2009/9/22 Mike Kaplinskiy <mike.kaplins...@gmail.com>: > On Tue, Sep 22, 2009 at 3:06 AM, Ben Klein <shackl...@gmail.com> wrote: >> 2009/9/22 Mike Kaplinskiy <mike.kaplins...@gmail.com>: >>> On Tue, Sep 22, 2009 at 1:09 AM, Vitaliy Margolen >>> <wine-de...@kievinfo.com> wrote: >>>>> [/home/cahrendt/wine-git/dlls/wineps.drv/init.c:270]: (error) Possible >>>>> null pointer dereference: dmW - otherwise it is redundant to check if >>>>> dmW is null at line 272 >>>> >>>> This is a real bug and should be fixed: >>>>> ptrdiff_t off_formname = (const char *)dmW->dmFormName - (const char >>>>> *)dmW; >>>> Does indeed dereference dmW to get the value of dmFormName. >>> >>> It actually doesn't, it's a tricky case where dmW->dwFormName == >>> &dmW->dwFormName, because dwFormName is an array allocated as part of >>> the struct. I made that mistake too the previous cppcheck round. >> >> I thought I'd covered this before. It's complaining about dmW not >> being validated before dmW->dmFormName (which de-references dmW to get >> at its dmFormName member). In current code, it's not a problem because >> dmW is validated before it's run in both cases (lines 369 and 403). It >> is right about the redundant test NULL check on 272 though; if dmW is >> NULL, the function will segfault. >> > > It actually does not dereference anything. Try passing null into the > function - it will work just fine. This is a special case because the > array isn't dynamically allocated but is part of the struct, which > means that dmW->dmFormName == (dmW+__offset of dmFormName) and not > *(dmW+__offset of dmFormName). You can try writing a test program > yourself - it will run just fine.
OK, yes, that's very weird, but you're right. Definitely a bug in cppcheck then, either way.
