cppcheck sept 18 redux
Mike Kaplinskiy
mike.kaplinskiy at gmail.com
Tue Sep 22 01:56:05 CDT 2009
On Tue, Sep 22, 2009 at 1:09 AM, Vitaliy Margolen
<wine-devel at kievinfo.com> wrote:
> Ben Klein wrote:
>> The question remains, how exactly does
>> FIELD_OFFSET work, and does it end up dereferencing ca[5]?
> It does pointer arithmetic and does not dereference anything. "ca[5]" is the
> same as "(ca + 5)" or on lower level "((char*)ca + 5*sizeof(ca[0]))" and
> does not require any dereferencing.
It does, since field offset macro takes the easy approach:
#define FIELD_OFFSET(type, field) ((LONG)(INT_PTR)&(((type *)0)->field))
which basically dereferences a null pointer to get the offset. This
would be a bug in cppcheck since we don't actually dereference ca[5].
Moreover, since cppcheck doesn't catch the similar FIELD_OFFSET uses
as bugs, it seems that it is mistaking ca[5] for the local ca, as
opposed to the cs_t->ca.
>
>> [/home/cahrendt/wine-git/dlls/wineps.drv/init.c:270]: (error) Possible
>> null pointer dereference: dmW - otherwise it is redundant to check if
>> dmW is null at line 272
>
> This is a real bug and should be fixed:
>> ptrdiff_t off_formname = (const char *)dmW->dmFormName - (const char *)dmW;
> Does indeed dereference dmW to get the value of dmFormName.
It actually doesn't, it's a tricky case where dmW->dwFormName ==
&dmW->dwFormName, because dwFormName is an array allocated as part of
the struct. I made that mistake too the previous cppcheck round.
>
> Vitaliy.
>
Mike.
More information about the wine-devel
mailing list