Improved the buffer overrun checks. Results that are not 100% certain must be enabled through the "-w".
This commit is contained in:
Daniel Marjamäki
parent
ade2265ed2
commit
3ee0d3c9d3
|
|
@ -48,6 +48,8 @@ TOKEN *findfunction(TOKEN *tok)
|
||||||
// Writing dynamic data in buffer without bounds checking
|
// Writing dynamic data in buffer without bounds checking
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
extern bool ShowWarnings;
|
||||||
|
|
||||||
static void _DynamicDataCheck(TOKEN *ftok, TOKEN *tok)
|
static void _DynamicDataCheck(TOKEN *ftok, TOKEN *tok)
|
||||||
{
|
{
|
||||||
const char *var2 = tok->str;
|
const char *var2 = tok->str;
|
||||||
|
|
@ -67,10 +69,31 @@ static void _DynamicDataCheck(TOKEN *ftok, TOKEN *tok)
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (strcmp(tok2->str,var2)==0)
|
if (match(tok2,"char var [ ]"))
|
||||||
{
|
{
|
||||||
Var2Count++;
|
decl |= (strcmp(getstr(tok2,1),var2)==0);
|
||||||
break;
|
tok2 = gettok(tok2,3);
|
||||||
|
}
|
||||||
|
|
||||||
|
// If ShowWarnings, only strlen(var2) counts
|
||||||
|
if ( ShowWarnings )
|
||||||
|
{
|
||||||
|
if (match(tok2,"strlen ( var )") &&
|
||||||
|
strcmp(getstr(tok2,2),var2)==0)
|
||||||
|
{
|
||||||
|
Var2Count++;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// If not ShowWarnings, all usage of "var2" counts
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (strcmp(tok2->str,var2)==0)
|
||||||
|
{
|
||||||
|
Var2Count++;
|
||||||
|
break;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
2
main.cpp
2
main.cpp
|
|
@ -16,7 +16,7 @@
|
||||||
|
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
bool Debug = false;
|
bool Debug = false;
|
||||||
static bool ShowWarnings = false;
|
bool ShowWarnings = false;
|
||||||
//---------------------------------------------------------------------------
|
//---------------------------------------------------------------------------
|
||||||
|
|
||||||
static void CppCheck(const char FileName[]);
|
static void CppCheck(const char FileName[]);
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,4 @@
|
||||||
[testbufferoverrun7\testbufferoverrun7.cpp:5]: A string with unknown length is copied to buffer.
|
[testbufferoverrun7\testbufferoverrun7.cpp:5]: A string with unknown length is copied to buffer.
|
||||||
[testbufferoverrun7\testbufferoverrun7.cpp:10]: A string with unknown length is copied to buffer.
|
[testbufferoverrun7\testbufferoverrun7.cpp:10]: A string with unknown length is copied to buffer.
|
||||||
[testbufferoverrun7\testbufferoverrun7.cpp:15]: A string with unknown length is copied to buffer.
|
[testbufferoverrun7\testbufferoverrun7.cpp:15]: A string with unknown length is copied to buffer.
|
||||||
|
[testbufferoverrun7\testbufferoverrun7.cpp:20]: A string with unknown length is copied to buffer.
|
||||||
|
|
|
||||||
|
|
@ -14,3 +14,8 @@ void f3(char *str)
|
||||||
{
|
{
|
||||||
sprintf(buf,"%s",str);
|
sprintf(buf,"%s",str);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void f4(const char str[])
|
||||||
|
{
|
||||||
|
strcpy(buf, str);
|
||||||
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue