Fixed danmar#5510 (FP: nullPointer - variable initialized in function call)

danmar · danmar · commit 830249d72e78 · 2014-04-01T07:06:20.000+02:00
diff --git a/lib/valueflow.cpp b/lib/valueflow.cpp
@@ -61,6 +61,12 @@ static bool bailoutFunctionPar(const Token *tok, const ValueFlow::Value &value,
     else
         return false;
 
+    // reinterpret_cast etc..
+    if (Token::Match(tok->tokAt(-3), "> ( & %var% ) [,)]") &&
+        tok->linkAt(-3) &&
+        Token::Match(tok->linkAt(-3)->tokAt(-2), "[,(] %type% <"))
+        tok = tok->linkAt(-3);
+
     // goto start of function call and get argnr
     unsigned int argnr = 0;
     while (tok && tok->str() != "(") {
diff --git a/test/testvalueflow.cpp b/test/testvalueflow.cpp
@@ -513,6 +513,13 @@ class TestValueFlow : public TestFixture {
                "}";
         ASSERT_EQUALS(false, testValueOfX(code, 4U, 0));
 
+        code = "void f() {\n"
+               "    char *x = 0;\n"
+               "    getx(reinterpret_cast<void **>(&x));\n"
+               "    *x = 0;\n"
+               "}";
+        ASSERT_EQUALS(false, testValueOfX(code, 4U, 0));
+
         // if/else
         code = "void f() {\n"
                "    int x = 123;\n"
