Open Quuxplusone opened 10 years ago
Attached e.C
(334 bytes, application/octet-stream): Testcase
This seems perfectly reasonable. How does the analyzer know that eh.xyz() returns a non-null pointer?
I agree with you, now looking deeper into the problem. What confused me is the
fact that the
if (p1 != 0)
makes the analyzer emit the message. Omitting the if-clause apparently makes
the analyzer think that p1 never can be NULL. Of course the if clause is only
for the fact that mem is false but this is too much for a static analyzer tool.
e.C
(334 bytes, application/octet-stream)