CheckUninitVar: Fixed FP when dereferencing multidimensional arrays. Refactoring of testing. The FP was spotted when looking at danmar#7092

danmar · danmar · commit 2187e8ba0298 · 2016-08-02T14:27:51.000+02:00
diff --git a/lib/checkuninitvar.cpp b/lib/checkuninitvar.cpp
@@ -918,9 +918,12 @@ bool CheckUninitVar::isVariableUsage(const Token *vartok, bool pointer, Alloc al
 
         if (vartok->previous()->str() != "&" || !Token::Match(vartok->tokAt(-2), "[(,=?:]")) {
             if (alloc != NO_ALLOC && vartok->previous()->str() == "*") {
+                // TestUninitVar::isVariableUsageDeref()
                 const Token *parent = vartok->previous()->astParent();
                 if (parent && parent->str() == "=" && parent->astOperand1() == vartok->previous())
                     return false;
+                if (vartok->variable() && vartok->variable()->dimensions().size() >= 2)
+                    return false;
                 return true;
             }
             return alloc == NO_ALLOC;
diff --git a/test/testuninitvar.cpp b/test/testuninitvar.cpp
@@ -73,6 +73,8 @@ class TestUninitVar : public TestFixture {
         TEST_CASE(syntax_error); // Ticket #5073
         TEST_CASE(trac_5970);
 
+        TEST_CASE(isVariableUsageDeref); // *p
+
         // dead pointer
         TEST_CASE(deadPointer);
     }
@@ -537,13 +539,6 @@ class TestUninitVar : public TestFixture {
                        "}");
         ASSERT_EQUALS("[test.cpp:4]: (error) Uninitialized variable: c\n", errout.str());
 
-        checkUninitVar("void f()\n"
-                       "{\n"
-                       "    char *s = malloc(100);\n"
-                       "    *s += 10;\n"
-                       "}");
-        ASSERT_EQUALS("[test.cpp:4]: (error) Memory is allocated but not initialized: s\n", errout.str());
-
         checkUninitVar("void f()\n"
                        "{\n"
                        "    int a[10];\n"
@@ -1236,18 +1231,6 @@ class TestUninitVar : public TestFixture {
                        "}");
         TODO_ASSERT_EQUALS("[test.cpp:4]: (error) Uninitialized variable: a\n", "", errout.str());
 
-        checkUninitVar("int f() {\n"
-                       "    char a[10];\n"
-                       "    char c = *a;\n"
-                       "}");
-        ASSERT_EQUALS("[test.cpp:3]: (error) Uninitialized variable: a\n", errout.str());
-
-        checkUninitVar("int f() {\n"
-                       "    char a[SIZE+10];\n"
-                       "    char c = *a;\n"
-                       "}");
-        ASSERT_EQUALS("[test.cpp:3]: (error) Uninitialized variable: a\n", errout.str());
-
         checkUninitVar("int f()\n"
                        "{\n"
                        "    char a[10];\n"
@@ -3783,6 +3766,33 @@ class TestUninitVar : public TestFixture {
         check.deadPointer();
     }
 
+    void isVariableUsageDeref() {
+        // *p
+        checkUninitVar("void f() {\n"
+                       "    char a[10];\n"
+                       "    char c = *a;\n"
+                       "}");
+        ASSERT_EQUALS("[test.cpp:3]: (error) Uninitialized variable: a\n", errout.str());
+
+        checkUninitVar("void f() {\n"
+                       "    char a[SIZE+10];\n"
+                       "    char c = *a;\n"
+                       "}");
+        ASSERT_EQUALS("[test.cpp:3]: (error) Uninitialized variable: a\n", errout.str());
+
+        checkUninitVar("void f() {\n"
+                       "    char a[10];\n"
+                       "    *a += 10;\n"
+                       "}");
+        ASSERT_EQUALS("[test.cpp:3]: (error) Uninitialized variable: a\n", errout.str());
+
+        checkUninitVar("void f() {\n"
+                       "  int a[10][10];\n"
+                       "  dostuff(*a);\n"
+                       "}");
+        ASSERT_EQUALS("", errout.str());
+    }
+
     void deadPointer() {
         checkDeadPointer("void f() {\n"
                          "  int *p = p1;\n"
