diff --git a/Makefile b/Makefile
index 65fe77191..e8afea6a4 100644
--- a/Makefile
+++ b/Makefile
@@ -13,7 +13,6 @@ MAN_SOURCE=man/cppcheck.1.xml
LIBOBJ = lib/checkautovariables.o \
lib/checkbufferoverrun.o \
lib/checkclass.o \
- lib/checkdangerousfunctions.o \
lib/checkexceptionsafety.o \
lib/checkmemoryleak.o \
lib/checkobsoletefunctions.o \
@@ -43,7 +42,6 @@ TESTOBJ = test/testautovariables.o \
test/testclass.o \
test/testconstructors.o \
test/testcppcheck.o \
- test/testdangerousfunctions.o \
test/testdivision.o \
test/testexceptionsafety.o \
test/testfilelister.o \
@@ -109,9 +107,6 @@ lib/checkbufferoverrun.o: lib/checkbufferoverrun.cpp lib/checkbufferoverrun.h li
lib/checkclass.o: lib/checkclass.cpp lib/checkclass.h lib/check.h lib/token.h lib/tokenize.h lib/classinfo.h lib/settings.h lib/errorlogger.h
$(CXX) $(CXXFLAGS) -Ilib -c -o lib/checkclass.o lib/checkclass.cpp
-lib/checkdangerousfunctions.o: lib/checkdangerousfunctions.cpp lib/checkdangerousfunctions.h lib/check.h lib/token.h lib/tokenize.h lib/classinfo.h lib/settings.h lib/errorlogger.h
- $(CXX) $(CXXFLAGS) -Ilib -c -o lib/checkdangerousfunctions.o lib/checkdangerousfunctions.cpp
-
lib/checkexceptionsafety.o: lib/checkexceptionsafety.cpp lib/checkexceptionsafety.h lib/check.h lib/token.h lib/tokenize.h lib/classinfo.h lib/settings.h lib/errorlogger.h
$(CXX) $(CXXFLAGS) -Ilib -c -o lib/checkexceptionsafety.o lib/checkexceptionsafety.cpp
@@ -193,9 +188,6 @@ test/testconstructors.o: test/testconstructors.cpp lib/tokenize.h lib/classinfo.
test/testcppcheck.o: test/testcppcheck.cpp lib/cppcheck.h lib/settings.h lib/errorlogger.h lib/checkunusedfunctions.h lib/check.h lib/token.h lib/tokenize.h lib/classinfo.h test/testsuite.h lib/path.h test/tinyxml/tinyxml.h test/tinyxml/tinystr.h
$(CXX) $(CXXFLAGS) -Ilib -Icli -c -o test/testcppcheck.o test/testcppcheck.cpp
-test/testdangerousfunctions.o: test/testdangerousfunctions.cpp lib/tokenize.h lib/classinfo.h lib/token.h lib/checkdangerousfunctions.h lib/check.h lib/settings.h lib/errorlogger.h test/testsuite.h
- $(CXX) $(CXXFLAGS) -Ilib -Icli -c -o test/testdangerousfunctions.o test/testdangerousfunctions.cpp
-
test/testdivision.o: test/testdivision.cpp lib/tokenize.h lib/classinfo.h lib/token.h lib/checkother.h lib/check.h lib/settings.h lib/errorlogger.h test/testsuite.h
$(CXX) $(CXXFLAGS) -Ilib -Icli -c -o test/testdivision.o test/testdivision.cpp
diff --git a/lib/checkdangerousfunctions.cpp b/lib/checkdangerousfunctions.cpp
deleted file mode 100644
index 3f3d9cc57..000000000
--- a/lib/checkdangerousfunctions.cpp
+++ /dev/null
@@ -1,63 +0,0 @@
-/*
- * Cppcheck - A tool for static C/C++ code analysis
- * Copyright (C) 2007-2010 Daniel Marjamäki and Cppcheck team.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see .
- */
-
-//---------------------------------------------------------------------------
-// Dangerous functions
-//---------------------------------------------------------------------------
-
-#include "checkdangerousfunctions.h"
-
-//---------------------------------------------------------------------------
-
-
-// Register this check class (by creating a static instance of it)
-namespace
-{
-CheckDangerousFunctions instance;
-}
-
-void CheckDangerousFunctions::dangerousFunctions()
-{
- if (!_settings->_checkCodingStyle)
- return;
-
- for (const Token *tok = _tokenizer->tokens(); tok; tok = tok->next())
- {
- if (Token::simpleMatch(tok, "mktemp ("))
- {
- dangerousFunctionmktemp(tok);
- }
- else if (Token::simpleMatch(tok, "gets ("))
- {
- dangerousFunctiongets(tok);
- }
- }
-}
-//---------------------------------------------------------------------------
-
-
-void CheckDangerousFunctions::dangerousFunctionmktemp(const Token *tok)
-{
- reportError(tok, Severity::style, "dangerousFunctionmktemp", "Found 'mktemp'. You should use 'mkstemp' instead");
-}
-
-void CheckDangerousFunctions::dangerousFunctiongets(const Token *tok)
-{
- reportError(tok, Severity::style, "dangerousFunctiongets", "Found 'gets'. You should use 'fgets' instead\n"
- "Using gets can easily cause buffer overflows.");
-}
diff --git a/lib/checkdangerousfunctions.h b/lib/checkdangerousfunctions.h
deleted file mode 100644
index 4d0994641..000000000
--- a/lib/checkdangerousfunctions.h
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * Cppcheck - A tool for static C/C++ code analysis
- * Copyright (C) 2007-2010 Daniel Marjamäki and Cppcheck team.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see .
- */
-
-
-//---------------------------------------------------------------------------
-#ifndef CheckDangerousFunctionsH
-#define CheckDangerousFunctionsH
-//---------------------------------------------------------------------------
-
-#include "check.h"
-
-/// @addtogroup Checks
-/// @{
-
-/**
- * @brief Using dangerous functions that are always insecure to use.
- */
-
-class CheckDangerousFunctions : public Check
-{
-public:
- /** This constructor is used when registering the CheckDangerousFunctions */
- CheckDangerousFunctions() : Check()
- { }
-
- /** This constructor is used when running checks. */
- CheckDangerousFunctions(const Tokenizer *tokenizer, const Settings *settings, ErrorLogger *errorLogger)
- : Check(tokenizer, settings, errorLogger)
- { }
-
- void runSimplifiedChecks(const Tokenizer *tokenizer, const Settings *settings, ErrorLogger *errorLogger)
- {
- CheckDangerousFunctions checkDangerousFunctions(tokenizer, settings, errorLogger);
- checkDangerousFunctions.dangerousFunctions();
- }
-
- /** Check for dangerous functions */
- void dangerousFunctions();
-
-private:
- /** Report Error : Using dangerous function 'mktemp' */
- void dangerousFunctionmktemp(const Token *tok);
- /** Report Error : Using dangerous function 'gets' */
- void dangerousFunctiongets(const Token *tok);
-
- void getErrorMessages()
- {
- dangerousFunctionmktemp(0);
- dangerousFunctiongets(0);
- }
-
- std::string name() const
- {
- return "Dangerous functions (buffer overflows)";
- }
-
- std::string classInfo() const
- {
- return "Warn if any of these dangerous functions are used:\n"
- "* mktemp\n"
- "* gets\n";
- }
-};
-/// @}
-//---------------------------------------------------------------------------
-#endif
-
diff --git a/lib/checkobsoletefunctions.h b/lib/checkobsoletefunctions.h
index 3bd0931bd..469cef28b 100644
--- a/lib/checkobsoletefunctions.h
+++ b/lib/checkobsoletefunctions.h
@@ -102,6 +102,8 @@ private:
_obsoleteFunctions.push_back(std::make_pair("vfork","Found obsolete function 'vfork'. It is recommended to use the function 'fork' instead"));
_obsoleteFunctions.push_back(std::make_pair("wcswcs","Found obsolete function 'wcswcs'. It is recommended to use the function 'wcsstr' instead"));
+
+ _obsoleteFunctions.push_back(std::make_pair("gets","Found obsolete function 'gets'. It is recommended to use the function 'fgets' instead"));
}
diff --git a/lib/lib.pri b/lib/lib.pri
index 5c845ea8f..a55150a56 100644
--- a/lib/lib.pri
+++ b/lib/lib.pri
@@ -4,7 +4,6 @@ HEADERS += $$PWD/check.h \
$$PWD/checkautovariables.h \
$$PWD/checkbufferoverrun.h \
$$PWD/checkclass.h \
- $$PWD/checkdangerousfunctions.h \
$$PWD/checkexceptionsafety.h \
$$PWD/checkmemoryleak.h \
$$PWD/checkobsoletefunctions.h \
@@ -27,7 +26,6 @@ HEADERS += $$PWD/check.h \
SOURCES += $$PWD/checkautovariables.cpp \
$$PWD/checkbufferoverrun.cpp \
$$PWD/checkclass.cpp \
- $$PWD/checkdangerousfunctions.cpp \
$$PWD/checkexceptionsafety.cpp \
$$PWD/checkmemoryleak.cpp \
$$PWD/checkobsoletefunctions.cpp \
diff --git a/test/testdangerousfunctions.cpp b/test/testdangerousfunctions.cpp
deleted file mode 100644
index 7f22eee63..000000000
--- a/test/testdangerousfunctions.cpp
+++ /dev/null
@@ -1,116 +0,0 @@
-/*
- * Cppcheck - A tool for static C/C++ code analysis
- * Copyright (C) 2007-2010 Daniel Marjamäki and Cppcheck team.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see .
- */
-
-
-#include "tokenize.h"
-#include "checkdangerousfunctions.h"
-#include "testsuite.h"
-
-#include
-
-extern std::ostringstream errout;
-
-class TestDangerousFunctions : public TestFixture
-{
-public:
- TestDangerousFunctions() : TestFixture("TestDangerousFunctions")
- { }
-
-private:
-
-
-
- void check(const char code[])
- {
- // Tokenize..
- Tokenizer tokenizer;
- std::istringstream istr(code);
- tokenizer.tokenize(istr, "test.cpp");
- tokenizer.simplifyTokenList();
-
- // Assign variable ids
- tokenizer.setVarId();
-
- // Fill function list
- tokenizer.fillFunctionList();
-
- // Clear the error buffer..
- errout.str("");
-
- // Check for dangerous functions..
- Settings settings;
- settings._checkCodingStyle = true;
- settings.inconclusive = true;
- CheckDangerousFunctions checkDangerousFunctions(&tokenizer, &settings, this);
- checkDangerousFunctions.dangerousFunctions();
- }
-
- void run()
- {
- TEST_CASE(testmktemp);
- TEST_CASE(testgets);
- TEST_CASE(testscanf);
- }
-
-
-
- void testmktemp()
- {
- check("void f()\n"
- "{\n"
- " char *x = mktemp(\"/tmp/zxcv\");\n"
- "}\n");
- ASSERT_EQUALS("[test.cpp:3]: (style) Found 'mktemp'. You should use 'mkstemp' instead\n", errout.str());
-
- check("char * f(const std::string& strVal)\n"
- "{\n"
- " return(mktemp(strVal.c_str()));\n"
- "}\n");
- ASSERT_EQUALS("[test.cpp:3]: (style) Found 'mktemp'. You should use 'mkstemp' instead\n", errout.str());
-
- check("char * f(const std::string& strVal)\n"
- "{\n"
- " return mktemp(strVal.c_str()) ;\n"
- "}\n");
- ASSERT_EQUALS("[test.cpp:3]: (style) Found 'mktemp'. You should use 'mkstemp' instead\n", errout.str());
- }
-
- void testgets()
- {
- check("void f()\n"
- "{\n"
- " char *x = gets();\n"
- "}\n");
- ASSERT_EQUALS("[test.cpp:3]: (style) Found 'gets'. You should use 'fgets' instead\n", errout.str());
- }
-
- void testscanf()
- {
- check("void f()\n"
- "{\n"
- " char *x;\n"
- " scanf(\"%s\", x);\n"
- "}\n");
- ASSERT_EQUALS("", errout.str());
- }
-
-};
-
-REGISTER_TEST(TestDangerousFunctions)
-
-
diff --git a/test/testobsoletefunctions.cpp b/test/testobsoletefunctions.cpp
index 5cffb796c..93961d2d7 100644
--- a/test/testobsoletefunctions.cpp
+++ b/test/testobsoletefunctions.cpp
@@ -43,7 +43,10 @@ private:
TEST_CASE(testrindex);
// no false positives for variables
- TEST_CASE(var);
+ TEST_CASE(testvar);
+
+ // dangerous function
+ TEST_CASE(testgets);
}
@@ -181,7 +184,7 @@ private:
}
- void var()
+ void testvar()
{
check("class Fred {\n"
"public:\n"
@@ -191,6 +194,17 @@ private:
ASSERT_EQUALS("", errout.str());
}
+ void testgets()
+ {
+ check("void f()\n"
+ "{\n"
+ " char *x = gets();\n"
+ "}\n");
+ ASSERT_EQUALS("[test.cpp:3]: (style) Found obsolete function 'gets'. It is recommended to use the function 'fgets' instead\n", errout.str());
+ }
+
+
+
};
REGISTER_TEST(TestObsoleteFunctions)