2015-11-21 20:24:30 +01:00
/*
* Cppcheck - A tool for static C / C + + code analysis
2019-06-29 07:49:14 +02:00
* Copyright ( C ) 2007 - 2019 Cppcheck team .
2015-11-21 20:24:30 +01:00
*
* This program is free software : you can redistribute it and / or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation , either version 3 of the License , or
* ( at your option ) any later version .
*
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU General Public License for more details .
*
* You should have received a copy of the GNU General Public License
* along with this program . If not , see < http : //www.gnu.org/licenses/>.
*/
//---------------------------------------------------------------------------
// Check functions
//---------------------------------------------------------------------------
# include "checkfunctions.h"
2017-05-27 04:33:47 +02:00
2017-04-20 19:57:39 +02:00
# include "astutils.h"
2017-05-27 04:33:47 +02:00
# include "mathlib.h"
# include "standards.h"
2015-11-21 20:24:30 +01:00
# include "symboldatabase.h"
2017-05-27 04:33:47 +02:00
# include "token.h"
# include "tokenize.h"
# include "valueflow.h"
2015-11-25 10:16:04 +01:00
# include <cmath>
2017-05-27 04:33:47 +02:00
# include <cstddef>
2018-07-15 22:47:56 +02:00
# include <iomanip>
2017-05-27 04:33:47 +02:00
# include <ostream>
# include <vector>
2015-11-21 20:24:30 +01:00
//---------------------------------------------------------------------------
// Register this check class (by creating a static instance of it)
namespace {
CheckFunctions instance ;
}
CWE mapping of duplicateExpression, duplicateBreak (CWE561), unreachableCode, unsignedLessThanZero, unsignedPositive, pointerLessThanZero, pointerPositive, varFuncNullUB, nanInArithmeticExpression, commaSeparatedReturn, (#797)
ignoredReturnValue
2016-05-22 13:17:38 +02:00
static const CWE CWE252 ( 252U ) ; // Unchecked Return Value
2016-08-04 13:55:38 +02:00
static const CWE CWE477 ( 477U ) ; // Use of Obsolete Functions
2016-05-14 11:13:33 +02:00
static const CWE CWE758 ( 758U ) ; // Reliance on Undefined, Unspecified, or Implementation-Defined Behavior
static const CWE CWE628 ( 628U ) ; // Function Call with Incorrectly Specified Arguments
2017-04-23 07:53:41 +02:00
static const CWE CWE686 ( 686U ) ; // Function Call With Incorrect Argument Type
static const CWE CWE687 ( 687U ) ; // Function Call With Incorrectly Specified Argument Value
static const CWE CWE688 ( 688U ) ; // Function Call With Incorrect Variable or Reference as Argument
2016-01-25 20:01:48 +01:00
2015-11-22 13:48:55 +01:00
void CheckFunctions : : checkProhibitedFunctions ( )
2015-11-21 20:24:30 +01:00
{
2018-06-16 16:10:28 +02:00
const bool checkAlloca = mSettings - > isEnabled ( Settings : : WARNING ) & & ( ( mSettings - > standards . c > = Standards : : C99 & & mTokenizer - > isC ( ) ) | | mSettings - > standards . cpp > = Standards : : CPP11 ) ;
2015-11-21 20:24:30 +01:00
2018-06-16 16:10:28 +02:00
const SymbolDatabase * symbolDatabase = mTokenizer - > getSymbolDatabase ( ) ;
2018-04-23 07:49:38 +02:00
for ( const Scope * scope : symbolDatabase - > functionScopes ) {
2018-04-27 22:36:30 +02:00
for ( const Token * tok = scope - > bodyStart ; tok ! = scope - > bodyEnd ; tok = tok - > next ( ) ) {
2017-04-20 17:42:25 +02:00
if ( ! Token : : Match ( tok , " %name% ( " ) & & tok - > varId ( ) = = 0 )
continue ;
// alloca() is special as it depends on the code being C or C++, so it is not in Library
if ( checkAlloca & & Token : : simpleMatch ( tok , " alloca ( " ) & & ( ! tok - > function ( ) | | tok - > function ( ) - > nestedIn - > type = = Scope : : eGlobal ) ) {
2018-06-16 16:10:28 +02:00
if ( mTokenizer - > isC ( ) ) {
if ( mSettings - > standards . c > Standards : : C89 )
2015-11-21 20:24:30 +01:00
reportError ( tok , Severity : : warning , " allocaCalled " ,
2018-04-09 06:43:48 +02:00
" $symbol:alloca \n "
2017-04-20 17:42:25 +02:00
" Obsolete function 'alloca' called. In C99 and later it is recommended to use a variable length array instead. \n "
" The obsolete function 'alloca' is called. In C99 and later it is recommended to use a variable length array or "
2015-11-21 20:24:30 +01:00
" a dynamically allocated array instead. The function 'alloca' is dangerous for many reasons "
" (http://stackoverflow.com/questions/1018853/why-is-alloca-not-considered-good-practice and http://linux.die.net/man/3/alloca). " ) ;
2017-04-20 17:42:25 +02:00
} else
reportError ( tok , Severity : : warning , " allocaCalled " ,
2018-04-09 06:43:48 +02:00
" $symbol:alloca \n "
2017-04-20 17:42:25 +02:00
" Obsolete function 'alloca' called. \n "
" The obsolete function 'alloca' is called. In C++11 and later it is recommended to use std::array<> or "
" a dynamically allocated array instead. The function 'alloca' is dangerous for many reasons "
" (http://stackoverflow.com/questions/1018853/why-is-alloca-not-considered-good-practice and http://linux.die.net/man/3/alloca). " ) ;
} else {
if ( tok - > function ( ) & & tok - > function ( ) - > hasBody ( ) )
continue ;
2015-11-21 20:24:30 +01:00
2018-06-16 16:10:28 +02:00
const Library : : WarnInfo * wi = mSettings - > library . getWarnInfo ( tok ) ;
2017-04-20 17:42:25 +02:00
if ( wi ) {
2018-06-16 16:10:28 +02:00
if ( mSettings - > isEnabled ( wi - > severity ) & & mSettings - > standards . c > = wi - > standards . c & & mSettings - > standards . cpp > = wi - > standards . cpp ) {
2017-04-20 17:42:25 +02:00
reportError ( tok , wi - > severity , tok - > str ( ) + " Called " , wi - > message , CWE477 , false ) ;
2015-11-21 20:24:30 +01:00
}
}
}
}
}
}
2015-11-22 13:48:55 +01:00
//---------------------------------------------------------------------------
2017-04-23 06:44:38 +02:00
// Check <valid> and <not-bool>
2015-11-22 13:48:55 +01:00
//---------------------------------------------------------------------------
void CheckFunctions : : invalidFunctionUsage ( )
{
2018-06-16 16:10:28 +02:00
const SymbolDatabase * symbolDatabase = mTokenizer - > getSymbolDatabase ( ) ;
2018-04-23 07:49:38 +02:00
for ( const Scope * scope : symbolDatabase - > functionScopes ) {
2018-04-27 22:36:30 +02:00
for ( const Token * tok = scope - > bodyStart - > next ( ) ; tok ! = scope - > bodyEnd ; tok = tok - > next ( ) ) {
2017-04-20 19:57:39 +02:00
if ( ! Token : : Match ( tok , " %name% ( !!) " ) )
2015-11-22 13:48:55 +01:00
continue ;
const Token * const functionToken = tok ;
2017-04-20 19:57:39 +02:00
const std : : vector < const Token * > arguments = getArguments ( tok ) ;
2019-07-16 08:49:02 +02:00
for ( int argnr = 1 ; argnr < = arguments . size ( ) ; + + argnr ) {
2017-04-20 19:57:39 +02:00
const Token * const argtok = arguments [ argnr - 1 ] ;
2015-11-22 13:48:55 +01:00
2017-04-20 19:57:39 +02:00
// check <valid>...</valid>
2018-06-16 16:10:28 +02:00
const ValueFlow : : Value * invalidValue = argtok - > getInvalidValue ( functionToken , argnr , mSettings ) ;
2017-04-20 22:14:54 +02:00
if ( invalidValue ) {
2018-06-16 16:10:28 +02:00
invalidFunctionArgError ( argtok , functionToken - > next ( ) - > astOperand1 ( ) - > expressionString ( ) , argnr , invalidValue , mSettings - > library . validarg ( functionToken , argnr ) ) ;
2015-11-22 13:48:55 +01:00
}
2017-04-20 19:57:39 +02:00
if ( astIsBool ( argtok ) ) {
// check <not-bool>
2018-06-16 16:10:28 +02:00
if ( mSettings - > library . isboolargbad ( functionToken , argnr ) )
2017-04-20 19:57:39 +02:00
invalidFunctionArgBoolError ( argtok , functionToken - > str ( ) , argnr ) ;
2017-04-20 22:14:54 +02:00
2017-04-20 19:57:39 +02:00
// Are the values 0 and 1 valid?
2018-07-15 23:05:48 +02:00
else if ( ! mSettings - > library . isIntArgValid ( functionToken , argnr , 0 ) )
2018-06-16 16:10:28 +02:00
invalidFunctionArgError ( argtok , functionToken - > str ( ) , argnr , nullptr , mSettings - > library . validarg ( functionToken , argnr ) ) ;
2018-07-15 23:05:48 +02:00
else if ( ! mSettings - > library . isIntArgValid ( functionToken , argnr , 1 ) )
2018-06-16 16:10:28 +02:00
invalidFunctionArgError ( argtok , functionToken - > str ( ) , argnr , nullptr , mSettings - > library . validarg ( functionToken , argnr ) ) ;
2017-04-20 19:57:39 +02:00
}
2018-10-14 18:49:34 +02:00
if ( mSettings - > library . isargstrz ( functionToken , argnr ) ) {
2018-10-16 06:54:25 +02:00
if ( Token : : Match ( argtok , " & %var% !![ " ) & & argtok - > next ( ) & & argtok - > next ( ) - > valueType ( ) ) {
2018-10-14 18:49:34 +02:00
const ValueType * valueType = argtok - > next ( ) - > valueType ( ) ;
const Variable * variable = argtok - > next ( ) - > variable ( ) ;
2018-10-19 07:48:47 +02:00
if ( valueType - > type = = ValueType : : Type : : CHAR & & ! variable - > isArray ( ) & & ! variable - > isGlobal ( ) & &
2018-10-14 18:49:34 +02:00
( ! argtok - > next ( ) - > hasKnownValue ( ) | | argtok - > next ( ) - > getValue ( 0 ) = = nullptr ) ) {
invalidFunctionArgStrError ( argtok , functionToken - > str ( ) , argnr ) ;
}
}
}
2017-04-20 19:57:39 +02:00
}
2015-11-22 13:48:55 +01:00
}
}
}
2017-04-20 22:14:54 +02:00
void CheckFunctions : : invalidFunctionArgError ( const Token * tok , const std : : string & functionName , int argnr , const ValueFlow : : Value * invalidValue , const std : : string & validstr )
2015-11-22 13:48:55 +01:00
{
std : : ostringstream errmsg ;
2018-04-09 06:43:48 +02:00
errmsg < < " $symbol: " < < functionName < < ' \n ' ;
2017-04-20 22:14:54 +02:00
if ( invalidValue & & invalidValue - > condition )
errmsg < < ValueFlow : : eitherTheConditionIsRedundant ( invalidValue - > condition )
2018-04-09 06:43:48 +02:00
< < " or $symbol() argument nr " < < argnr < < " can have invalid value. " ;
2017-04-20 22:14:54 +02:00
else
2018-04-09 06:43:48 +02:00
errmsg < < " Invalid $symbol() argument nr " < < argnr < < ' . ' ;
2017-04-20 22:14:54 +02:00
if ( invalidValue )
2018-07-15 22:47:56 +02:00
errmsg < < " The value is " < < std : : setprecision ( 10 ) < < ( invalidValue - > isIntValue ( ) ? invalidValue - > intvalue : invalidValue - > floatValue ) < < " but the valid values are ' " < < validstr < < " '. " ;
2017-04-20 22:14:54 +02:00
else
errmsg < < " The value is 0 or 1 (boolean) but the valid values are ' " < < validstr < < " '. " ;
2017-05-23 11:57:25 +02:00
if ( invalidValue )
reportError ( getErrorPath ( tok , invalidValue , " Invalid argument " ) ,
invalidValue - > errorSeverity ( ) ? Severity : : error : Severity : : warning ,
" invalidFunctionArg " ,
errmsg . str ( ) ,
CWE628 ,
2017-09-20 22:41:36 +02:00
invalidValue - > isInconclusive ( ) ) ;
2017-05-23 11:57:25 +02:00
else
reportError ( tok ,
Severity : : error ,
" invalidFunctionArg " ,
errmsg . str ( ) ,
CWE628 ,
false ) ;
2015-11-22 13:48:55 +01:00
}
void CheckFunctions : : invalidFunctionArgBoolError ( const Token * tok , const std : : string & functionName , int argnr )
{
std : : ostringstream errmsg ;
2018-04-09 06:43:48 +02:00
errmsg < < " $symbol: " < < functionName < < ' \n ' ;
errmsg < < " Invalid $symbol() argument nr " < < argnr < < " . A non-boolean value is required. " ;
2016-01-25 20:01:48 +01:00
reportError ( tok , Severity : : error , " invalidFunctionArgBool " , errmsg . str ( ) , CWE628 , false ) ;
2015-11-22 13:48:55 +01:00
}
2019-07-16 08:49:02 +02:00
void CheckFunctions : : invalidFunctionArgStrError ( const Token * tok , const std : : string & functionName , nonneg int argnr )
2018-10-14 18:49:34 +02:00
{
std : : ostringstream errmsg ;
errmsg < < " $symbol: " < < functionName < < ' \n ' ;
errmsg < < " Invalid $symbol() argument nr " < < argnr < < " . A nul-terminated string is required. " ;
reportError ( tok , Severity : : error , " invalidFunctionArgStr " , errmsg . str ( ) , CWE628 , false ) ;
}
2015-11-22 13:48:55 +01:00
//---------------------------------------------------------------------------
// Check for ignored return values.
//---------------------------------------------------------------------------
void CheckFunctions : : checkIgnoredReturnValue ( )
{
2018-06-16 16:10:28 +02:00
if ( ! mSettings - > isEnabled ( Settings : : WARNING ) )
2015-11-22 13:48:55 +01:00
return ;
2018-06-16 16:10:28 +02:00
const SymbolDatabase * symbolDatabase = mTokenizer - > getSymbolDatabase ( ) ;
2018-04-23 07:49:38 +02:00
for ( const Scope * scope : symbolDatabase - > functionScopes ) {
2018-04-27 22:36:30 +02:00
for ( const Token * tok = scope - > bodyStart - > next ( ) ; tok ! = scope - > bodyEnd ; tok = tok - > next ( ) ) {
2017-03-08 10:23:38 +01:00
// skip c++11 initialization, ({...})
2019-04-26 12:22:31 +02:00
if ( Token : : Match ( tok , " %var%|(|,|return { " ) )
2017-02-12 16:33:28 +01:00
tok = tok - > linkAt ( 1 ) ;
2017-06-10 08:23:26 +02:00
else if ( Token : : Match ( tok , " [(<] " ) & & tok - > link ( ) )
2017-04-12 10:44:08 +02:00
tok = tok - > link ( ) ;
2017-04-11 20:16:33 +02:00
2017-03-05 22:23:16 +01:00
if ( tok - > varId ( ) | | ! Token : : Match ( tok , " %name% ( " ) )
continue ;
if ( tok - > next ( ) - > astParent ( ) )
2015-11-22 13:48:55 +01:00
continue ;
if ( ! tok - > scope ( ) - > isExecutable ( ) ) {
2018-04-27 22:36:30 +02:00
tok = tok - > scope ( ) - > bodyEnd ;
2015-11-22 13:48:55 +01:00
continue ;
}
2018-05-29 21:43:56 +02:00
if ( ( ! tok - > function ( ) | | ! Token : : Match ( tok - > function ( ) - > retDef , " void %name% " ) ) & &
2018-06-16 16:10:28 +02:00
( mSettings - > library . isUseRetVal ( tok ) | | ( tok - > function ( ) & & tok - > function ( ) - > isAttributeNodiscard ( ) ) ) & &
2018-05-29 21:43:56 +02:00
! WRONG_DATA ( ! tok - > next ( ) - > astOperand1 ( ) , tok ) ) {
2017-03-05 22:23:16 +01:00
ignoredReturnValueError ( tok , tok - > next ( ) - > astOperand1 ( ) - > expressionString ( ) ) ;
2018-05-29 21:43:56 +02:00
}
2015-11-22 13:48:55 +01:00
}
}
}
void CheckFunctions : : ignoredReturnValueError ( const Token * tok , const std : : string & function )
{
reportError ( tok , Severity : : warning , " ignoredReturnValue " ,
2018-04-09 06:43:48 +02:00
" $symbol: " + function + " \n Return value of function $symbol() is not used. " , CWE252 , false ) ;
2015-11-22 13:48:55 +01:00
}
//---------------------------------------------------------------------------
// Detect passing wrong values to <cmath> functions like atan(0, x);
//---------------------------------------------------------------------------
void CheckFunctions : : checkMathFunctions ( )
{
2018-06-16 16:10:28 +02:00
const bool styleC99 = mSettings - > isEnabled ( Settings : : STYLE ) & & mSettings - > standards . c ! = Standards : : C89 & & mSettings - > standards . cpp ! = Standards : : CPP03 ;
const bool printWarnings = mSettings - > isEnabled ( Settings : : WARNING ) ;
2015-11-22 13:48:55 +01:00
2018-06-16 16:10:28 +02:00
const SymbolDatabase * symbolDatabase = mTokenizer - > getSymbolDatabase ( ) ;
2018-04-23 07:49:38 +02:00
for ( const Scope * scope : symbolDatabase - > functionScopes ) {
2018-04-27 22:36:30 +02:00
for ( const Token * tok = scope - > bodyStart - > next ( ) ; tok ! = scope - > bodyEnd ; tok = tok - > next ( ) ) {
2015-11-22 13:48:55 +01:00
if ( tok - > varId ( ) )
continue ;
2015-12-24 11:07:47 +01:00
if ( printWarnings & & Token : : Match ( tok , " %name% ( !!) " ) ) {
2015-11-22 13:48:55 +01:00
if ( tok - > strAt ( - 1 ) ! = " . "
2018-08-03 12:14:39 +02:00
& & Token : : Match ( tok , " log|logf|logl|log10|log10f|log10l|log2|log2f|log2l ( %num% ) " ) ) {
2015-11-22 13:48:55 +01:00
const std : : string & number = tok - > strAt ( 2 ) ;
2018-08-03 12:14:39 +02:00
if ( ( MathLib : : isInt ( number ) & & MathLib : : toLongNumber ( number ) < = 0 ) | |
( MathLib : : isFloat ( number ) & & MathLib : : toDoubleNumber ( number ) < = 0. ) )
mathfunctionCallWarning ( tok ) ;
2018-08-05 10:48:28 +02:00
} else if ( Token : : Match ( tok , " log1p|log1pf|log1pl ( %num% ) " )) {
2018-08-03 12:14:39 +02:00
const std : : string & number = tok - > strAt ( 2 ) ;
if ( ( MathLib : : isInt ( number ) & & MathLib : : toLongNumber ( number ) < = - 1 ) | |
( MathLib : : isFloat ( number ) & & MathLib : : toDoubleNumber ( number ) < = - 1. ) )
mathfunctionCallWarning ( tok ) ;
2015-11-22 13:48:55 +01:00
}
// atan2 ( x , y): x and y can not be zero, because this is mathematically not defined
else if ( Token : : Match ( tok , " atan2|atan2f|atan2l ( %num% , %num% ) " )) {
if ( MathLib : : isNullValue ( tok - > strAt ( 2 ) ) & & MathLib : : isNullValue ( tok - > strAt ( 4 ) ) )
mathfunctionCallWarning ( tok , 2 ) ;
}
// fmod ( x , y) If y is zero, then either a range error will occur or the function will return zero (implementation-defined).
2015-12-24 14:40:48 +01:00
else if ( Token : : Match ( tok , " fmod|fmodf|fmodl ( " ) ) {
2015-11-22 13:48:55 +01:00
const Token * nextArg = tok - > tokAt ( 2 ) - > nextArgument ( ) ;
if ( nextArg & & nextArg - > isNumber ( ) & & MathLib : : isNullValue ( nextArg - > str ( ) ) )
mathfunctionCallWarning ( tok , 2 ) ;
}
// pow ( x , y) If x is zero, and y is negative --> division by zero
else if ( Token : : Match ( tok , " pow|powf|powl ( %num% , %num% ) " )) {
if ( MathLib : : isNullValue ( tok - > strAt ( 2 ) ) & & MathLib : : isNegative ( tok - > strAt ( 4 ) ) )
mathfunctionCallWarning ( tok , 2 ) ;
}
}
if ( styleC99 ) {
if ( Token : : Match ( tok , " %num% - erf ( " ) & & Tokenizer : : isOneNumber ( tok - > str ( ) ) & & tok - > next ( ) - > astOperand2 ( ) = = tok - > tokAt ( 3 ) ) {
mathfunctionCallWarning ( tok , " 1 - erf(x) " , " erfc(x) " ) ;
} else if ( Token : : simpleMatch ( tok , " exp ( " ) & & Token : : Match ( tok - > linkAt ( 1 ) , " ) - %num% " ) & & Tokenizer : : isOneNumber ( tok - > linkAt ( 1 ) - > strAt ( 2 ) ) & & tok - > linkAt ( 1 ) - > next ( ) - > astOperand1 ( ) = = tok - > next ( ) ) {
mathfunctionCallWarning ( tok , " exp(x) - 1 " , " expm1(x) " ) ;
} else if ( Token : : simpleMatch ( tok , " log ( " ) & & tok - > next ( ) - > astOperand2 ( ) ) {
const Token * plus = tok - > next ( ) - > astOperand2 ( ) ;
if ( plus - > str ( ) = = " + " & & ( ( plus - > astOperand1 ( ) & & Tokenizer : : isOneNumber ( plus - > astOperand1 ( ) - > str ( ) ) ) | | ( plus - > astOperand2 ( ) & & Tokenizer : : isOneNumber ( plus - > astOperand2 ( ) - > str ( ) ) ) ) )
mathfunctionCallWarning ( tok , " log(1 + x) " , " log1p(x) " ) ;
}
}
}
}
}
2019-07-16 08:49:02 +02:00
void CheckFunctions : : mathfunctionCallWarning ( const Token * tok , const nonneg int numParam )
2015-11-22 13:48:55 +01:00
{
if ( tok ) {
if ( numParam = = 1 )
2018-04-09 06:43:48 +02:00
reportError ( tok , Severity : : warning , " wrongmathcall " , " $symbol: " + tok - > str ( ) + " \n Passing value " + tok - > strAt ( 2 ) + " to $symbol() leads to implementation-defined result. " , CWE758 , false ) ;
2015-11-22 13:48:55 +01:00
else if ( numParam = = 2 )
2018-04-09 06:43:48 +02:00
reportError ( tok , Severity : : warning , " wrongmathcall " , " $symbol: " + tok - > str ( ) + " \n Passing values " + tok - > strAt ( 2 ) + " and " + tok - > strAt ( 4 ) + " to $symbol() leads to implementation-defined result. " , CWE758 , false ) ;
2015-11-22 13:48:55 +01:00
} else
2016-05-14 11:13:33 +02:00
reportError ( tok , Severity : : warning , " wrongmathcall " , " Passing value '#' to #() leads to implementation-defined result. " , CWE758 , false ) ;
2015-11-22 13:48:55 +01:00
}
void CheckFunctions : : mathfunctionCallWarning ( const Token * tok , const std : : string & oldexp , const std : : string & newexp )
{
2016-05-14 11:13:33 +02:00
reportError ( tok , Severity : : style , " unpreciseMathCall " , " Expression ' " + oldexp + " ' can be replaced by ' " + newexp + " ' to avoid loss of precision. " , CWE758 , false ) ;
2015-11-22 13:48:55 +01:00
}
2017-04-23 07:53:41 +02:00
//---------------------------------------------------------------------------
// memset(p, y, 0 /* bytes to fill */) <- 2nd and 3rd arguments inverted
//---------------------------------------------------------------------------
void CheckFunctions : : memsetZeroBytes ( )
{
2017-04-23 15:34:45 +02:00
// FIXME:
// Replace this with library configuration.
// For instance:
// <arg nr="3">
// <warn knownIntValue="0" severity="warning" msg="..."/>
// </arg>
2018-06-16 16:10:28 +02:00
if ( ! mSettings - > isEnabled ( Settings : : WARNING ) )
2017-04-23 07:53:41 +02:00
return ;
2018-06-16 16:10:28 +02:00
const SymbolDatabase * symbolDatabase = mTokenizer - > getSymbolDatabase ( ) ;
2018-04-23 07:49:38 +02:00
for ( const Scope * scope : symbolDatabase - > functionScopes ) {
2018-04-27 22:36:30 +02:00
for ( const Token * tok = scope - > bodyStart - > next ( ) ; tok ! = scope - > bodyEnd ; tok = tok - > next ( ) ) {
2017-04-23 07:53:41 +02:00
if ( Token : : Match ( tok , " memset|wmemset ( " ) & & ( numberOfArguments ( tok ) = = 3 ) ) {
2017-04-30 18:58:51 +02:00
const std : : vector < const Token * > & arguments = getArguments ( tok ) ;
2017-06-05 18:49:20 +02:00
if ( WRONG_DATA ( arguments . size ( ) ! = 3U , tok ) )
2017-04-30 18:58:51 +02:00
continue ;
const Token * lastParamTok = arguments [ 2 ] ;
2017-04-23 07:53:41 +02:00
if ( lastParamTok - > str ( ) = = " 0 " )
memsetZeroBytesError ( tok ) ;
}
}
}
}
void CheckFunctions : : memsetZeroBytesError ( const Token * tok )
{
const std : : string summary ( " memset() called to fill 0 bytes. " ) ;
const std : : string verbose ( summary + " The second and third arguments might be inverted. "
" The function memset ( void * ptr, int value, size_t num ) sets the "
" first num bytes of the block of memory pointed by ptr to the specified value. " ) ;
reportError ( tok , Severity : : warning , " memsetZeroBytes " , summary + " \n " + verbose , CWE687 , false ) ;
}
void CheckFunctions : : memsetInvalid2ndParam ( )
{
2017-04-23 15:34:45 +02:00
// FIXME:
// Replace this with library configuration.
// For instance:
// <arg nr="2">
// <not-float/>
// <warn possibleIntValue=":-129,256:" severity="warning" msg="..."/>
// </arg>
2018-06-16 16:10:28 +02:00
const bool printPortability = mSettings - > isEnabled ( Settings : : PORTABILITY ) ;
const bool printWarning = mSettings - > isEnabled ( Settings : : WARNING ) ;
2017-04-23 07:53:41 +02:00
if ( ! printWarning & & ! printPortability )
return ;
2018-06-16 16:10:28 +02:00
const SymbolDatabase * symbolDatabase = mTokenizer - > getSymbolDatabase ( ) ;
2018-04-23 07:49:38 +02:00
for ( const Scope * scope : symbolDatabase - > functionScopes ) {
2018-04-27 22:36:30 +02:00
for ( const Token * tok = scope - > bodyStart - > next ( ) ; tok & & ( tok ! = scope - > bodyEnd ) ; tok = tok - > next ( ) ) {
2017-04-23 07:53:41 +02:00
if ( ! Token : : simpleMatch ( tok , " memset ( " ) )
continue ;
const std : : vector < const Token * > args = getArguments ( tok ) ;
if ( args . size ( ) ! = 3 )
continue ;
// Second parameter is zero literal, i.e. 0.0f
const Token * const secondParamTok = args [ 1 ] ;
if ( Token : : Match ( secondParamTok , " %num% , " ) & & MathLib : : isNullValue ( secondParamTok - > str ( ) ) )
continue ;
// Check if second parameter is a float variable or a float literal != 0.0f
if ( printPortability & & astIsFloat ( secondParamTok , false ) ) {
memsetFloatError ( secondParamTok , secondParamTok - > expressionString ( ) ) ;
}
if ( printWarning & & secondParamTok - > isNumber ( ) ) { // Check if the second parameter is a literal and is out of range
const long long int value = MathLib : : toLongNumber ( secondParamTok - > str ( ) ) ;
2018-06-16 16:10:28 +02:00
const long long sCharMin = mSettings - > signedCharMin ( ) ;
const long long uCharMax = mSettings - > unsignedCharMax ( ) ;
2017-10-18 17:30:47 +02:00
if ( value < sCharMin | | value > uCharMax )
2017-04-23 07:53:41 +02:00
memsetValueOutOfRangeError ( secondParamTok , secondParamTok - > str ( ) ) ;
}
}
}
}
void CheckFunctions : : memsetFloatError ( const Token * tok , const std : : string & var_value )
{
const std : : string message ( " The 2nd memset() argument ' " + var_value +
" ' is a float, its representation is implementation defined. " ) ;
const std : : string verbose ( message + " memset() is used to set each byte of a block of memory to a specific value and "
" the actual representation of a floating-point value is implementation defined. " ) ;
reportError ( tok , Severity : : portability , " memsetFloat " , message + " \n " + verbose , CWE688 , false ) ;
}
void CheckFunctions : : memsetValueOutOfRangeError ( const Token * tok , const std : : string & value )
{
const std : : string message ( " The 2nd memset() argument ' " + value + " ' doesn't fit into an 'unsigned char'. " ) ;
const std : : string verbose ( message + " The 2nd parameter is passed as an 'int', but the function fills the block of memory using the 'unsigned char' conversion of this value. " ) ;
reportError ( tok , Severity : : warning , " memsetValueOutOfRange " , message + " \n " + verbose , CWE686 , false ) ;
}
//---------------------------------------------------------------------------
// --check-library => warn for unconfigured functions
//---------------------------------------------------------------------------
2015-11-22 13:48:55 +01:00
void CheckFunctions : : checkLibraryMatchFunctions ( )
{
2018-06-16 16:10:28 +02:00
if ( ! mSettings - > checkLibrary | | ! mSettings - > isEnabled ( Settings : : INFORMATION ) )
2015-11-22 13:48:55 +01:00
return ;
2017-10-06 11:27:01 +02:00
bool New = false ;
2018-06-16 16:10:28 +02:00
for ( const Token * tok = mTokenizer - > tokens ( ) ; tok ; tok = tok - > next ( ) ) {
2017-10-06 11:27:01 +02:00
if ( ! tok - > scope ( ) | | ! tok - > scope ( ) - > isExecutable ( ) )
continue ;
if ( tok - > str ( ) = = " new " )
New = true ;
else if ( tok - > str ( ) = = " ; " )
New = false ;
else if ( New )
continue ;
2017-11-17 22:10:39 +01:00
if ( ! Token : : Match ( tok , " %name% ( " ) | | Token : : Match ( tok , " asm|sizeof|catch " ) )
2017-10-06 11:27:01 +02:00
continue ;
2017-11-17 22:10:39 +01:00
if ( tok - > varId ( ) ! = 0 | | tok - > type ( ) | | tok - > isStandardType ( ) | | tok - > isControlFlowKeyword ( ) )
2017-10-06 11:27:01 +02:00
continue ;
if ( tok - > linkAt ( 1 ) - > strAt ( 1 ) = = " ( " )
continue ;
2018-06-16 16:10:28 +02:00
if ( ! mSettings - > library . isNotLibraryFunction ( tok ) )
2017-10-06 11:27:01 +02:00
continue ;
2018-06-16 16:10:28 +02:00
const std : : string & functionName = mSettings - > library . getFunctionName ( tok ) ;
if ( functionName . empty ( ) | | mSettings - > library . functions . find ( functionName ) ! = mSettings - > library . functions . end ( ) )
2017-10-10 10:18:03 +02:00
continue ;
2017-10-06 11:27:01 +02:00
reportError ( tok ,
Severity : : information ,
" checkLibraryFunction " ,
2017-10-10 10:18:03 +02:00
" --check-library: There is no matching configuration for function " + functionName + " () " ) ;
2015-11-22 13:48:55 +01:00
}
2015-11-22 16:56:44 +01:00
}