Fixed two false positives related to char arrays initialized by a literal:

PKEuS · PKEuS · commit 644a21639453 · 2016-07-07T19:38:15.000+02:00
- Run check for writing to string literals on non-simplified token list (cppcheck-opensource#7283) - Run buffer overrun checking for string literals on non-simplified token list (https://sourceforge.net/p/cppcheck/discussion/general/thread/2c33dfc5/)
diff --git a/lib/checkbufferoverrun.cpp b/lib/checkbufferoverrun.cpp
@@ -1464,21 +1464,10 @@ void CheckBufferOverrun::checkStructVariable()
         }
     }
 }
-//---------------------------------------------------------------------------
 
-void CheckBufferOverrun::bufferOverrun()
-{
-    checkGlobalAndLocalVariable();
-    if (_tokenizer->isMaxTime())
-        return;
-    checkStructVariable();
-    checkBufferAllocatedWithStrlen();
-    checkStringArgument();
-    checkInsecureCmdLineArgs();
-}
 //---------------------------------------------------------------------------
 
-void CheckBufferOverrun::bufferOverrun2()
+void CheckBufferOverrun::bufferOverrun()
 {
     // singlepass checking using ast, symboldatabase and valueflow
     for (const Token *tok = _tokenizer->tokens(); tok; tok = tok->next()) {
diff --git a/lib/checkbufferoverrun.h b/lib/checkbufferoverrun.h
@@ -61,17 +61,24 @@ class CPPCHECKLIB CheckBufferOverrun : public Check {
 
     void runSimplifiedChecks(const Tokenizer *tokenizer, const Settings *settings, ErrorLogger *errorLogger) {
         CheckBufferOverrun checkBufferOverrun(tokenizer, settings, errorLogger);
+        checkBufferOverrun.checkGlobalAndLocalVariable();
+        if (_tokenizer->isMaxTime())
+            return;
+        checkBufferOverrun.checkStructVariable();
+        checkBufferOverrun.checkBufferAllocatedWithStrlen();
+        checkBufferOverrun.checkInsecureCmdLineArgs();
         checkBufferOverrun.bufferOverrun();
-        checkBufferOverrun.bufferOverrun2();
         checkBufferOverrun.arrayIndexThenCheck();
         checkBufferOverrun.negativeArraySize();
     }
 
-    /** @brief %Check for buffer overruns */
-    void bufferOverrun();
+    void runChecks(const Tokenizer *tokenizer, const Settings *settings, ErrorLogger *errorLogger) {
+        CheckBufferOverrun checkBufferOverrun(tokenizer, settings, errorLogger);
+        checkBufferOverrun.checkStringArgument();
+    }
 
-    /** @brief %Check for buffer overruns #2 (single pass, use ast and valueflow) */
-    void bufferOverrun2();
+    /** @brief %Check for buffer overruns (single pass, use ast and valueflow) */
+    void bufferOverrun();
 
     /** @brief Using array index before bounds check */
     void arrayIndexThenCheck();
diff --git a/lib/checkstring.h b/lib/checkstring.h
@@ -49,6 +49,7 @@ class CPPCHECKLIB CheckString : public Check {
         // Checks
         checkString.strPlusChar();
         checkString.checkSuspiciousStringCompare();
+        checkString.stringLiteralWrite();
     }
 
     /** @brief Run checks against the simplified token list */
@@ -59,7 +60,6 @@ class CPPCHECKLIB CheckString : public Check {
         checkString.checkIncorrectStringCompare();
         checkString.checkAlwaysTrueOrFalseStringCompare();
         checkString.sprintfOverlappingData();
-        checkString.stringLiteralWrite();
     }
 
     /** @brief undefined behaviour, writing string literal */
diff --git a/test/testbufferoverrun.cpp b/test/testbufferoverrun.cpp
@@ -54,16 +54,15 @@ class TestBufferOverrun : public TestFixture {
         Tokenizer tokenizer(&settings, this);
         std::istringstream istr(code);
         tokenizer.tokenize(istr, filename);
-        tokenizer.simplifyTokenList2();
 
         // Clear the error buffer..
         errout.str("");
 
         // Check for buffer overruns..
         CheckBufferOverrun checkBufferOverrun(&tokenizer, &settings, this);
-        checkBufferOverrun.bufferOverrun();
-        checkBufferOverrun.bufferOverrun2();
-        checkBufferOverrun.arrayIndexThenCheck();
+        checkBufferOverrun.runChecks(&tokenizer, &settings, this);
+        tokenizer.simplifyTokenList2();
+        checkBufferOverrun.runSimplifiedChecks(&tokenizer, &settings, this);
     }
 
     void run() {
@@ -2001,6 +2000,13 @@ class TestBufferOverrun : public TestFixture {
               "    if ( name[0] == 'U' ? name[1] : 0) {}\n"
               "}");
         ASSERT_EQUALS("", errout.str());
+
+        check("int main(int argc, char **argv) {\n"
+              "    char str[6] = \"\\0\";\n"
+              "    unsigned short port = 65535;\n"
+              "    snprintf(str, sizeof(str), \"%hu\", port);\n"
+              "}", settings0, "test.c");
+        ASSERT_EQUALS("", errout.str());
     }
 
     void array_index_same_struct_and_var_name() {
diff --git a/test/teststring.cpp b/test/teststring.cpp
@@ -88,6 +88,24 @@ class TestString : public TestFixture {
               "  abc[0] = 'a';\n"
               "}");
         ASSERT_EQUALS("", errout.str());
+
+        check("void foo_FP1(char *p) {\n"
+              "  p[1] = 'B';\n"
+              "}\n"
+              "void foo_FP2(void) {\n"
+              "  char* s = \"Y\";\n"
+              "  foo_FP1(s);\n"
+              "}");
+        ASSERT_EQUALS("[test.cpp:2] -> [test.cpp:5]: (error) Modifying string literal \"Y\" directly or indirectly is undefined behaviour.\n", errout.str());
+
+        check("void foo_FP1(char *p) {\n"
+              "  p[1] = 'B';\n"
+              "}\n"
+              "void foo_FP2(void) {\n"
+              "  char s[10] = \"Y\";\n"
+              "  foo_FP1(s);\n"
+              "}");
+        ASSERT_EQUALS("", errout.str());
     }
 
     void alwaysTrueFalseStringCompare() {

Original file line number	Diff line number	Diff line change
`@@ -1464,21 +1464,10 @@ void CheckBufferOverrun::checkStructVariable()`
`1464`	`1464`	`}`
`1465`	`1465`	`}`
`1466`	`1466`	`}`
`1467`		`-//---------------------------------------------------------------------------`
`1468`	`1467`
`1469`		`-void CheckBufferOverrun::bufferOverrun()`
`1470`		`-{`
`1471`		`- checkGlobalAndLocalVariable();`
`1472`		`- if (_tokenizer->isMaxTime())`
`1473`		`- return;`
`1474`		`- checkStructVariable();`
`1475`		`- checkBufferAllocatedWithStrlen();`
`1476`		`- checkStringArgument();`
`1477`		`- checkInsecureCmdLineArgs();`
`1478`		`-}`
`1479`	`1468`	`//---------------------------------------------------------------------------`
`1480`	`1469`
`1481`		`-void CheckBufferOverrun::bufferOverrun2()`
	`1470`	`+void CheckBufferOverrun::bufferOverrun()`
`1482`	`1471`	`{`
`1483`	`1472`	`// singlepass checking using ast, symboldatabase and valueflow`
`1484`	`1473`	`for (const Token *tok = _tokenizer->tokens(); tok; tok = tok->next()) {`
Original file line number	Diff line number	Diff line change
`@@ -49,6 +49,7 @@ class CPPCHECKLIB CheckString : public Check {`
`49`	`49`	`// Checks`
`50`	`50`	`checkString.strPlusChar();`
`51`	`51`	`checkString.checkSuspiciousStringCompare();`
	`52`	`+ checkString.stringLiteralWrite();`
`52`	`53`	`}`
`53`	`54`
`54`	`55`	`/** @brief Run checks against the simplified token list */`
`@@ -59,7 +60,6 @@ class CPPCHECKLIB CheckString : public Check {`
`59`	`60`	`checkString.checkIncorrectStringCompare();`
`60`	`61`	`checkString.checkAlwaysTrueOrFalseStringCompare();`
`61`	`62`	`checkString.sprintfOverlappingData();`
`62`		`- checkString.stringLiteralWrite();`
`63`	`63`	`}`
`64`	`64`
`65`	`65`	`/** @brief undefined behaviour, writing string literal */`