ExprEngine: Removed NullPointerDereference checker for now.
This commit is contained in:
parent
3e17c24dd8
commit
555890fdfa
|
@ -1166,34 +1166,6 @@ void ExprEngine::runChecks(ErrorLogger *errorLogger, const Tokenizer *tokenizer,
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
std::function<void(const Token *, const ExprEngine::Value &, ExprEngine::DataBase *)> nullPointerDereference = [=](const Token *tok, const ExprEngine::Value &value, ExprEngine::DataBase *dataBase) {
|
|
||||||
if (!tok->astParent())
|
|
||||||
return;
|
|
||||||
|
|
||||||
// Is pointer dereferenced?
|
|
||||||
bool deref = false;
|
|
||||||
deref |= tok->astParent()->isUnaryOp("*");
|
|
||||||
deref |= Token::simpleMatch(tok->astParent(), "[");
|
|
||||||
deref |= Token::simpleMatch(tok->astParent(), ".") && tok == tok->astParent()->astOperand1();
|
|
||||||
if (!deref)
|
|
||||||
return;
|
|
||||||
|
|
||||||
// Is this a null pointer value?
|
|
||||||
try {
|
|
||||||
if (auto pointerValue = dynamic_cast<const ExprEngine::PointerValue*>(&value)) {
|
|
||||||
if (!pointerValue->null)
|
|
||||||
return;
|
|
||||||
} else if (!value.isIntValueInRange(dataBase, 0))
|
|
||||||
return;
|
|
||||||
} catch (const std::exception &) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
std::list<const Token*> callstack{tok->astParent()};
|
|
||||||
ErrorLogger::ErrorMessage errmsg(callstack, &tokenizer->list, Severity::SeverityType::error, "verificationNullPointerDereference", "There is pointer dereference, cannot determine that the pointer can't be NULL.", CWE(476), false);
|
|
||||||
errorLogger->reportErr(errmsg);
|
|
||||||
};
|
|
||||||
|
|
||||||
#ifdef VERIFY_INTEGEROVERFLOW
|
#ifdef VERIFY_INTEGEROVERFLOW
|
||||||
std::function<void(const Token *, const ExprEngine::Value &, ExprEngine::DataBase *)> integerOverflow = [&](const Token *tok, const ExprEngine::Value &value, ExprEngine::DataBase *dataBase) {
|
std::function<void(const Token *, const ExprEngine::Value &, ExprEngine::DataBase *)> integerOverflow = [&](const Token *tok, const ExprEngine::Value &value, ExprEngine::DataBase *dataBase) {
|
||||||
if (!tok->isArithmeticalOp() || !tok->valueType() || !tok->valueType()->isIntegral() || tok->valueType()->pointer > 0)
|
if (!tok->isArithmeticalOp() || !tok->valueType() || !tok->valueType()->isIntegral() || tok->valueType()->pointer > 0)
|
||||||
|
@ -1234,7 +1206,6 @@ void ExprEngine::runChecks(ErrorLogger *errorLogger, const Tokenizer *tokenizer,
|
||||||
|
|
||||||
std::vector<ExprEngine::Callback> callbacks;
|
std::vector<ExprEngine::Callback> callbacks;
|
||||||
callbacks.push_back(divByZero);
|
callbacks.push_back(divByZero);
|
||||||
callbacks.push_back(nullPointerDereference);
|
|
||||||
#ifdef VERIFY_INTEGEROVERFLOW
|
#ifdef VERIFY_INTEGEROVERFLOW
|
||||||
callbacks.push_back(integerOverflow);
|
callbacks.push_back(integerOverflow);
|
||||||
#endif
|
#endif
|
||||||
|
|
|
@ -59,7 +59,7 @@ def check(tc:str, warning_id:str):
|
||||||
|
|
||||||
final_report = ''
|
final_report = ''
|
||||||
final_report += check('C/testcases/CWE369_Divide_by_Zero/s*/*_int_*.c', 'verificationDivByZero')
|
final_report += check('C/testcases/CWE369_Divide_by_Zero/s*/*_int_*.c', 'verificationDivByZero')
|
||||||
final_report += check('C/testcases/CWE476_*/*.c', 'verificationNullPointerDereference')
|
#final_report += check('C/testcases/CWE476_*/*.c', 'verificationNullPointerDereference')
|
||||||
|
|
||||||
print(final_report)
|
print(final_report)
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue