Fixed crash on garbage code introduced recently, optimized code in valueFlowFunctionReturn.

PKEuS · PKEuS · commit 58c3fdd0633f · 2015-02-01T12:26:46.000+01:00
diff --git a/lib/valueflow.cpp b/lib/valueflow.cpp
@@ -1531,6 +1531,10 @@ static void valueFlowForLoop(TokenList *tokenlist, SymbolDatabase* symboldatabas
         Token* tok = const_cast<Token*>(scope->classDef);
         Token* const bodyStart = const_cast<Token*>(scope->classStart);
 
+        if (!Token::simpleMatch(tok->next()->astOperand2(), ";") ||
+            !Token::simpleMatch(tok->next()->astOperand2()->astOperand2(), ";"))
+            continue;
+
         unsigned int varid(0);
         MathLib::bigint num1(0), num2(0), numAfter(0);
 
@@ -1632,6 +1636,15 @@ static void valueFlowFunctionReturn(TokenList *tokenlist, ErrorLogger *errorLogg
         if (tok->str() != "(" || !tok->astOperand1() || !tok->astOperand1()->function())
             continue;
 
+        // Get scope and args of function
+        const Function * const function = tok->astOperand1()->function();
+        const Scope * const functionScope = function->functionScope;
+        if (!functionScope || !Token::simpleMatch(functionScope->classStart, "{ return")) {
+            if (functionScope && settings->debugwarnings)
+                bailout(tokenlist, errorLogger, tok, "function return; nontrivial function body");
+            continue;
+        }
+
         // Arguments..
         std::vector<MathLib::bigint> parvalues;
         {
@@ -1650,15 +1663,6 @@ static void valueFlowFunctionReturn(TokenList *tokenlist, ErrorLogger *errorLogg
                 continue;
         }
 
-        // Get scope and args of function
-        const Function * const function = tok->astOperand1()->function();
-        const Scope * const functionScope = function ? function->functionScope : nullptr;
-        if (!functionScope || !Token::simpleMatch(functionScope->classStart, "{ return")) {
-            if (functionScope && settings->debugwarnings)
-                bailout(tokenlist, errorLogger, tok, "function return; nontrivial function body");
-            continue;
-        }
-
         std::map<unsigned int, MathLib::bigint> programMemory;
         for (std::size_t i = 0; i < parvalues.size(); ++i) {
             const Variable * const arg = function->getArgumentVar(i);
diff --git a/test/testgarbage.cpp b/test/testgarbage.cpp
@@ -400,6 +400,9 @@ class TestGarbage : public TestFixture {
         // 6122 survive garbage code
         code = "; { int i ; for ( i = 0 ; = 123 ; ) - ; }";
         checkCode(code);
+
+        code = "void f1() { for (int n = 0 n < 10 n++); }";
+        checkCode(code);
     }
 
     void garbageSymbolDatabase() {

Original file line number	Diff line number	Diff line change
`@@ -400,6 +400,9 @@ class TestGarbage : public TestFixture {`
`400`	`400`	`// 6122 survive garbage code`
`401`	`401`	`code = "; { int i ; for ( i = 0 ; = 123 ; ) - ; }";`
`402`	`402`	`checkCode(code);`
	`403`	`+`
	`404`	`+ code = "void f1() { for (int n = 0 n < 10 n++); }";`
	`405`	`+ checkCode(code);`
`403`	`406`	`}`
`404`	`407`
`405`	`408`	`void garbageSymbolDatabase() {`