walkero
/
cppcheck
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Move buffer overrun errors behind --all 

Fix one possible error issue with arrayindexoutofbounds
Make sure that possible errors are not shown without --all
This commit is contained in:
Reijo Tomperi 2009-10-13 23:33:41 +03:00
parent a3a55547d8
commit 3dc45903bc
2 changed files with 45 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/checkbufferoverrun.cpp
View File

@ -60,7 +60,7 @@ void CheckBufferOverrun::arrayIndexOutOfBounds(const Token *tok, int size)
void CheckBufferOverrun::arrayIndexOutOfBounds(int size) void CheckBufferOverrun::arrayIndexOutOfBounds(int size)
{ {
Severity::e severity; Severity::e severity;
if (size <= 1) if (size <= 1 || _callStack.size() > 1)
{ {
severity = Severity::possibleError; severity = Severity::possibleError;
if (_settings->_showAll == false) if (_settings->_showAll == false)
@ -76,16 +76,22 @@ void CheckBufferOverrun::arrayIndexOutOfBounds(int size)
void CheckBufferOverrun::bufferOverrun(const Token *tok) void CheckBufferOverrun::bufferOverrun(const Token *tok)
{ {
reportError(tok, Severity::possibleError, "bufferOverrun", "Buffer overrun"); reportError(tok, Severity::error, "bufferOverrun", "Buffer overrun");
} }
void CheckBufferOverrun::dangerousStdCin(const Token *tok) void CheckBufferOverrun::dangerousStdCin(const Token *tok)
{ {
if (_settings->_showAll == false)
return;
reportError(tok, Severity::possibleError, "dangerousStdCin", "Dangerous usage of std::cin, possible buffer overrun"); reportError(tok, Severity::possibleError, "dangerousStdCin", "Dangerous usage of std::cin, possible buffer overrun");
} }
void CheckBufferOverrun::strncatUsage(const Token *tok) void CheckBufferOverrun::strncatUsage(const Token *tok)
{ {
if (_settings->_showAll == false)
return;
reportError(tok, Severity::possibleError, "strncatUsage", "Dangerous usage of strncat. Tip: the 3rd parameter means maximum number of characters to append"); reportError(tok, Severity::possibleError, "strncatUsage", "Dangerous usage of strncat. Tip: the 3rd parameter means maximum number of characters to append");
} }
@ -96,6 +102,9 @@ void CheckBufferOverrun::outOfBounds(const Token *tok, const std::string &what)
void CheckBufferOverrun::sizeArgumentAsChar(const Token *tok) void CheckBufferOverrun::sizeArgumentAsChar(const Token *tok)
{ {
if (_settings->_showAll == false)
return;
reportError(tok, Severity::possibleError, "sizeArgumentAsChar", "The size argument is given as a char constant"); reportError(tok, Severity::possibleError, "sizeArgumentAsChar", "The size argument is given as a char constant");
} }

53
test/testbufferoverrun.cpp
View File

@ -270,7 +270,7 @@ private:
" for (i = 0; i < 100; i++)\n" " for (i = 0; i < 100; i++)\n"
" sum += val[i];\n" " sum += val[i];\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:6]: (possible error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:6]: (error) Buffer overrun\n", errout.str());
} }
{ {
@ -281,7 +281,7 @@ private:
" for (i = 1; i < 100; i++)\n" " for (i = 1; i < 100; i++)\n"
" sum += val[i];\n" " sum += val[i];\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:6]: (possible error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:6]: (error) Buffer overrun\n", errout.str());
} }
@ -293,7 +293,7 @@ private:
" for (i = a; i < 100; i++)\n" " for (i = a; i < 100; i++)\n"
" sum += val[i];\n" " sum += val[i];\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:6]: (possible error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:6]: (error) Buffer overrun\n", errout.str());
} }
} }
@ -396,7 +396,22 @@ private:
" char str[5];\n" " char str[5];\n"
" memclr( str ); // ERROR\n" " memclr( str ); // ERROR\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:9] -> [test.cpp:3]: (error) Array index out of bounds\n", errout.str()); ASSERT_EQUALS("[test.cpp:9] -> [test.cpp:3]: (possible error) Array index out of bounds\n", errout.str());
// This is not an error
check("static void memclr( char *data, int size )\n"
"{\n"
" if( size > 10 )"
" data[10] = 0;\n"
"}\n"
"\n"
"static void f()\n"
"{\n"
" char str[5];\n"
" memclr( str, 5 ); // ERROR\n"
"}\n");
ASSERT_EQUALS("[test.cpp:9] -> [test.cpp:3]: (possible error) Array index out of bounds\n", errout.str());
TODO_ASSERT_EQUALS("", errout.str());
} }
@ -416,7 +431,7 @@ private:
"{\n" "{\n"
" memclr(abc->str);\n" " memclr(abc->str);\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:13] -> [test.cpp:8]: (error) Array index out of bounds\n", errout.str()); ASSERT_EQUALS("[test.cpp:13] -> [test.cpp:8]: (possible error) Array index out of bounds\n", errout.str());
} }
@ -586,7 +601,7 @@ private:
" i+=1;\n" " i+=1;\n"
" }\n" " }\n"
"}\n"); "}\n");
TODO_ASSERT_EQUALS("[test.cpp:6]: (possible error) Buffer overrun\n", errout.str()); TODO_ASSERT_EQUALS("[test.cpp:6]: (error) Buffer overrun\n", errout.str());
} }
void array_index_19() void array_index_19()
@ -615,7 +630,7 @@ private:
" char str[3];\n" " char str[3];\n"
" strcpy(str, \"abc\");\n" " strcpy(str, \"abc\");\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:4]: (possible error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:4]: (error) Buffer overrun\n", errout.str());
} }
@ -630,7 +645,7 @@ private:
"{\n" "{\n"
" strcpy( abc->str, \"abcdef\" );\n" " strcpy( abc->str, \"abcdef\" );\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:8]: (possible error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:8]: (error) Buffer overrun\n", errout.str());
} }
@ -644,7 +659,7 @@ private:
" for (i = 0; i <= 10; ++i)\n" " for (i = 0; i <= 10; ++i)\n"
" a[i] = 0;\n" " a[i] = 0;\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:7]: (possible error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:7]: (error) Buffer overrun\n", errout.str());
} }
@ -656,7 +671,7 @@ private:
" for (int i = 0; i < 8; ++i)\n" " for (int i = 0; i < 8; ++i)\n"
" p[i] = 0;\n" " p[i] = 0;\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:5]: (possible error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:5]: (error) Buffer overrun\n", errout.str());
// No false positive // No false positive
check("void foo(int x, int y)\n" check("void foo(int x, int y)\n"
@ -687,14 +702,14 @@ private:
" strcat(n, \"abc\");\n" " strcat(n, \"abc\");\n"
" strcat(n, \"def\");\n" " strcat(n, \"def\");\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:5]: (possible error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:5]: (error) Buffer overrun\n", errout.str());
check("void f()\n" check("void f()\n"
"{\n" "{\n"
" char n[5];\n" " char n[5];\n"
" strcat(strcat(n, \"abc\"), \"def\");\n" " strcat(strcat(n, \"abc\"), \"def\");\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:4]: (possible error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:4]: (error) Buffer overrun\n", errout.str());
} }
void buffer_overrun_7() void buffer_overrun_7()
@ -808,7 +823,7 @@ private:
" char str[3];\n" " char str[3];\n"
" sprintf(str, \"%s\", \"abc\");\n" " sprintf(str, \"%s\", \"abc\");\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:4]: (possible error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:4]: (error) Buffer overrun\n", errout.str());
check("void f()\n" check("void f()\n"
"{\n" "{\n"
@ -816,7 +831,7 @@ private:
" sprintf(c, \"%s\", \"/usr/LongLongLongLongUserName/bin/LongLongApplicationName\");\n" " sprintf(c, \"%s\", \"/usr/LongLongLongLongUserName/bin/LongLongApplicationName\");\n"
" delete [] c;\n" " delete [] c;\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:4]: (possible error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:4]: (error) Buffer overrun\n", errout.str());
} }
void sprintf2() void sprintf2()
@ -826,7 +841,7 @@ private:
" char str[5];\n" " char str[5];\n"
" sprintf(str, \"%d: %s\", getnumber(), \"abcde\");\n" " sprintf(str, \"%d: %s\", getnumber(), \"abcde\");\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:4]: (possible error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:4]: (error) Buffer overrun\n", errout.str());
} }
void sprintf3() void sprintf3()
@ -836,7 +851,7 @@ private:
" char str[3];\n" " char str[3];\n"
" sprintf(str, \"test\");\n" " sprintf(str, \"test\");\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:4]: (possible error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:4]: (error) Buffer overrun\n", errout.str());
check("void f()\n" check("void f()\n"
"{\n" "{\n"
@ -875,7 +890,7 @@ private:
" char buf[3];\n" " char buf[3];\n"
" sprintf(buf, \"%s\", condition ? \"11\" : \"222\");\n" " sprintf(buf, \"%s\", condition ? \"11\" : \"222\");\n"
"}\n"); "}\n");
TODO_ASSERT_EQUALS("[test.cpp:4]: (possible error) Buffer overrun\n", errout.str()); TODO_ASSERT_EQUALS("[test.cpp:4]: (error) Buffer overrun\n", errout.str());
} }
void snprintf1() void snprintf1()
@ -1120,7 +1135,7 @@ private:
" strcpy(a,\"hello\");\n" " strcpy(a,\"hello\");\n"
" strncpy(c,a,sizeof(c)+1);\n" " strncpy(c,a,sizeof(c)+1);\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:6]: (possible error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:6]: (error) Buffer overrun\n", errout.str());
check("void f()\n" check("void f()\n"
"{\n" "{\n"
@ -1134,7 +1149,7 @@ private:
" char c[6];\n" " char c[6];\n"
" strncpy(c,\"hello!\",sizeof(c)+1);\n" " strncpy(c,\"hello!\",sizeof(c)+1);\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:4]: (possible error) Buffer overrun\n", errout.str()); ASSERT_EQUALS("[test.cpp:4]: (error) Buffer overrun\n", errout.str());
} }
}; };