false negative: nullptr returned from function

Static source code analysis tool for C and C++ code

Brought to you by: danielmarjamaki

false negative: nullptr returned from function

Forum: General Discussion

Creator: Christopher Hodde

Created: 2020-07-28

Updated: 2020-08-01

Christopher Hodde - 2020-07-28

Hello

cppcheck --inconclusive
does not report a nullptr deref in the following code:

int* pointer()
{
int i = 1;
return nullptr;
}

int main()
{
int var = *pointer();
}

However, when I delete the line "int i=1;" a finding is reported:
badcode.cpp:9:20: error: Null pointer dereference: pointer() [nullPointer]
int var = *pointer();

Could there be something wrong wih my setup or is this a bug?

Cppcheck --version
2.1

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Daniel Marjamäki - 2020-08-01

We have 158 open tickets about improving our valueflow. There is certainly lots to do.
https://trac.cppcheck.net/query?status=accepted&status=assigned&status=new&status=reopened&keywords=~valueflow

I believe that i.e. https://trac.cppcheck.net/ticket/8075 would solve this.

Last edit: Daniel Marjamäki 2020-08-01

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.