walkero
/
cppcheck
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Fixed #823 (Buffer overrun with memcpy)

This commit is contained in:
Daniel Marjamäki 2009-10-15 19:36:48 +02:00
parent 2a034c10bf
commit 01af70cc88
2 changed files with 18 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/checkbufferoverrun.cpp
View File

@ -88,7 +88,7 @@ void CheckBufferOverrun::bufferOverrun(const Token *tok)
severity = Severity::error; severity = Severity::error;
} }
reportError(tok, severity, "bufferOverrun", "Buffer overrun"); reportError(tok, severity, "bufferAccessOutOfBounds", "Buffer access out-of-bounds");
} }
void CheckBufferOverrun::dangerousStdCin(const Token *tok) void CheckBufferOverrun::dangerousStdCin(const Token *tok)

34
test/testbufferoverrun.cpp
View File

@ -270,7 +270,7 @@ private:
" for (i = 0; i < 100; i++)\n" " for (i = 0; i < 100; i++)\n"
" sum += val[i];\n" " sum += val[i];\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:6]: (error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:6]: (error) Buffer access out-of-bounds\n", errout.str());
} }
{ {
@ -281,7 +281,7 @@ private:
" for (i = 1; i < 100; i++)\n" " for (i = 1; i < 100; i++)\n"
" sum += val[i];\n" " sum += val[i];\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:6]: (error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:6]: (error) Buffer access out-of-bounds\n", errout.str());
} }
@ -293,7 +293,7 @@ private:
" for (i = a; i < 100; i++)\n" " for (i = a; i < 100; i++)\n"
" sum += val[i];\n" " sum += val[i];\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:6]: (error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:6]: (error) Buffer access out-of-bounds\n", errout.str());
} }
} }
@ -630,7 +630,7 @@ private:
" char str[3];\n" " char str[3];\n"
" strcpy(str, \"abc\");\n" " strcpy(str, \"abc\");\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:4]: (error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:4]: (error) Buffer access out-of-bounds\n", errout.str());
} }
@ -645,7 +645,7 @@ private:
"{\n" "{\n"
" strcpy( abc->str, \"abcdef\" );\n" " strcpy( abc->str, \"abcdef\" );\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:8]: (error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:8]: (error) Buffer access out-of-bounds\n", errout.str());
} }
@ -659,7 +659,7 @@ private:
" for (i = 0; i <= 10; ++i)\n" " for (i = 0; i <= 10; ++i)\n"
" a[i] = 0;\n" " a[i] = 0;\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:7]: (error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:7]: (error) Buffer access out-of-bounds\n", errout.str());
} }
@ -671,7 +671,7 @@ private:
" for (int i = 0; i < 8; ++i)\n" " for (int i = 0; i < 8; ++i)\n"
" p[i] = 0;\n" " p[i] = 0;\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:5]: (error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:5]: (error) Buffer access out-of-bounds\n", errout.str());
// No false positive // No false positive
check("void foo(int x, int y)\n" check("void foo(int x, int y)\n"
@ -692,7 +692,7 @@ private:
" char s[3];\n" " char s[3];\n"
" f1(s,3);\n" " f1(s,3);\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:3]: (possible error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:3]: (possible error) Buffer access out-of-bounds\n", errout.str());
TODO_ASSERT_EQUALS("", errout.str()); TODO_ASSERT_EQUALS("", errout.str());
check("void f1(char *s,int size)\n" check("void f1(char *s,int size)\n"
@ -726,14 +726,14 @@ private:
" strcat(n, \"abc\");\n" " strcat(n, \"abc\");\n"
" strcat(n, \"def\");\n" " strcat(n, \"def\");\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:5]: (error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:5]: (error) Buffer access out-of-bounds\n", errout.str());
check("void f()\n" check("void f()\n"
"{\n" "{\n"
" char n[5];\n" " char n[5];\n"
" strcat(strcat(n, \"abc\"), \"def\");\n" " strcat(strcat(n, \"abc\"), \"def\");\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:4]: (error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:4]: (error) Buffer access out-of-bounds\n", errout.str());
} }
void buffer_overrun_7() void buffer_overrun_7()
@ -847,7 +847,7 @@ private:
" char str[3];\n" " char str[3];\n"
" sprintf(str, \"%s\", \"abc\");\n" " sprintf(str, \"%s\", \"abc\");\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:4]: (error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:4]: (error) Buffer access out-of-bounds\n", errout.str());
check("void f()\n" check("void f()\n"
"{\n" "{\n"
@ -855,7 +855,7 @@ private:
" sprintf(c, \"%s\", \"/usr/LongLongLongLongUserName/bin/LongLongApplicationName\");\n" " sprintf(c, \"%s\", \"/usr/LongLongLongLongUserName/bin/LongLongApplicationName\");\n"
" delete [] c;\n" " delete [] c;\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:4]: (error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:4]: (error) Buffer access out-of-bounds\n", errout.str());
} }
void sprintf2() void sprintf2()
@ -865,7 +865,7 @@ private:
" char str[5];\n" " char str[5];\n"
" sprintf(str, \"%d: %s\", getnumber(), \"abcde\");\n" " sprintf(str, \"%d: %s\", getnumber(), \"abcde\");\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:4]: (error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:4]: (error) Buffer access out-of-bounds\n", errout.str());
} }
void sprintf3() void sprintf3()
@ -875,7 +875,7 @@ private:
" char str[3];\n" " char str[3];\n"
" sprintf(str, \"test\");\n" " sprintf(str, \"test\");\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:4]: (error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:4]: (error) Buffer access out-of-bounds\n", errout.str());
check("void f()\n" check("void f()\n"
"{\n" "{\n"
@ -914,7 +914,7 @@ private:
" char buf[3];\n" " char buf[3];\n"
" sprintf(buf, \"%s\", condition ? \"11\" : \"222\");\n" " sprintf(buf, \"%s\", condition ? \"11\" : \"222\");\n"
"}\n"); "}\n");
TODO_ASSERT_EQUALS("[test.cpp:4]: (error) Buffer overrun\n", errout.str()); TODO_ASSERT_EQUALS("[test.cpp:4]: (error) Buffer access out-of-bounds\n", errout.str());
} }
void snprintf1() void snprintf1()
@ -1159,7 +1159,7 @@ private:
" strcpy(a,\"hello\");\n" " strcpy(a,\"hello\");\n"
" strncpy(c,a,sizeof(c)+1);\n" " strncpy(c,a,sizeof(c)+1);\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:6]: (error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:6]: (error) Buffer access out-of-bounds\n", errout.str());
check("void f()\n" check("void f()\n"
"{\n" "{\n"
@ -1173,7 +1173,7 @@ private:
" char c[6];\n" " char c[6];\n"
" strncpy(c,\"hello!\",sizeof(c)+1);\n" " strncpy(c,\"hello!\",sizeof(c)+1);\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:4]: (error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:4]: (error) Buffer access out-of-bounds\n", errout.str());
} }
}; };