Fix #12612 FP uninitvar with pointer alias in subfunction#7249
Fix #12612 FP uninitvar with pointer alias in subfunction#7249chrchr-github wants to merge 4 commits intodanmar:mainfrom
Conversation
| return values.count(tok->varId()) > 0 || | ||
| std::any_of(values.begin(), values.end(), [&](const std::pair<nonneg int, ValueFlow::Value>& p) { | ||
| return p.second.isUninitValue() && p.second.tokvalue->varId() == tok->varId(); | ||
| }); |
There was a problem hiding this comment.
Why is this extra check needed?
There was a problem hiding this comment.
Which check exactly? We now match in case there is an alias that has an uninit value pointing to the variable in question. But I'm not sure if it is correct to only check for uninit values.
There was a problem hiding this comment.
That should happen in the analyzeToken function, not here. We are already checking for aliases there as well.
Finally the tokvalue is not always an alias either.
There was a problem hiding this comment.
analyzeToken() has this:
Action la = analyzeLifetime(lifeTok);
if (la.matches()) { ...So matches() needs to return true for the propagation of the uninit value to stop.
I looked at how that works for local code and tried to make the same stuff happen with a subfunction/valueFlowInjectParameter()
| const Token* lifeTok = nullptr; | ||
| for (const ValueFlow::Value& v:ref->astOperand1()->values()) { | ||
| if (!v.isLocalLifetimeValue()) | ||
| if (!v.isLocalLifetimeValue() && !v.isSubFunctionLifetimeValue()) |
There was a problem hiding this comment.
Instead of skipping subfunction lifetimes, you could just check that the path is the same if the propagated value's path(ie the value returned from getValue(lifetok)) is not zero.
There was a problem hiding this comment.
Subfunction lifetimes were skipped before this change, and we didn't proceed to analyzeLifetime() below.
There was a problem hiding this comment.
I see, I read it backwards. Its enabling it. We still need to check the correct path to avoid FPs.
|
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
|
3 participants
No description provided.