cppcheck sept 18 redux

[Ben Klein]

2009/9/22 Mike Kaplinskiy <mike.kaplinskiy at gmail.com>:
> On Tue, Sep 22, 2009 at 3:06 AM, Ben Klein <shacklein at gmail.com> wrote:
>> 2009/9/22 Mike Kaplinskiy <mike.kaplinskiy at gmail.com>:
>>> On Tue, Sep 22, 2009 at 1:09 AM, Vitaliy Margolen
>>> <wine-devel at kievinfo.com> wrote:
>>>>> [/home/cahrendt/wine-git/dlls/wineps.drv/init.c:270]: (error) Possible
>>>>> null pointer dereference: dmW - otherwise it is redundant to check if
>>>>> dmW is null at line 272
>>>>
>>>> This is a real bug and should be fixed:
>>>>>     ptrdiff_t off_formname = (const char *)dmW->dmFormName - (const char *)dmW;
>>>> Does indeed dereference dmW to get the value of dmFormName.
>>>
>>> It actually doesn't, it's a tricky case where dmW->dwFormName ==
>>> &dmW->dwFormName, because dwFormName is an array allocated as part of
>>> the struct. I made that mistake too the previous cppcheck round.
>>
>> I thought I'd covered this before. It's complaining about dmW not
>> being validated before dmW->dmFormName (which de-references dmW to get
>> at its dmFormName member). In current code, it's not a problem because
>> dmW is validated before it's run in both cases (lines 369 and 403). It
>> is right about the redundant test NULL check on 272 though; if dmW is
>> NULL, the function will segfault.
>>
>
> It actually does not dereference anything. Try passing null into the
> function - it will work just fine. This is a special case because the
> array isn't dynamically allocated but is part of the struct, which
> means that dmW->dmFormName == (dmW+__offset of dmFormName) and not
> *(dmW+__offset of dmFormName). You can try writing a test program
> yourself - it will run just fine.

OK, yes, that's very weird, but you're right. Definitely a bug in
cppcheck then, either way.