fix premature examination of dereferenced object

in the fixes 696b243a5ae0 ("fix: evaluate_dereference() unexamined base type"),
the pointer's examination was done prematurely, before the undereferenceable
types are filtered out. This allows to examine the base abstract types when
the expression was in fact not dereferenceable.

Fix that by moving the examination to the top of the SYM_PTR's case
since only pointers are concerned.

Fixes: 696b243a5ae0 ("fix: evaluate_dereference() unexamined base type")
Signed-off-by: Luc Van Oostenryck <luc.vanoostenryck@gmail.com>

2 files changed, 28 insertions, 1 deletions

diff --git a/evaluate.c b/evaluate.c
index 19bdab92..ff6938a5 100644
--- a/evaluate.c
+++ b/evaluate.c
@@ -1817,7 +1817,6 @@ static struct symbol *evaluate_dereference(struct expression *expr)
 		ctype = ctype->ctype.base_type;
 
 	target = ctype->ctype.base_type;
-	examine_symbol_type(target);
 
 	switch (ctype->type) {
 	default:
@@ -1827,6 +1826,7 @@ static struct symbol *evaluate_dereference(struct expression *expr)
 		*expr = *op;
 		return expr->ctype;
 	case SYM_PTR:
+		examine_symbol_type(target);
 		node = alloc_symbol(expr->pos, SYM_NODE);
 		node->ctype.modifiers = target->ctype.modifiers & MOD_SPECIFIER;
 		merge_type(node, ctype);
diff --git a/validation/eval/premature-examination.c b/validation/eval/premature-examination.c
new file mode 100644
index 00000000..bd2ffa90
--- /dev/null
+++ b/validation/eval/premature-examination.c
@@ -0,0 +1,27 @@
+extern int i;
+
+int foo(void)
+{
+	return *i;
+}
+
+int bar(void)
+{
+	return i[0];
+}
+
+int *qux(void)
+{
+	return &i[0];
+}
+
+/*
+ * check-name: premature-examination
+ * check-command: sparse -Wno-decl $file
+ *
+ * check-error-start
+eval/premature-examination.c:5:16: error: cannot dereference this type
+eval/premature-examination.c:10:17: error: cannot dereference this type
+eval/premature-examination.c:15:18: error: cannot dereference this type
+ * check-error-end
+ */