Variables in macros not checked
Static source code analysis tool for C and C++ code
Brought to you by:
danielmarjamaki
Menu
▾
▴
Hi,
An argument is passed into a function and is used as an index in an array. Before indexing the array, the variable is checked inside an "if" statement to make sure the variable does not exceed array bounds. But if someone makes a mistake and the "if" statement is wrong (e.g. accidentaly write '<' instead of '>' which would break the function) Cpp check will throw warnings. But in our program we're using our own custom ASSERT macro inside which we check if a condition is false and if it is, we take some sort of action to fix the situation (usually just return). While using this macro Cppcheck will not throw any warnings even if the condition is wrong and a bad value may be passed into the index of an array just after the ASSERT. Could you explain why this is happening? Is there any way to force Cppcheck to work in this situation?
This example throws an error, which is what we want:
void func (int index)
{
array[5];
if (index > 5) // so the index may still be 5, which is out of bounds of an array the size of 5
{
return;
}
array[index]++;
}
This example does not throws an error, even tho we want it to throw an error:
void func (int index)
{
ASSERT(index < 5, return);
array[index]++;
}
ASSERT is defined as ASSERT(expression, action) if (expression) {action;}
EDIT: we're using cppcheck version 2.1
Last edit: Juozapas Bočkus 2020-07-30
To avoid noise it's often necessary to take code that is expanded from a macro with a "grain of salt".. A condition in a specific expansion might look suspicious but there is absolutely nothing wrong because the condition is needed for other expansions.
I would spontaneosly say that it should be ok to warn for your example code because
index < 5is written infuncand not in the macro itself.I have created ticket: https://trac.cppcheck.net/ticket/9824
EDIT: ASSERT(index < 5, return); should have been ASSERT(index > 5, return); like in the first example, so both should display a warning. Is there a way to make cppcheck warn in both cases?
yes I believe that with 9824 this should be fixed. Just understand that we are careful about macros for good reasons, we need to ensure that we will not introduce too much warnings.