cppcheck icon indicating copy to clipboard operation
cppcheck copied to clipboard
verified publisher icon danmar

Enable validateVariables(), fix fuzzing crash

Open chrchr-github opened this issue 1 year ago • 2 comments

chrchr-github avatar Mar 12 '24 14:03 chrchr-github

We need to adjust the fuzzer tests so they show the actual failure data (actually that applies to all Python tests - I want to clean that up in the future).

I think if the exitcode is negative we should show stderr instead of stdout (crashes, assert, abort, sanitizers, etc. generate negative exitcodes and our internal errors generate positive ones).

firewave avatar Mar 12 '24 14:03 firewave

So validateVariables() did not prevent the crash because we parse m t(=a[]); as a function declaration, and argument variables may not have a scope. What we need to verify is "Variables have a scope, or appear only in a function declaration".

chrchr-github avatar Mar 12 '24 15:03 chrchr-github

What we need to verify is "Variables have a scope, or appear only in a function declaration".

This is not so easy because of declarations like auto f(T& x) -> decltype(x);.

chrchr-github avatar Mar 13 '24 21:03 chrchr-github