Skip to content

Fix #12724 FN: resourceLeak (allocation result in variable, regression) #8215

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
chrchr-github merged 10 commits into from
Feb 25, 2026
Merged

Fix #12724 FN: resourceLeak (allocation result in variable, regression) #8215

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
1a7259a
Update checkleakautovar.cpp
chrchr-github Feb 13, 2026
90e6626
Update checkleakautovar.cpp
chrchr-github Feb 13, 2026
32a1c68
Update testleakautovar.cpp
chrchr-github Feb 13, 2026
8ec5842
Update checkleakautovar.cpp
chrchr-github Feb 13, 2026
1352ad4
Update checkleakautovar.cpp
chrchr-github Feb 13, 2026
c8a70f1
Update checkleakautovar.cpp
chrchr-github Feb 13, 2026
014ec2f
Check condition stored in variable
web-flow Feb 13, 2026
682f9d8
Update lib/checkleakautovar.cpp
chrchr-github Feb 21, 2026
f60c18c
Update checkleakautovar.cpp
chrchr-github Feb 23, 2026
5080353
Update testleakautovar.cpp
chrchr-github Feb 25, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
103 changes: 59 additions & 44 deletions lib/checkleakautovar.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -295,6 +295,18 @@ static const Token* getReturnValueFromOutparamAlloc(const Token* alloc, const Se
return nullptr;
}

static std::vector<const Token*> getComparisonTokens(const Token* tok)
{
std::vector<const Token*> result{ tok };
if (tok->hasKnownValue(ValueFlow::Value::ValueType::SYMBOLIC))
result.push_back(tok->getKnownValue(ValueFlow::Value::ValueType::SYMBOLIC)->tokvalue);
for (const Token* op : { tok->astOperand1(), tok->astOperand2() }) {
if (op && op->hasKnownValue(ValueFlow::Value::ValueType::SYMBOLIC))
result.push_back(op->getKnownValue(ValueFlow::Value::ValueType::SYMBOLIC)->tokvalue);
}
return result;
}

bool CheckLeakAutoVar::checkScope(const Token * const startToken,
VarInfo &varInfo,
std::set<int> notzero,
Expand Down Expand Up @@ -444,7 +456,7 @@ bool CheckLeakAutoVar::checkScope(const Token * const startToken,
if (tok2->str() == ";") {
break;
}
if (tok2->varId()) {
if (tok2->varId() && !Token::Match(tok2->astParent(), "%comp%|!")) {
varInfo.erase(tok2->varId());
}
}
Expand Down Expand Up @@ -578,53 +590,56 @@ bool CheckLeakAutoVar::checkScope(const Token * const startToken,
astOperand2AfterCommas = astOperand2AfterCommas->astOperand2();

// Recursively scan variable comparisons in condition
visitAstNodes(astOperand2AfterCommas, [&](const Token *tok3) {
if (!tok3)
return ChildrenToVisit::none;
if (tok3->str() == "&&" || tok3->str() == "||") {
// FIXME: handle && ! || better
return ChildrenToVisit::op1_and_op2;
}
if (tok3->str() == "(" && Token::Match(tok3->astOperand1(), "UNLIKELY|LIKELY")) {
return ChildrenToVisit::op2;
}
if (tok3->str() == "(" && tok3->previous()->isName()) {
const std::vector<const Token *> params = getArguments(tok3->previous());
for (const Token *par : params) {
if (!par->isComparisonOp())
continue;
const Token *vartok = nullptr;
if (isVarTokComparison(par, &vartok, alloc_success_conds) ||
(isVarTokComparison(par, &vartok, alloc_failed_conds))) {
varInfo1.erase(vartok->varId());
varInfo2.erase(vartok->varId());
for (const Token* compTok : getComparisonTokens(astOperand2AfterCommas)) {
visitAstNodes(compTok, [&](const Token* tok3) {
if (!tok3)
return ChildrenToVisit::none;
if (tok3->str() == "&&" || tok3->str() == "||") {
// FIXME: handle && ! || better
return ChildrenToVisit::op1_and_op2;
}
if (tok3->str() == "(" && Token::Match(tok3->astOperand1(), "UNLIKELY|LIKELY")) {
return ChildrenToVisit::op2;
}
if (tok3->str() == "(" && tok3->previous()->isName()) {
const std::vector<const Token*> params = getArguments(tok3->previous());
for (const Token* par : params) {
if (!par->isComparisonOp())
continue;
const Token* vartok = nullptr;
if (isVarTokComparison(par, &vartok, alloc_success_conds) ||
(isVarTokComparison(par, &vartok, alloc_failed_conds))) {
varInfo1.erase(vartok->varId());
varInfo2.erase(vartok->varId());
}
}
return ChildrenToVisit::none;
}
return ChildrenToVisit::none;
}

const Token *vartok = nullptr;
if (isVarTokComparison(tok3, &vartok, alloc_success_conds)) {
varInfo2.reallocToAlloc(vartok->varId());
varInfo2.erase(vartok->varId());
if (astIsVariableComparison(tok3, "!=", "0", &vartok) &&
(notzero.find(vartok->varId()) != notzero.end()))
varInfo2.clear();

if (std::any_of(varInfo1.alloctype.begin(), varInfo1.alloctype.end(), [&](const std::pair<int, VarInfo::AllocInfo>& info) {
if (info.second.status != VarInfo::ALLOC)
return false;
const Token* ret = getReturnValueFromOutparamAlloc(info.second.allocTok, *mSettings);
return ret && vartok && ret->varId() && ret->varId() == vartok->varId();
})) {
varInfo1.clear();
const Token* vartok = nullptr;
if (isVarTokComparison(tok3, &vartok, alloc_success_conds)) {
varInfo2.reallocToAlloc(vartok->varId());
varInfo2.erase(vartok->varId());
if (astIsVariableComparison(tok3, "!=", "0", &vartok) &&
(notzero.find(vartok->varId()) != notzero.end()))
varInfo2.clear();

if (std::any_of(varInfo1.alloctype.begin(), varInfo1.alloctype.end(), [&](const std::pair<int, VarInfo::AllocInfo>& info) {
if (info.second.status != VarInfo::ALLOC)
return false;
const Token* ret = getReturnValueFromOutparamAlloc(info.second.allocTok, *mSettings);
return ret && vartok && ret->varId() && ret->varId() == vartok->varId();
})) {
varInfo1.clear();
}
}
} else if (isVarTokComparison(tok3, &vartok, alloc_failed_conds)) {
varInfo1.reallocToAlloc(vartok->varId());
varInfo1.erase(vartok->varId());
}
return ChildrenToVisit::none;
});
else if (isVarTokComparison(tok3, &vartok, alloc_failed_conds)) {
varInfo1.reallocToAlloc(vartok->varId());
varInfo1.erase(vartok->varId());
}
return ChildrenToVisit::none;
});
}

if (!skipIfBlock && !checkScope(closingParenthesis->next(), varInfo1, notzero, recursiveCount)) {
varInfo.clear();
Expand Down
8 changes: 8 additions & 0 deletions test/testleakautovar.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -641,6 +641,14 @@ class TestLeakAutoVar : public TestFixture {
" x = p != nullptr ? p : nullptr;\n"
"}", dinit(CheckOptions, $.cpp = true));
ASSERT_EQUALS("", errout_str());

check("void f(const char* n) {\n" // #12724
" FILE* fp = fopen(n, \"r\");\n"
" bool b = (fp == NULL);\n"
" if (b)\n"
" return;\n"
"}\n", dinit(CheckOptions, $.cpp = true));
ASSERT_EQUALS("[test.cpp:6:1]: (error) Resource leak: fp [resourceLeak]\n", errout_str());
}

void memcpy1() { // #11542
Expand Down
Loading