Bug#628593: cppcheck: false-negative for realloc with non-initialized pointer in loop

Niels Thykier Mon, 30 May 2011 07:27:18 -0700

Package: cppcheck
Version: 1.48-1
Severity: wishlist
Tags: upstream

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


Hi,

I noticed that cppcheck does not complain about realloc being passed an 
uninitialized
pointer (at least not if it is in a loop).  I have included a small test case
demonstrating this.

~Niels

- -- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.38-2-686 (SMP w/2 CPU cores)
Locale: LANG=en_DK.UTF-8, LC_CTYPE=en_DK.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages cppcheck depends on:
ii  libc6                         2.13-4     Embedded GNU C Library: Shared lib
ii  libgcc1                       1:4.6.0-2  GCC support library
ii  libpcre3                      8.12-3     Perl 5 Compatible Regular Expressi
ii  libstdc++6                    4.6.0-2    The GNU Standard C++ Library v3
ii  libtinyxml2.5.3               2.5.3-3    C++ XML parsing library

cppcheck recommends no packages.

cppcheck suggests no packages.

- -- no debconf information

*** test.c
#include <stdlib.h>
#include <stdio.h>

char * f(FILE *fp){
  char *p;
  int len = 100;
  do {
    char *tmp = realloc(p, len + 1);
    if (!tmp){
      free(p);
      return NULL;
    }
    p = tmp;
  } while(condition());
  return p;
}

int condition() { return 1; }

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCAAGBQJN46fMAAoJEAVLu599gGRCmIcP/1uAhvLu97guQ3uiZe9j4GaI
WuAsropHXXMnHFO9FqQFSm8aXd6CPLAcZrMKwuYLKgKfnVIkT03gxAl1be7tqLk5
Lxzcw+Cxqf+1LWvQRQyZJI950bqcasoFaqdAfwJ+JNXgz++X/vT3tvcUl3WhL8jU
fKkzMbKCihTjLCwfgE0uVcN3MvgeR5YBY4IVw6Lec5vQCdRwApPB1PVb/HmVe/6O
RpZyZ9ckcO/u8/7BXyeI71723cw+cHJ8bhvIp3Da176DsMp/7RChWRc7nKk7plEu
PCjWBXf3dIeWSEvRlkO8gzkfVfNG2+COd7U1l0TqDkLbnPMd5FsjgvX13mFfwNfG
pT1z4JB3JWDsG+1bc8SHMFleUALNRYReOQN6Sm0TkAgW8XjZs+dyoxy72O/1tK5j
IYzM3AVk3ZLWWALNgXX2xmTZAxvxKxQfgxXBSLdK5Tr6PtHnRFAFD7CbJ3kY0DMR
I59vCX6fljIVMJB8LrlJLAn7tEZLJEEScSTVW3xQF745j7mKgjtvKbu6ESLftzSx
Ig2V/YJWmb5PHU3k9hTFafW5aktJptc94s7XwiGX9eVj29xvY+7I5gMC2yt5EbQS
Iaa2eb/ijJiT+mA4MIYys+rAtYUJLE43kPmf5b6AQXeuCPaes4erkvSROfL0sRWd
3/8vCTzGzc4jr8ENY9RT
=6luE
-----END PGP SIGNATURE-----



-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Bug#628593: cppcheck: false-negative for realloc with non-initialized pointer in loop

Reply via email to