cppcheck / Discussion / General Discussion: False positive NULL pointer dereferece inside sizeof()

False positive NULL pointer dereferece inside sizeof()

Created: 2022-09-16

Updated: 2022-09-17

sizeof(*foo) doesn't actually dereference foo, and so shouldn't generate a NULL pointer dereference warning. However, cppcheck will do so under at least some circumstances. For example:

#include <stdio.h>

struct foo {
    int a;
    char b;
};

static void func(struct foo *foo)
{
    size_t len = sizeof(*foo);
    printf("%zd\n", len);
}

void func2(void)
{
    func(NULL);
}

$ cppcheck ~/tmp/foo.c 
Checking /home/dwg/tmp/foo.c ...
/home/dwg/tmp/foo.c:10:23: error: Null pointer dereference: foo [ctunullpointer]
 size_t len = sizeof(*foo);
                      ^
/home/dwg/tmp/foo.c:16:6: note: Calling function func, 1st argument is null
 func(NULL);
     ^
/home/dwg/tmp/foo.c:10:23: note: Dereferencing argument foo that is null
 size_t len = sizeof(*foo);
                      ^

CHR - 2022-09-16

Thanks for reporting, fixed by https://github.com/danmar/cppcheck/pull/4471

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

David Gibson - 2022-09-17

Wow, that was fast. Thanks!

👍
1

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

False positive NULL pointer dereferece inside sizeof()

Static source code analysis tool for C and C++ code

Forums

Help

False positive NULL pointer dereferece inside sizeof()

False positive NULL pointer dereferece inside sizeof()

Static source code analysis tool for C and C++ code

Forums

Help

False positive NULL pointer dereferece inside sizeof() document.SUBSCRIPTION_OPTIONS = { "thing": "topic", "subscribed": false, "url": "subscribe", "icon": { "css": "fa fa-envelope-o" } };

False positive NULL pointer dereferece inside sizeof()