cppcheck / Discussion / General Discussion: containerOutOfBounds false positive since it isn't recognizing the implicit constructor

error: containerOutOfBounds - Out of bounds access in 'data[7]', if 'data' size is 2 and '7' is 7

However a pointer to the data type of a vector can be implicitly converted to an iterator. Therefore this constructor is used:

template< class InputIt >
vector( InputIt first, InputIt last, const Allocator& alloc = Allocator() );

#include <stdio.h>
#include <cstdint>
#include <vector>

struct SizedData
{
   const int length;
   const void* data;
};

bool ExampleOfAnIncorrectlyDeterminedArraySize(const SizedData& sizedData)
{
   if(8 <= sizedData.length)
   {
      std::vector<uint8_t> data { static_cast<const uint8_t*>(sizedData.data), static_cast<const uint8_t*>(sizedData.data) + sizedData.length };
      printf("Size of constructed array is: %d NOT 2.\n", static_cast<int>(data.size()));
      return 0 == (data[7] & 0x4);
   }
   return false;
}

int main()
{
   const uint8_t data[] = { 1, 2, 3, 4, 5, 6, 7, 8 };
   SizedData sizedData { sizeof(data), data };
   printf("Result: %d\n", ExampleOfAnIncorrectlyDeterminedArraySize(sizedData));
}

Reduced example:

int main()
{
   const uint8_t data[] = { 1, 2, 3, 4, 5, 6, 7, 8 };
   std::vector<uint8_t> v { data, data + sizeof(data) };
   return v[7];
}

A workaround is to use parentheses instead of braces to initialize v.
Maybe getInitListSize()should be amended like this:

else if ((args.size() == 1 && astIsContainer(args[0]) && args[0]->valueType()->container == container) ||
               (args.size() == 2 && ((astIsIterator(args[0]) && astIsIterator(args[1])) || (astIsPointer(args[0]) && astIsPointer(args[1]))))) {
        return getContainerValues(args[0]);

Last edit: CHR 2021-09-27

Steve Albright - 2021-09-27

I don't think the workaround accounts for variable sized arrays being passed around very easily and if it is valid C++ then hopefully eventually you come up with a better solution.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

CHR - 2021-09-27

I agree that it's a bug. Perhaps @pfultz2 has an opinion on this?

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

CHR - 2021-09-27

There seems to be another problem: getArguments returns two tokens, data and +.
Although + is considered to be a pointer (?), no valid size can be extracted from these arguments.

Last edit: CHR 2021-09-28

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

CHR - 2021-09-28

Ticket is here: https://trac.cppcheck.net/ticket/10513

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

containerOutOfBounds false positive since it isn't recognizing the implicit...

Static source code analysis tool for C and C++ code

Forums

Help

containerOutOfBounds false positive since it isn't recognizing the implicit constructor