walkero
/
cppcheck
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Move buffer overrun errors behind --all 

Fix one possible error issue with arrayindexoutofbounds
Make sure that possible errors are not shown without --all
This commit is contained in:
Reijo Tomperi 2009-10-13 23:33:41 +03:00
parent a3a55547d8
commit 3dc45903bc
2 changed files with 45 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/checkbufferoverrun.cpp
View File

@ -60,7 +60,7 @@ void CheckBufferOverrun::arrayIndexOutOfBounds(const Token *tok, int size)
void CheckBufferOverrun::arrayIndexOutOfBounds(int size)
{
Severity::e severity;
if (size <= 1)
if (size <= 1 || _callStack.size() > 1)
{
severity = Severity::possibleError;
if (_settings->_showAll == false)
@ -76,16 +76,22 @@ void CheckBufferOverrun::arrayIndexOutOfBounds(int size)
void CheckBufferOverrun::bufferOverrun(const Token *tok)
{
reportError(tok, Severity::possibleError, "bufferOverrun", "Buffer overrun");
reportError(tok, Severity::error, "bufferOverrun", "Buffer overrun");
}
void CheckBufferOverrun::dangerousStdCin(const Token *tok)
{
if (_settings->_showAll == false)
return;
reportError(tok, Severity::possibleError, "dangerousStdCin", "Dangerous usage of std::cin, possible buffer overrun");
}
void CheckBufferOverrun::strncatUsage(const Token *tok)
{
if (_settings->_showAll == false)
return;
reportError(tok, Severity::possibleError, "strncatUsage", "Dangerous usage of strncat. Tip: the 3rd parameter means maximum number of characters to append");
}
@ -96,6 +102,9 @@ void CheckBufferOverrun::outOfBounds(const Token *tok, const std::string &what)
void CheckBufferOverrun::sizeArgumentAsChar(const Token *tok)
{
if (_settings->_showAll == false)
return;
reportError(tok, Severity::possibleError, "sizeArgumentAsChar", "The size argument is given as a char constant");
}

53
test/testbufferoverrun.cpp
View File

@ -270,7 +270,7 @@ private:
" for (i = 0; i < 100; i++)\n"
" sum += val[i];\n"
"}\n");
ASSERT_EQUALS("[test.cpp:6]: (possible error) Buffer overrun\n", errout.str());
ASSERT_EQUALS("[test.cpp:6]: (error) Buffer overrun\n", errout.str());
}
{
@ -281,7 +281,7 @@ private:
" for (i = 1; i < 100; i++)\n"
" sum += val[i];\n"
"}\n");
ASSERT_EQUALS("[test.cpp:6]: (possible error) Buffer overrun\n", errout.str());
ASSERT_EQUALS("[test.cpp:6]: (error) Buffer overrun\n", errout.str());
}
@ -293,7 +293,7 @@ private:
" for (i = a; i < 100; i++)\n"
" sum += val[i];\n"
"}\n");
ASSERT_EQUALS("[test.cpp:6]: (possible error) Buffer overrun\n", errout.str());
ASSERT_EQUALS("[test.cpp:6]: (error) Buffer overrun\n", errout.str());
}
}
@ -396,7 +396,22 @@ private:
" char str[5];\n"
" memclr( str ); // ERROR\n"
"}\n");
ASSERT_EQUALS("[test.cpp:9] -> [test.cpp:3]: (error) Array index out of bounds\n", errout.str());
ASSERT_EQUALS("[test.cpp:9] -> [test.cpp:3]: (possible error) Array index out of bounds\n", errout.str());
// This is not an error
check("static void memclr( char *data, int size )\n"
"{\n"
" if( size > 10 )"
" data[10] = 0;\n"
"}\n"
"\n"
"static void f()\n"
"{\n"
" char str[5];\n"
" memclr( str, 5 ); // ERROR\n"
"}\n");
ASSERT_EQUALS("[test.cpp:9] -> [test.cpp:3]: (possible error) Array index out of bounds\n", errout.str());
TODO_ASSERT_EQUALS("", errout.str());
}
@ -416,7 +431,7 @@ private:
"{\n"
" memclr(abc->str);\n"
"}\n");
ASSERT_EQUALS("[test.cpp:13] -> [test.cpp:8]: (error) Array index out of bounds\n", errout.str());
ASSERT_EQUALS("[test.cpp:13] -> [test.cpp:8]: (possible error) Array index out of bounds\n", errout.str());
}
@ -586,7 +601,7 @@ private:
" i+=1;\n"
" }\n"
"}\n");
TODO_ASSERT_EQUALS("[test.cpp:6]: (possible error) Buffer overrun\n", errout.str());
TODO_ASSERT_EQUALS("[test.cpp:6]: (error) Buffer overrun\n", errout.str());
}
void array_index_19()
@ -615,7 +630,7 @@ private:
" char str[3];\n"
" strcpy(str, \"abc\");\n"
"}\n");
ASSERT_EQUALS("[test.cpp:4]: (possible error) Buffer overrun\n", errout.str());
ASSERT_EQUALS("[test.cpp:4]: (error) Buffer overrun\n", errout.str());
}
@ -630,7 +645,7 @@ private:
"{\n"
" strcpy( abc->str, \"abcdef\" );\n"
"}\n");
ASSERT_EQUALS("[test.cpp:8]: (possible error) Buffer overrun\n", errout.str());
ASSERT_EQUALS("[test.cpp:8]: (error) Buffer overrun\n", errout.str());
}
@ -644,7 +659,7 @@ private:
" for (i = 0; i <= 10; ++i)\n"
" a[i] = 0;\n"
"}\n");
ASSERT_EQUALS("[test.cpp:7]: (possible error) Buffer overrun\n", errout.str());
ASSERT_EQUALS("[test.cpp:7]: (error) Buffer overrun\n", errout.str());
}
@ -656,7 +671,7 @@ private:
" for (int i = 0; i < 8; ++i)\n"
" p[i] = 0;\n"
"}\n");
ASSERT_EQUALS("[test.cpp:5]: (possible error) Buffer overrun\n", errout.str());
ASSERT_EQUALS("[test.cpp:5]: (error) Buffer overrun\n", errout.str());
// No false positive
check("void foo(int x, int y)\n"
@ -687,14 +702,14 @@ private:
" strcat(n, \"abc\");\n"
" strcat(n, \"def\");\n"
"}\n");
ASSERT_EQUALS("[test.cpp:5]: (possible error) Buffer overrun\n", errout.str());
ASSERT_EQUALS("[test.cpp:5]: (error) Buffer overrun\n", errout.str());
check("void f()\n"
"{\n"
" char n[5];\n"
" strcat(strcat(n, \"abc\"), \"def\");\n"
"}\n");
ASSERT_EQUALS("[test.cpp:4]: (possible error) Buffer overrun\n", errout.str());
ASSERT_EQUALS("[test.cpp:4]: (error) Buffer overrun\n", errout.str());
}
void buffer_overrun_7()
@ -808,7 +823,7 @@ private:
" char str[3];\n"
" sprintf(str, \"%s\", \"abc\");\n"
"}\n");
ASSERT_EQUALS("[test.cpp:4]: (possible error) Buffer overrun\n", errout.str());
ASSERT_EQUALS("[test.cpp:4]: (error) Buffer overrun\n", errout.str());
check("void f()\n"
"{\n"
@ -816,7 +831,7 @@ private:
" sprintf(c, \"%s\", \"/usr/LongLongLongLongUserName/bin/LongLongApplicationName\");\n"
" delete [] c;\n"
"}\n");
ASSERT_EQUALS("[test.cpp:4]: (possible error) Buffer overrun\n", errout.str());
ASSERT_EQUALS("[test.cpp:4]: (error) Buffer overrun\n", errout.str());
}
void sprintf2()
@ -826,7 +841,7 @@ private:
" char str[5];\n"
" sprintf(str, \"%d: %s\", getnumber(), \"abcde\");\n"
"}\n");
ASSERT_EQUALS("[test.cpp:4]: (possible error) Buffer overrun\n", errout.str());
ASSERT_EQUALS("[test.cpp:4]: (error) Buffer overrun\n", errout.str());
}
void sprintf3()
@ -836,7 +851,7 @@ private:
" char str[3];\n"
" sprintf(str, \"test\");\n"
"}\n");
ASSERT_EQUALS("[test.cpp:4]: (possible error) Buffer overrun\n", errout.str());
ASSERT_EQUALS("[test.cpp:4]: (error) Buffer overrun\n", errout.str());
check("void f()\n"
"{\n"
@ -875,7 +890,7 @@ private:
" char buf[3];\n"
" sprintf(buf, \"%s\", condition ? \"11\" : \"222\");\n"
"}\n");
TODO_ASSERT_EQUALS("[test.cpp:4]: (possible error) Buffer overrun\n", errout.str());
TODO_ASSERT_EQUALS("[test.cpp:4]: (error) Buffer overrun\n", errout.str());
}
void snprintf1()
@ -1120,7 +1135,7 @@ private:
" strcpy(a,\"hello\");\n"
" strncpy(c,a,sizeof(c)+1);\n"
"}\n");
ASSERT_EQUALS("[test.cpp:6]: (possible error) Buffer overrun\n", errout.str());
ASSERT_EQUALS("[test.cpp:6]: (error) Buffer overrun\n", errout.str());
check("void f()\n"
"{\n"
@ -1134,7 +1149,7 @@ private:
" char c[6];\n"
" strncpy(c,\"hello!\",sizeof(c)+1);\n"
"}\n");
ASSERT_EQUALS("[test.cpp:4]: (possible error) Buffer overrun\n", errout.str());
ASSERT_EQUALS("[test.cpp:4]: (error) Buffer overrun\n", errout.str());
}
};