arrayIndexOutOfBounds check is now done without --all
Errors with buf[1] are still listed only with --all due to false positive risk in them.
This commit is contained in:
Reijo Tomperi
parent
0c3da73ee1
commit
4036dd5eff
|
|
@ -45,21 +45,33 @@ CheckBufferOverrun instance;
|
|||
|
||||
//---------------------------------------------------------------------------
|
||||
|
||||
void CheckBufferOverrun::arrayIndexOutOfBounds(const Token *tok)
|
||||
void CheckBufferOverrun::arrayIndexOutOfBounds(const Token *tok, int size)
|
||||
{
|
||||
if (!tok)
|
||||
arrayIndexOutOfBounds();
|
||||
arrayIndexOutOfBounds(size);
|
||||
else
|
||||
{
|
||||
_callStack.push_back(tok);
|
||||
arrayIndexOutOfBounds();
|
||||
arrayIndexOutOfBounds(size);
|
||||
_callStack.pop_back();
|
||||
}
|
||||
}
|
||||
|
||||
void CheckBufferOverrun::arrayIndexOutOfBounds()
|
||||
void CheckBufferOverrun::arrayIndexOutOfBounds(int size)
|
||||
{
|
||||
reportError(_callStack, Severity::possibleError, "arrayIndexOutOfBounds", "Array index out of bounds");
|
||||
Severity::e severity;
|
||||
if (size <= 1)
|
||||
{
|
||||
severity = Severity::possibleError;
|
||||
if (_settings->_showAll == false)
|
||||
return;
|
||||
}
|
||||
else
|
||||
{
|
||||
severity = Severity::error;
|
||||
}
|
||||
|
||||
reportError(_callStack, severity, "arrayIndexOutOfBounds", "Array index out of bounds");
|
||||
}
|
||||
|
||||
void CheckBufferOverrun::bufferOverrun(const Token *tok)
|
||||
|
|
@ -122,7 +134,7 @@ void CheckBufferOverrun::checkScope(const Token *tok, const char *varname[], con
|
|||
const char *num = tok->strAt(2);
|
||||
if (std::strtol(num, NULL, 10) >= size)
|
||||
{
|
||||
arrayIndexOutOfBounds(tok->next());
|
||||
arrayIndexOutOfBounds(tok->next(), size);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -131,7 +143,7 @@ void CheckBufferOverrun::checkScope(const Token *tok, const char *varname[], con
|
|||
const char *num = tok->strAt(2 + varc);
|
||||
if (std::strtol(num, NULL, 10) >= size)
|
||||
{
|
||||
arrayIndexOutOfBounds(tok->next());
|
||||
arrayIndexOutOfBounds(tok->next(), size);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -160,7 +172,7 @@ void CheckBufferOverrun::checkScope(const Token *tok, const char *varname[], con
|
|||
{
|
||||
if (std::strtol(num, NULL, 10) > size || !Token::Match(tok->previous(), "& ("))
|
||||
{
|
||||
arrayIndexOutOfBounds(tok->next());
|
||||
arrayIndexOutOfBounds(tok->next(), size);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -170,7 +182,7 @@ void CheckBufferOverrun::checkScope(const Token *tok, const char *varname[], con
|
|||
const char *num = tok->next()->strAt(2 + varc);
|
||||
if (std::strtol(num, NULL, 10) >= size)
|
||||
{
|
||||
arrayIndexOutOfBounds(tok->next());
|
||||
arrayIndexOutOfBounds(tok->next(), size);
|
||||
}
|
||||
tok = tok->tokAt(4);
|
||||
continue;
|
||||
|
|
@ -406,7 +418,7 @@ void CheckBufferOverrun::checkScope(const Token *tok, const char *varname[], con
|
|||
//printf("min_index = %d, max_index = %d, size = %d\n", min_index, max_index, size);
|
||||
if (min_index >= size || max_index >= size)
|
||||
{
|
||||
arrayIndexOutOfBounds(tok2->next());
|
||||
arrayIndexOutOfBounds(tok2->next(), size);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -50,8 +50,7 @@ public:
|
|||
void runSimplifiedChecks(const Tokenizer *tokenizer, const Settings *settings, ErrorLogger *errorLogger)
|
||||
{
|
||||
CheckBufferOverrun checkBufferOverrun(tokenizer, settings, errorLogger);
|
||||
if (settings->_showAll)
|
||||
checkBufferOverrun.bufferOverrun();
|
||||
checkBufferOverrun.bufferOverrun();
|
||||
}
|
||||
|
||||
/** Check for buffer overruns */
|
||||
|
|
@ -80,8 +79,8 @@ private:
|
|||
/** callstack - used during intra-function checking */
|
||||
std::list<const Token *> _callStack;
|
||||
|
||||
void arrayIndexOutOfBounds(const Token *tok);
|
||||
void arrayIndexOutOfBounds();
|
||||
void arrayIndexOutOfBounds(const Token *tok, int size);
|
||||
void arrayIndexOutOfBounds(int size);
|
||||
void bufferOverrun(const Token *tok);
|
||||
void dangerousStdCin(const Token *tok);
|
||||
void strncatUsage(const Token *tok);
|
||||
|
|
@ -90,7 +89,7 @@ private:
|
|||
|
||||
void getErrorMessages()
|
||||
{
|
||||
arrayIndexOutOfBounds(0);
|
||||
arrayIndexOutOfBounds(0, 2);
|
||||
bufferOverrun(0);
|
||||
dangerousStdCin(0);
|
||||
strncatUsage(0);
|
||||
|
|
|
|||
|
|
@ -221,7 +221,7 @@ private:
|
|||
" int data[2];\n"
|
||||
" data[ sizeof(data[0]) ] = 0;\n"
|
||||
"}\n");
|
||||
ASSERT_EQUALS("[test.cpp:4]: (possible error) Array index out of bounds\n", errout.str());
|
||||
ASSERT_EQUALS("[test.cpp:4]: (error) Array index out of bounds\n", errout.str());
|
||||
}
|
||||
|
||||
void sizeof3()
|
||||
|
|
@ -244,7 +244,7 @@ private:
|
|||
" str[15] = 0;\n"
|
||||
" str[16] = 0;\n"
|
||||
"}\n");
|
||||
ASSERT_EQUALS("[test.cpp:5]: (possible error) Array index out of bounds\n", errout.str());
|
||||
ASSERT_EQUALS("[test.cpp:5]: (error) Array index out of bounds\n", errout.str());
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -256,7 +256,7 @@ private:
|
|||
" str[15] = 0;\n"
|
||||
" str[16] = 0;\n"
|
||||
"}\n");
|
||||
ASSERT_EQUALS("[test.cpp:5]: (possible error) Array index out of bounds\n", errout.str());
|
||||
ASSERT_EQUALS("[test.cpp:5]: (error) Array index out of bounds\n", errout.str());
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -306,7 +306,7 @@ private:
|
|||
" int i[SIZE];\n"
|
||||
" i[SIZE] = 0;\n"
|
||||
"}\n");
|
||||
ASSERT_EQUALS("[test.cpp:5]: (possible error) Array index out of bounds\n", errout.str());
|
||||
ASSERT_EQUALS("[test.cpp:5]: (error) Array index out of bounds\n", errout.str());
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -317,7 +317,7 @@ private:
|
|||
" int i[10];\n"
|
||||
" i[ sizeof(i) - 1 ] = 0;\n"
|
||||
"}\n");
|
||||
ASSERT_EQUALS("[test.cpp:4]: (possible error) Array index out of bounds\n", errout.str());
|
||||
ASSERT_EQUALS("[test.cpp:4]: (error) Array index out of bounds\n", errout.str());
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -333,7 +333,22 @@ private:
|
|||
" struct ABC abc;\n"
|
||||
" abc.str[10] = 0;\n"
|
||||
"}\n");
|
||||
ASSERT_EQUALS("[test.cpp:9]: (possible error) Array index out of bounds\n", errout.str());
|
||||
ASSERT_EQUALS("[test.cpp:9]: (error) Array index out of bounds\n", errout.str());
|
||||
|
||||
// This is not out of bounds
|
||||
check("struct ABC\n"
|
||||
"{\n"
|
||||
" char str[1];\n"
|
||||
"};\n"
|
||||
"\n"
|
||||
"static void f()\n"
|
||||
"{\n"
|
||||
" int datasize = 10;\n"
|
||||
" struct ABC* x = malloc(sizeof(struct ABC) + datasize - 1);\n"
|
||||
" x->str[1] = 0;"
|
||||
"}\n");
|
||||
ASSERT_EQUALS("[test.cpp:10]: (possible error) Array index out of bounds\n", errout.str());
|
||||
TODO_ASSERT_EQUALS("", errout.str());
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -348,7 +363,7 @@ private:
|
|||
"{\n"
|
||||
" abc->str[10] = 0;\n"
|
||||
"}\n");
|
||||
ASSERT_EQUALS("[test.cpp:8]: (possible error) Array index out of bounds\n", errout.str());
|
||||
ASSERT_EQUALS("[test.cpp:8]: (error) Array index out of bounds\n", errout.str());
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -366,7 +381,7 @@ private:
|
|||
" struct ABC abc;\n"
|
||||
" abc.str[SIZE] = 0;\n"
|
||||
"}\n");
|
||||
ASSERT_EQUALS("[test.cpp:11]: (possible error) Array index out of bounds\n", errout.str());
|
||||
ASSERT_EQUALS("[test.cpp:11]: (error) Array index out of bounds\n", errout.str());
|
||||
}
|
||||
|
||||
void array_index_9()
|
||||
|
|
@ -381,7 +396,7 @@ private:
|
|||
" char str[5];\n"
|
||||
" memclr( str ); // ERROR\n"
|
||||
"}\n");
|
||||
ASSERT_EQUALS("[test.cpp:9] -> [test.cpp:3]: (possible error) Array index out of bounds\n", errout.str());
|
||||
ASSERT_EQUALS("[test.cpp:9] -> [test.cpp:3]: (error) Array index out of bounds\n", errout.str());
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -401,7 +416,7 @@ private:
|
|||
"{\n"
|
||||
" memclr(abc->str);\n"
|
||||
"}\n");
|
||||
ASSERT_EQUALS("[test.cpp:13] -> [test.cpp:8]: (possible error) Array index out of bounds\n", errout.str());
|
||||
ASSERT_EQUALS("[test.cpp:13] -> [test.cpp:8]: (error) Array index out of bounds\n", errout.str());
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -422,7 +437,7 @@ private:
|
|||
" abc->str[10] = 0;\n"
|
||||
" }\n"
|
||||
"}\n");
|
||||
ASSERT_EQUALS("[test.cpp:12]: (possible error) Array index out of bounds\n", errout.str());
|
||||
ASSERT_EQUALS("[test.cpp:12]: (error) Array index out of bounds\n", errout.str());
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -439,7 +454,7 @@ private:
|
|||
"{\n"
|
||||
" str[10] = 0;\n"
|
||||
"}\n");
|
||||
ASSERT_EQUALS("[test.cpp:10]: (possible error) Array index out of bounds\n", errout.str());
|
||||
ASSERT_EQUALS("[test.cpp:10]: (error) Array index out of bounds\n", errout.str());
|
||||
}
|
||||
|
||||
void array_index_13()
|
||||
|
|
@ -464,7 +479,7 @@ private:
|
|||
" for (int i = 0; i < 10; i++)\n"
|
||||
" a[i+10] = i;\n"
|
||||
"}\n");
|
||||
ASSERT_EQUALS("[test.cpp:5]: (possible error) Array index out of bounds\n", errout.str());
|
||||
ASSERT_EQUALS("[test.cpp:5]: (error) Array index out of bounds\n", errout.str());
|
||||
}
|
||||
|
||||
void array_index_15()
|
||||
|
|
@ -475,7 +490,7 @@ private:
|
|||
" for (int i = 0; i < 10; i++)\n"
|
||||
" a[10+i] = i;\n"
|
||||
"}\n");
|
||||
ASSERT_EQUALS("[test.cpp:5]: (possible error) Array index out of bounds\n", errout.str());
|
||||
ASSERT_EQUALS("[test.cpp:5]: (error) Array index out of bounds\n", errout.str());
|
||||
}
|
||||
|
||||
void array_index_16()
|
||||
|
|
@ -486,7 +501,7 @@ private:
|
|||
" for (int i = 0; i < 10; i++)\n"
|
||||
" a[i+1] = i;\n"
|
||||
"}\n");
|
||||
ASSERT_EQUALS("[test.cpp:5]: (possible error) Array index out of bounds\n", errout.str());
|
||||
ASSERT_EQUALS("[test.cpp:5]: (error) Array index out of bounds\n", errout.str());
|
||||
}
|
||||
|
||||
void array_index_17()
|
||||
|
|
@ -497,7 +512,7 @@ private:
|
|||
" for (int i = 0; i < 10; i++)\n"
|
||||
" a[i*2] = i;\n"
|
||||
"}\n");
|
||||
ASSERT_EQUALS("[test.cpp:5]: (possible error) Array index out of bounds\n", errout.str());
|
||||
ASSERT_EQUALS("[test.cpp:5]: (error) Array index out of bounds\n", errout.str());
|
||||
|
||||
check("void f()\n"
|
||||
"{\n"
|
||||
|
|
@ -513,7 +528,7 @@ private:
|
|||
" for (int i = 0; i < 12; i+=6)\n"
|
||||
" a[i+6] = i;\n"
|
||||
"}\n");
|
||||
ASSERT_EQUALS("[test.cpp:5]: (possible error) Array index out of bounds\n", errout.str());
|
||||
ASSERT_EQUALS("[test.cpp:5]: (error) Array index out of bounds\n", errout.str());
|
||||
}
|
||||
|
||||
void array_index_18()
|
||||
|
|
@ -590,7 +605,7 @@ private:
|
|||
" char a[2];\n"
|
||||
" char *end = &(a[3]);\n"
|
||||
"}\n");
|
||||
ASSERT_EQUALS("[test.cpp:4]: (possible error) Array index out of bounds\n", errout.str());
|
||||
ASSERT_EQUALS("[test.cpp:4]: (error) Array index out of bounds\n", errout.str());
|
||||
}
|
||||
|
||||
void buffer_overrun_1()
|
||||
|
|
@ -978,11 +993,9 @@ private:
|
|||
"{\n"
|
||||
" str[3] = 0;\n"
|
||||
"}\n");
|
||||
ASSERT_EQUALS("[test.cpp:5]: (possible error) Array index out of bounds\n", errout.str());
|
||||
ASSERT_EQUALS("[test.cpp:5]: (error) Array index out of bounds\n", errout.str());
|
||||
}
|
||||
|
||||
|
||||
|
||||
void alloc()
|
||||
{
|
||||
check("void foo()\n"
|
||||
|
|
@ -990,14 +1003,14 @@ private:
|
|||
" char *s = new char[10];\n"
|
||||
" s[10] = 0;\n"
|
||||
"}\n");
|
||||
ASSERT_EQUALS("[test.cpp:4]: (possible error) Array index out of bounds\n", errout.str());
|
||||
ASSERT_EQUALS("[test.cpp:4]: (error) Array index out of bounds\n", errout.str());
|
||||
|
||||
check("void foo()\n"
|
||||
"{\n"
|
||||
" char *s = malloc(10);\n"
|
||||
" s[10] = 0;\n"
|
||||
"}\n");
|
||||
ASSERT_EQUALS("[test.cpp:4]: (possible error) Array index out of bounds\n", errout.str());
|
||||
ASSERT_EQUALS("[test.cpp:4]: (error) Array index out of bounds\n", errout.str());
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue