Fix #12301 FP doubleFree with GTK functions (#5823)

danmar · Jan 4, 2024 · 481d457 · 481d457
1 parent 8261ded
commit 481d457
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 4 deletions.
diff --git a/lib/checkleakautovar.cpp b/lib/checkleakautovar.cpp
@@ -815,7 +815,7 @@ bool CheckLeakAutoVar::checkScope(const Token * const startToken,
 }
 
 
-const Token * CheckLeakAutoVar::checkTokenInsideExpression(const Token * const tok, VarInfo &varInfo)
+const Token * CheckLeakAutoVar::checkTokenInsideExpression(const Token * const tok, VarInfo &varInfo, bool inFuncCall)
 {
     // Deallocation and then dereferencing pointer..
     if (tok->varId() > 0) {
@@ -862,7 +862,7 @@ const Token * CheckLeakAutoVar::checkTokenInsideExpression(const Token * const t
     }
 
     // check for function call
-    const Token * const openingPar = isFunctionCall(tok);
+    const Token * const openingPar = inFuncCall ? nullptr : isFunctionCall(tok);
     if (openingPar) {
         const Library::AllocFunc* allocFunc = mSettings->library.getDeallocFuncInfo(tok);
         VarInfo::AllocInfo alloc(allocFunc ? allocFunc->groupId : 0, VarInfo::DEALLOC, tok);
@@ -1045,7 +1045,7 @@ void CheckLeakAutoVar::functionCall(const Token *tokName, const Token *tokOpenin
             const VarInfo::AllocInfo sp_allocation(sp_af ? sp_af->groupId : (arrayDelete ? NEW_ARRAY : NEW), VarInfo::OWNED, allocTok);
             changeAllocStatus(varInfo, sp_allocation, vtok, vtok);
         } else {
-            checkTokenInsideExpression(arg, varInfo);
+            checkTokenInsideExpression(arg, varInfo, /*inFuncCall*/ isLeakIgnore);
         }
         // TODO: check each token in argument expression (could contain multiple variables)
         argNr++;

diff --git a/lib/checkleakautovar.h b/lib/checkleakautovar.h
@@ -135,7 +135,7 @@ class CPPCHECKLIB CheckLeakAutoVar : public Check {
      * @param varInfo Variable info
      * @return next token to process (if no other checks needed for this token). NULL if other checks could be performed.
      */
-    const Token * checkTokenInsideExpression(const Token * const tok, VarInfo &varInfo);
+    const Token * checkTokenInsideExpression(const Token * const tok, VarInfo &varInfo, bool inFuncCall = false);
 
     /** parse function call */
     void functionCall(const Token *tokName, const Token *tokOpeningPar, VarInfo &varInfo, const VarInfo::AllocInfo& allocation, const Library::AllocFunc* af);

diff --git a/test/cfg/gtk.c b/test/cfg/gtk.c
@@ -425,3 +425,9 @@ void g_abort_test()
     //cppcheck-suppress unreachableCode
     printf("Never reached");
 }
+
+gchar* g_strchug_string_free_test(GString* t) // #12301
+{
+    gchar* p = g_strchug(g_string_free(t, FALSE));
+    return p;
+}