Hello,
during my work I found that cppcheck doesn't detect me a possible fault: in this part of my code there is a division without any check done before in case the variable is null .. is there a way to force in cppcheck a verification of this condition?
thanks
michele
..
int zBlockSize;
int *pzNumBlocks;
zBlockSize = HalDaf_GetSectorSize();
/ evaluate number of sectors /
if (pzNumBlocks != NULL)
{
*pzNumBlocks =( ( MemSize ) / zBlockSize );
}
..
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I checked and I found that if I do like that cppcheck detects the division by 0. In my case the problem is more that the return of the function HalDaf_GetSectorSize() is unknown so it could be 0 .. and that check is not done. Is there a way to enable a check for that?
Thanks for the support
Michele
I don't think it's a good idea to add a more noisy check that assumes that functions can return 0. So there is no quick and simple solution imho.
I think it would be a good idea to make Cppcheck more clever about functions return values. Perhaps you should be able to configure that for instance HalDaf_GetSectorSize() can return 0.
Some standard functions such as strchr can return NULL. But I don't want to automatically guess that each strchr() return value is possibly NULL. I would like to guess that the return value can be NULL unless when the arguments mean that it can't be NULL. How we implement this .. I don't know.
Do you know for sure that HalDaf_GetSectorSize() in your code can return zero? I don't know.. but it sounds to me that in general sector sizes can't be 0. Is there any way for Cppcheck to see that this could happen through whole program analysis etc?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hello,
thanks for your reply: I understand your point. I would like to be able to define a rule that every division by zero must be checked by and if divisor != 0, unless the divisor is a constant or a define (so the value is fixed). Is there a way to do that?
Thanks for your support
Michele
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I would like to be able to define a rule that every division by zero must be checked by and if divisor != 0, unless the divisor is a constant or a define (so the value is fixed).
I don't want to have such rule in the cppcheck tool. As an addon or extra rule it would be ok.
Is there a way to do that?
There is no quick and simple way.
The way I would do this is to first improve the ValueFlow::Value so it can say for instance what the min/max values are also. The valueFlowAfterAssign() should set the min/max values. And the valueFlowForward() must probably have some handling for these.
Then I would make sure that these min/max values can be read in the --dump output.
Then I would write a addon that checks for division by zero using the min/max values.
Updating the ValueFlow is the hard part. Improving the --dump output and writing the addon will then be trivial.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Thanks a lot, I will have a look.
I'm using cppcheck on my team and other colleagues are using instead klockwork. I'm checking issues not detected by cppcheck .. and viceversa. :)
Thanks again for the support
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hello,
during my work I found that cppcheck doesn't detect me a possible fault: in this part of my code there is a division without any check done before in case the variable is null .. is there a way to force in cppcheck a verification of this condition?
thanks
michele
..
int zBlockSize;
int *pzNumBlocks;
zBlockSize = HalDaf_GetSectorSize();
/ evaluate number of sectors /
if (pzNumBlocks != NULL)
{
*pzNumBlocks =( ( MemSize ) / zBlockSize );
}
..
I checked and I found that if I do like that cppcheck detects the division by 0. In my case the problem is more that the return of the function HalDaf_GetSectorSize() is unknown so it could be 0 .. and that check is not done. Is there a way to enable a check for that?
Thanks for the support
Michele
Thanks! This is a very good forum topic imho.
I don't think it's a good idea to add a more noisy check that assumes that functions can return 0. So there is no quick and simple solution imho.
I think it would be a good idea to make Cppcheck more clever about functions return values. Perhaps you should be able to configure that for instance HalDaf_GetSectorSize() can return 0.
Some standard functions such as strchr can return NULL. But I don't want to automatically guess that each strchr() return value is possibly NULL. I would like to guess that the return value can be NULL unless when the arguments mean that it can't be NULL. How we implement this .. I don't know.
Do you know for sure that HalDaf_GetSectorSize() in your code can return zero? I don't know.. but it sounds to me that in general sector sizes can't be 0. Is there any way for Cppcheck to see that this could happen through whole program analysis etc?
Hello,
thanks for your reply: I understand your point. I would like to be able to define a rule that every division by zero must be checked by and if divisor != 0, unless the divisor is a constant or a define (so the value is fixed). Is there a way to do that?
Thanks for your support
Michele
To start with.. can you try ublinter.
https://github.com/danmar/ublinter
let me know if you have problems etc..
it is supposed to be more noisy.
I don't want to have such rule in the cppcheck tool. As an addon or extra rule it would be ok.
There is no quick and simple way.
The way I would do this is to first improve the ValueFlow::Value so it can say for instance what the min/max values are also. The valueFlowAfterAssign() should set the min/max values. And the valueFlowForward() must probably have some handling for these.
Then I would make sure that these min/max values can be read in the --dump output.
Then I would write a addon that checks for division by zero using the min/max values.
Updating the ValueFlow is the hard part. Improving the --dump output and writing the addon will then be trivial.
ublinter warns for your original code.
divzero.c:
void f() { int zBlockSize; int *pzNumBlocks; zBlockSize = HalDaf_GetSectorSize(); /* evaluate number of sectors */ if (pzNumBlocks != NULL) { *pzNumBlocks =( ( MemSize ) / zBlockSize ); } }command line:
Thanks a lot, I will have a look.
I'm using cppcheck on my team and other colleagues are using instead klockwork. I'm checking issues not detected by cppcheck .. and viceversa. :)
Thanks again for the support