Skip to content

Enable validateVariables(), fix fuzzing crash#6118

Merged
chrchr-github merged 5 commits into
cppcheck-opensource:mainfrom
chrchr-github:chr_varscope
Mar 14, 2024
Merged

Enable validateVariables(), fix fuzzing crash#6118
chrchr-github merged 5 commits into
cppcheck-opensource:mainfrom
chrchr-github:chr_varscope

Conversation

@chrchr-github
Copy link
Copy Markdown
Collaborator

@chrchr-github chrchr-github commented Mar 12, 2024

No description provided.

@chrchr-github chrchr-github mentioned this pull request Mar 12, 2024
Closed
@firewave
Copy link
Copy Markdown
Collaborator

firewave commented Mar 12, 2024

We need to adjust the fuzzer tests so they show the actual failure data (actually that applies to all Python tests - I want to clean that up in the future).

I think if the exitcode is negative we should show stderr instead of stdout (crashes, assert, abort, sanitizers, etc. generate negative exitcodes and our internal errors generate positive ones).

@chrchr-github
Copy link
Copy Markdown
Collaborator Author

chrchr-github commented Mar 12, 2024

So validateVariables() did not prevent the crash because we parse m t(=a[]); as a function declaration, and argument variables may not have a scope. What we need to verify is "Variables have a scope, or appear only in a function declaration".

danmar
danmar reviewed Mar 13, 2024
View reviewed changes
Comment thread lib/tokenize.cpp
else if (Token::Match(tok, "%assign% [") && Token::simpleMatch(tok->linkAt(1), "] ;"))
syntaxError(tok, tok->str() + "[...];");

else if (Token::Match(tok, "[({<] %assign%"))
Copy link
Copy Markdown
Collaborator

@danmar danmar Mar 13, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

isn't this executed before the symboldatabase? I wonder if the changes in symboldatabase+testgarbage is technically separated?

Copy link
Copy Markdown
Collaborator Author

@chrchr-github chrchr-github Mar 13, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, those are separate changes. validateVariables() was (a) deactivated and (b) not doing sufficient checking to prevent the crash, so I added the syntaxError.

@chrchr-github
Copy link
Copy Markdown
Collaborator Author

chrchr-github commented Mar 13, 2024

What we need to verify is "Variables have a scope, or appear only in a function declaration".

This is not so easy because of declarations like auto f(T& x) -> decltype(x);.

danmar
danmar reviewed Mar 14, 2024
View reviewed changes
Comment thread lib/symboldatabase.cpp
@chrchr-github chrchr-github merged commit 4c47914 into cppcheck-opensource:main Mar 14, 2024
@chrchr-github chrchr-github deleted the chr_varscope branch March 14, 2024 19:30
@chrchr-github chrchr-github mentioned this pull request Mar 22, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@danmar danmar danmar approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@chrchr-github @firewave @danmar