fixup! fixup! Fix #8260 Improve check: Pointer calculation result not null

francois-berder · francois-berder · commit 5c247e79955d · 2026-05-28T20:53:10.000+02:00
diff --git a/lib/checkcondition.cpp b/lib/checkcondition.cpp
@@ -1847,6 +1847,10 @@ void CheckConditionImpl::checkPointerAdditionResultNotNull()
             if (tok->isExpandedMacro())
                 continue;
 
+            const bool usedAsBool = astIsPointer(tok) && isUsedAsBool(tok, *mSettings);
+            if (!tok->isComparisonOp() && !usedAsBool)
+                continue;
+
             const Token *calcToken = getPointerAdditionCalcToken(tok);
             if (!calcToken)
                 continue;
@@ -1861,8 +1865,8 @@ void CheckConditionImpl::checkPointerAdditionResultNotNull()
                     continue;
 
                 pointerAdditionResultNotNullError(tok, calcToken);
-            } else if (astIsPointer(tok) && isUsedAsBool(tok, *mSettings) && !tok->astParent()->isComparisonOp()) {
-                pointerAdditionResultNotNullError(tok, calcToken);
+            } else if (usedAsBool && (!tok->astParent() || !tok->astParent()->isComparisonOp())) {
+                pointerArithmeticAlwaysTrueError(tok, calcToken);
             }
         }
     }
@@ -1874,6 +1878,12 @@ void CheckConditionImpl::pointerAdditionResultNotNullError(const Token *tok, con
     reportError(tok, Severity::warning, "pointerAdditionResultNotNull", "Comparison is wrong. Result of '" + s + "' can't be 0 unless there is pointer overflow, and pointer overflow is undefined behaviour.");
 }
 
+void CheckConditionImpl::pointerArithmeticAlwaysTrueError(const Token *tok, const Token *calc)
+{
+    const std::string s = calc ? calc->expressionString() : "ptr+1";
+    reportError(tok, Severity::warning, "pointerAdditionResultNotNull", "Pointer expression '" + s + "' is always true unless there is pointer overflow, and pointer overflow is undefined behaviour.");
+}
+
 void CheckConditionImpl::checkDuplicateConditionalAssign()
 {
     if (!mSettings->severity.isEnabled(Severity::style) && !mSettings->isPremiumEnabled("duplicateConditionalAssign"))
@@ -2173,6 +2183,7 @@ void CheckCondition::getErrorMessages(ErrorLogger *errorLogger, const Settings *
     c.alwaysTrueFalseError(nullptr, nullptr, nullptr);
     c.invalidTestForOverflow(nullptr, nullptr, "false");
     c.pointerAdditionResultNotNullError(nullptr, nullptr);
+    c.pointerArithmeticAlwaysTrueError(nullptr, nullptr);
     c.duplicateConditionalAssignError(nullptr, nullptr);
     c.assignmentInCondition(nullptr);
     c.compareValueOutOfTypeRangeError(nullptr, "unsigned char", 256, true);
diff --git a/lib/checkcondition.h b/lib/checkcondition.h
@@ -175,6 +175,7 @@ class CPPCHECKLIB CheckConditionImpl : public CheckImpl {
 
     void invalidTestForOverflow(const Token* tok, const ValueType *valueType, const std::string &replace);
     void pointerAdditionResultNotNullError(const Token *tok, const Token *calc);
+    void pointerArithmeticAlwaysTrueError(const Token *tok, const Token *calc);
 
     void duplicateConditionalAssignError(const Token *condTok, const Token* assignTok, bool isRedundant = false);
 
diff --git a/test/testcondition.cpp b/test/testcondition.cpp
@@ -6259,7 +6259,19 @@ class TestCondition : public TestFixture {
               "  int *q = ptr + 1;\n"
               "  if (q);\n"
               "}");
-        ASSERT_EQUALS("[test.cpp:3:7]: (warning) Comparison is wrong. Result of 'q' can't be 0 unless there is pointer overflow, and pointer overflow is undefined behaviour. [pointerAdditionResultNotNull]\n", errout_str());
+        ASSERT_EQUALS("[test.cpp:3:7]: (warning) Pointer expression 'q' is always true unless there is pointer overflow, and pointer overflow is undefined behaviour. [pointerAdditionResultNotNull]\n", errout_str());
+
+        check("void f(char *ptr) {\n"
+              "  int *q = ptr + 1;\n"
+              "  if (!q);\n"
+              "}");
+        ASSERT_EQUALS("[test.cpp:3:8]: (warning) Pointer expression 'q' is always true unless there is pointer overflow, and pointer overflow is undefined behaviour. [pointerAdditionResultNotNull]\n", errout_str());
+
+        check("void f(char *ptr) {\n"
+              "  int *q = ptr + 0;\n"
+              "  if (q != 0);\n"
+              "}");
+        ASSERT_EQUALS("", errout_str());
     }
 
     void duplicateConditionalAssign() {
