n"
               "{\n"
