diff --git a/src/checkbufferoverrun.cpp b/src/checkbufferoverrun.cpp index 5333f402f..71b0713ab 100644 --- a/src/checkbufferoverrun.cpp +++ b/src/checkbufferoverrun.cpp @@ -45,21 +45,33 @@ CheckBufferOverrun instance; //--------------------------------------------------------------------------- -void CheckBufferOverrun::arrayIndexOutOfBounds(const Token *tok) +void CheckBufferOverrun::arrayIndexOutOfBounds(const Token *tok, int size) { if (!tok) - arrayIndexOutOfBounds(); + arrayIndexOutOfBounds(size); else { _callStack.push_back(tok); - arrayIndexOutOfBounds(); + arrayIndexOutOfBounds(size); _callStack.pop_back(); } } -void CheckBufferOverrun::arrayIndexOutOfBounds() +void CheckBufferOverrun::arrayIndexOutOfBounds(int size) { - reportError(_callStack, Severity::possibleError, "arrayIndexOutOfBounds", "Array index out of bounds"); + Severity::e severity; + if (size <= 1) + { + severity = Severity::possibleError; + if (_settings->_showAll == false) + return; + } + else + { + severity = Severity::error; + } + + reportError(_callStack, severity, "arrayIndexOutOfBounds", "Array index out of bounds"); } void CheckBufferOverrun::bufferOverrun(const Token *tok) @@ -122,7 +134,7 @@ void CheckBufferOverrun::checkScope(const Token *tok, const char *varname[], con const char *num = tok->strAt(2); if (std::strtol(num, NULL, 10) >= size) { - arrayIndexOutOfBounds(tok->next()); + arrayIndexOutOfBounds(tok->next(), size); } } } @@ -131,7 +143,7 @@ void CheckBufferOverrun::checkScope(const Token *tok, const char *varname[], con const char *num = tok->strAt(2 + varc); if (std::strtol(num, NULL, 10) >= size) { - arrayIndexOutOfBounds(tok->next()); + arrayIndexOutOfBounds(tok->next(), size); } } @@ -160,7 +172,7 @@ void CheckBufferOverrun::checkScope(const Token *tok, const char *varname[], con { if (std::strtol(num, NULL, 10) > size || !Token::Match(tok->previous(), "& (")) { - arrayIndexOutOfBounds(tok->next()); + arrayIndexOutOfBounds(tok->next(), size); } } } @@ -170,7 +182,7 @@ void CheckBufferOverrun::checkScope(const Token *tok, const char *varname[], con const char *num = tok->next()->strAt(2 + varc); if (std::strtol(num, NULL, 10) >= size) { - arrayIndexOutOfBounds(tok->next()); + arrayIndexOutOfBounds(tok->next(), size); } tok = tok->tokAt(4); continue; @@ -406,7 +418,7 @@ void CheckBufferOverrun::checkScope(const Token *tok, const char *varname[], con //printf("min_index = %d, max_index = %d, size = %d\n", min_index, max_index, size); if (min_index >= size || max_index >= size) { - arrayIndexOutOfBounds(tok2->next()); + arrayIndexOutOfBounds(tok2->next(), size); } } diff --git a/src/checkbufferoverrun.h b/src/checkbufferoverrun.h index e9f8751ed..4555ffadb 100644 --- a/src/checkbufferoverrun.h +++ b/src/checkbufferoverrun.h @@ -50,8 +50,7 @@ public: void runSimplifiedChecks(const Tokenizer *tokenizer, const Settings *settings, ErrorLogger *errorLogger) { CheckBufferOverrun checkBufferOverrun(tokenizer, settings, errorLogger); - if (settings->_showAll) - checkBufferOverrun.bufferOverrun(); + checkBufferOverrun.bufferOverrun(); } /** Check for buffer overruns */ @@ -80,8 +79,8 @@ private: /** callstack - used during intra-function checking */ std::list _callStack; - void arrayIndexOutOfBounds(const Token *tok); - void arrayIndexOutOfBounds(); + void arrayIndexOutOfBounds(const Token *tok, int size); + void arrayIndexOutOfBounds(int size); void bufferOverrun(const Token *tok); void dangerousStdCin(const Token *tok); void strncatUsage(const Token *tok); @@ -90,7 +89,7 @@ private: void getErrorMessages() { - arrayIndexOutOfBounds(0); + arrayIndexOutOfBounds(0, 2); bufferOverrun(0); dangerousStdCin(0); strncatUsage(0); diff --git a/test/testbufferoverrun.cpp b/test/testbufferoverrun.cpp index fa94164a6..252ddfd14 100644 --- a/test/testbufferoverrun.cpp +++ b/test/testbufferoverrun.cpp @@ -221,7 +221,7 @@ private: " int data[2];\n" " data[ sizeof(data[0]) ] = 0;\n" "}\n"); - ASSERT_EQUALS("[test.cpp:4]: (possible error) Array index out of bounds\n", errout.str()); + ASSERT_EQUALS("[test.cpp:4]: (error) Array index out of bounds\n", errout.str()); } void sizeof3() @@ -244,7 +244,7 @@ private: " str[15] = 0;\n" " str[16] = 0;\n" "}\n"); - ASSERT_EQUALS("[test.cpp:5]: (possible error) Array index out of bounds\n", errout.str()); + ASSERT_EQUALS("[test.cpp:5]: (error) Array index out of bounds\n", errout.str()); } @@ -256,7 +256,7 @@ private: " str[15] = 0;\n" " str[16] = 0;\n" "}\n"); - ASSERT_EQUALS("[test.cpp:5]: (possible error) Array index out of bounds\n", errout.str()); + ASSERT_EQUALS("[test.cpp:5]: (error) Array index out of bounds\n", errout.str()); } @@ -306,7 +306,7 @@ private: " int i[SIZE];\n" " i[SIZE] = 0;\n" "}\n"); - ASSERT_EQUALS("[test.cpp:5]: (possible error) Array index out of bounds\n", errout.str()); + ASSERT_EQUALS("[test.cpp:5]: (error) Array index out of bounds\n", errout.str()); } @@ -317,7 +317,7 @@ private: " int i[10];\n" " i[ sizeof(i) - 1 ] = 0;\n" "}\n"); - ASSERT_EQUALS("[test.cpp:4]: (possible error) Array index out of bounds\n", errout.str()); + ASSERT_EQUALS("[test.cpp:4]: (error) Array index out of bounds\n", errout.str()); } @@ -333,7 +333,22 @@ private: " struct ABC abc;\n" " abc.str[10] = 0;\n" "}\n"); - ASSERT_EQUALS("[test.cpp:9]: (possible error) Array index out of bounds\n", errout.str()); + ASSERT_EQUALS("[test.cpp:9]: (error) Array index out of bounds\n", errout.str()); + + // This is not out of bounds + check("struct ABC\n" + "{\n" + " char str[1];\n" + "};\n" + "\n" + "static void f()\n" + "{\n" + " int datasize = 10;\n" + " struct ABC* x = malloc(sizeof(struct ABC) + datasize - 1);\n" + " x->str[1] = 0;" + "}\n"); + ASSERT_EQUALS("[test.cpp:10]: (possible error) Array index out of bounds\n", errout.str()); + TODO_ASSERT_EQUALS("", errout.str()); } @@ -348,7 +363,7 @@ private: "{\n" " abc->str[10] = 0;\n" "}\n"); - ASSERT_EQUALS("[test.cpp:8]: (possible error) Array index out of bounds\n", errout.str()); + ASSERT_EQUALS("[test.cpp:8]: (error) Array index out of bounds\n", errout.str()); } @@ -366,7 +381,7 @@ private: " struct ABC abc;\n" " abc.str[SIZE] = 0;\n" "}\n"); - ASSERT_EQUALS("[test.cpp:11]: (possible error) Array index out of bounds\n", errout.str()); + ASSERT_EQUALS("[test.cpp:11]: (error) Array index out of bounds\n", errout.str()); } void array_index_9() @@ -381,7 +396,7 @@ private: " char str[5];\n" " memclr( str ); // ERROR\n" "}\n"); - ASSERT_EQUALS("[test.cpp:9] -> [test.cpp:3]: (possible error) Array index out of bounds\n", errout.str()); + ASSERT_EQUALS("[test.cpp:9] -> [test.cpp:3]: (error) Array index out of bounds\n", errout.str()); } @@ -401,7 +416,7 @@ private: "{\n" " memclr(abc->str);\n" "}\n"); - ASSERT_EQUALS("[test.cpp:13] -> [test.cpp:8]: (possible error) Array index out of bounds\n", errout.str()); + ASSERT_EQUALS("[test.cpp:13] -> [test.cpp:8]: (error) Array index out of bounds\n", errout.str()); } @@ -422,7 +437,7 @@ private: " abc->str[10] = 0;\n" " }\n" "}\n"); - ASSERT_EQUALS("[test.cpp:12]: (possible error) Array index out of bounds\n", errout.str()); + ASSERT_EQUALS("[test.cpp:12]: (error) Array index out of bounds\n", errout.str()); } @@ -439,7 +454,7 @@ private: "{\n" " str[10] = 0;\n" "}\n"); - ASSERT_EQUALS("[test.cpp:10]: (possible error) Array index out of bounds\n", errout.str()); + ASSERT_EQUALS("[test.cpp:10]: (error) Array index out of bounds\n", errout.str()); } void array_index_13() @@ -464,7 +479,7 @@ private: " for (int i = 0; i < 10; i++)\n" " a[i+10] = i;\n" "}\n"); - ASSERT_EQUALS("[test.cpp:5]: (possible error) Array index out of bounds\n", errout.str()); + ASSERT_EQUALS("[test.cpp:5]: (error) Array index out of bounds\n", errout.str()); } void array_index_15() @@ -475,7 +490,7 @@ private: " for (int i = 0; i < 10; i++)\n" " a[10+i] = i;\n" "}\n"); - ASSERT_EQUALS("[test.cpp:5]: (possible error) Array index out of bounds\n", errout.str()); + ASSERT_EQUALS("[test.cpp:5]: (error) Array index out of bounds\n", errout.str()); } void array_index_16() @@ -486,7 +501,7 @@ private: " for (int i = 0; i < 10; i++)\n" " a[i+1] = i;\n" "}\n"); - ASSERT_EQUALS("[test.cpp:5]: (possible error) Array index out of bounds\n", errout.str()); + ASSERT_EQUALS("[test.cpp:5]: (error) Array index out of bounds\n", errout.str()); } void array_index_17() @@ -497,7 +512,7 @@ private: " for (int i = 0; i < 10; i++)\n" " a[i*2] = i;\n" "}\n"); - ASSERT_EQUALS("[test.cpp:5]: (possible error) Array index out of bounds\n", errout.str()); + ASSERT_EQUALS("[test.cpp:5]: (error) Array index out of bounds\n", errout.str()); check("void f()\n" "{\n" @@ -513,7 +528,7 @@ private: " for (int i = 0; i < 12; i+=6)\n" " a[i+6] = i;\n" "}\n"); - ASSERT_EQUALS("[test.cpp:5]: (possible error) Array index out of bounds\n", errout.str()); + ASSERT_EQUALS("[test.cpp:5]: (error) Array index out of bounds\n", errout.str()); } void array_index_18() @@ -590,7 +605,7 @@ private: " char a[2];\n" " char *end = &(a[3]);\n" "}\n"); - ASSERT_EQUALS("[test.cpp:4]: (possible error) Array index out of bounds\n", errout.str()); + ASSERT_EQUALS("[test.cpp:4]: (error) Array index out of bounds\n", errout.str()); } void buffer_overrun_1() @@ -978,11 +993,9 @@ private: "{\n" " str[3] = 0;\n" "}\n"); - ASSERT_EQUALS("[test.cpp:5]: (possible error) Array index out of bounds\n", errout.str()); + ASSERT_EQUALS("[test.cpp:5]: (error) Array index out of bounds\n", errout.str()); } - - void alloc() { check("void foo()\n" @@ -990,14 +1003,14 @@ private: " char *s = new char[10];\n" " s[10] = 0;\n" "}\n"); - ASSERT_EQUALS("[test.cpp:4]: (possible error) Array index out of bounds\n", errout.str()); + ASSERT_EQUALS("[test.cpp:4]: (error) Array index out of bounds\n", errout.str()); check("void foo()\n" "{\n" " char *s = malloc(10);\n" " s[10] = 0;\n" "}\n"); - ASSERT_EQUALS("[test.cpp:4]: (possible error) Array index out of bounds\n", errout.str()); + ASSERT_EQUALS("[test.cpp:4]: (error) Array index out of bounds\n", errout.str()); }