fixup! fixup! Fix #8260 Improve check: Pointer calculation result not null

francois-berder · francois-berder · commit aaa058f00bfb · 2026-05-28T20:40:18.000+02:00
diff --git a/lib/checkcondition.cpp b/lib/checkcondition.cpp
@@ -1842,6 +1842,10 @@ void CheckCondition::checkPointerAdditionResultNotNull()
             if (tok->isExpandedMacro())
                 continue;
 
+            const bool usedAsBool = astIsPointer(tok) && isUsedAsBool(tok, *mSettings);
+            if (!tok->isComparisonOp() && !usedAsBool)
+                continue;
+
             const Token *calcToken = getPointerAdditionCalcToken(tok);
             if (!calcToken)
                 continue;
@@ -1856,8 +1860,8 @@ void CheckCondition::checkPointerAdditionResultNotNull()
                     continue;
 
                 pointerAdditionResultNotNullError(tok, calcToken);
-            } else if (astIsPointer(tok) && isUsedAsBool(tok, *mSettings) && !tok->astParent()->isComparisonOp()) {
-                pointerAdditionResultNotNullError(tok, calcToken);
+            } else if (usedAsBool && (!tok->astParent() || !tok->astParent()->isComparisonOp())) {
+                pointerArithmeticAlwaysTrueError(tok, calcToken);
             }
         }
     }
@@ -1869,6 +1873,12 @@ void CheckCondition::pointerAdditionResultNotNullError(const Token *tok, const T
     reportError(tok, Severity::warning, "pointerAdditionResultNotNull", "Comparison is wrong. Result of '" + s + "' can't be 0 unless there is pointer overflow, and pointer overflow is undefined behaviour.");
 }
 
+void CheckCondition::pointerArithmeticAlwaysTrueError(const Token *tok, const Token *calc)
+{
+    const std::string s = calc ? calc->expressionString() : "ptr+1";
+    reportError(tok, Severity::warning, "pointerAdditionResultNotNull", "Pointer expression '" + s + "' is always true unless there is pointer overflow, and pointer overflow is undefined behaviour.");
+}
+
 void CheckCondition::checkDuplicateConditionalAssign()
 {
     if (!mSettings->severity.isEnabled(Severity::style) && !mSettings->isPremiumEnabled("duplicateConditionalAssign"))
@@ -2168,6 +2178,7 @@ void CheckCondition::getErrorMessages(ErrorLogger *errorLogger, const Settings *
     c.alwaysTrueFalseError(nullptr, nullptr, nullptr);
     c.invalidTestForOverflow(nullptr, nullptr, "false");
     c.pointerAdditionResultNotNullError(nullptr, nullptr);
+    c.pointerArithmeticAlwaysTrueError(nullptr, nullptr);
     c.duplicateConditionalAssignError(nullptr, nullptr);
     c.assignmentInCondition(nullptr);
     c.compareValueOutOfTypeRangeError(nullptr, "unsigned char", 256, true);
diff --git a/lib/checkcondition.h b/lib/checkcondition.h
@@ -150,6 +150,7 @@ class CPPCHECKLIB CheckCondition : public Check {
 
     void invalidTestForOverflow(const Token* tok, const ValueType *valueType, const std::string &replace);
     void pointerAdditionResultNotNullError(const Token *tok, const Token *calc);
+    void pointerArithmeticAlwaysTrueError(const Token *tok, const Token *calc);
 
     void duplicateConditionalAssignError(const Token *condTok, const Token* assignTok, bool isRedundant = false);
 
diff --git a/test/testcondition.cpp b/test/testcondition.cpp
@@ -6245,7 +6245,19 @@ class TestCondition : public TestFixture {
               "  int *q = ptr + 1;\n"
               "  if (q);\n"
               "}");
-        ASSERT_EQUALS("[test.cpp:3:7]: (warning) Comparison is wrong. Result of 'q' can't be 0 unless there is pointer overflow, and pointer overflow is undefined behaviour. [pointerAdditionResultNotNull]\n", errout_str());
+        ASSERT_EQUALS("[test.cpp:3:7]: (warning) Pointer expression 'q' is always true unless there is pointer overflow, and pointer overflow is undefined behaviour. [pointerAdditionResultNotNull]\n", errout_str());
+
+        check("void f(char *ptr) {\n"
+              "  int *q = ptr + 1;\n"
+              "  if (!q);\n"
+              "}");
+        ASSERT_EQUALS("[test.cpp:3:8]: (warning) Pointer expression 'q' is always true unless there is pointer overflow, and pointer overflow is undefined behaviour. [pointerAdditionResultNotNull]\n", errout_str());
+
+        check("void f(char *ptr) {\n"
+              "  int *q = ptr + 0;\n"
+              "  if (q != 0);\n"
+              "}");
+        ASSERT_EQUALS("", errout_str());
     }
 
     void duplicateConditionalAssign() {
