walkero
/
cppcheck
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Merge pull request #815 from boos/cwe-mapping-8 

CWE mapping of invalidscanf, invalidScanfArgType_s, invalidScanfArgType_int, invalidScanfArgType_float, invalidPrintfArgType_s, invalidPrintfArgType_n, invalidPrintfArgType_p, invalidPrintfArgType_int, invalidPrintfArgType_uint, invalidPrintfArgType_sint, invalidPrintfArgType_float, wrongPrintfScanfParameterPositionError
This commit is contained in:
Daniel Marjamäki 2016-07-31 14:14:48 +02:00 committed by GitHub
parent b6246ecc55 9ab4057ddc
commit 8d89eefff9
1 changed files with 18 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
lib/checkio.cpp
View File

@ -34,11 +34,13 @@ namespace {
}
// CVE ID used:
static const CWE CWE119(119U); // Improper Restriction of Operations within the Bounds of a Memory Buffer
static const CWE CWE398(398U); // Indicator of Poor Code Quality
static const CWE CWE664(664U);
static const CWE CWE685(685U);
static const CWE CWE687(687U);
static const CWE CWE910(910U);
static const CWE CWE664(664U); // Improper Control of a Resource Through its Lifetime
static const CWE CWE685(685U); // Function Call With Incorrect Number of Arguments
static const CWE CWE686(686U); // Function Call With Incorrect Argument Type
static const CWE CWE687(687U); // Function Call With Incorrectly Specified Argument Value
static const CWE CWE910(910U); // Use of Expired File Descriptor
//---------------------------------------------------------------------------
// std::cout << std::cout;
@ -443,8 +445,8 @@ void CheckIO::invalidScanfError(const Token *tok)
"here is 'scanf(\"%4s\", c);', as the maximum field width does not include the "
"terminating null byte.\n"
"Source: http://linux.die.net/man/3/scanf\n"
"Source: http://www.opensource.apple.com/source/xnu/xnu-1456.1.26/libkern/stdio/scanf.c"
);
"Source: http://www.opensource.apple.com/source/xnu/xnu-1456.1.26/libkern/stdio/scanf.c",
CWE119, false);
}
//---------------------------------------------------------------------------
@ -1779,7 +1781,7 @@ void CheckIO::wrongPrintfScanfPosixParameterPositionError(const Token* tok, cons
} else {
errmsg << "referencing parameter " << index << " while " << numFunction << " arguments given";
}
reportError(tok, Severity::warning, "wrongPrintfScanfParameterPositionError", errmsg.str());
reportError(tok, Severity::warning, "wrongPrintfScanfParameterPositionError", errmsg.str(), CWE685, false);
}
void CheckIO::invalidScanfArgTypeError_s(const Token* tok, unsigned int numFormat, const std::string& specifier, const ArgumentInfo* argInfo)
@ -1795,7 +1797,7 @@ void CheckIO::invalidScanfArgTypeError_s(const Token* tok, unsigned int numForma
errmsg << " *\' but the argument type is ";
argumentType(errmsg, argInfo);
errmsg << ".";
reportError(tok, Severity::warning, "invalidScanfArgType_s", errmsg.str());
reportError(tok, Severity::warning, "invalidScanfArgType_s", errmsg.str(), CWE686, false);
}
void CheckIO::invalidScanfArgTypeError_int(const Token* tok, unsigned int numFormat, const std::string& specifier, const ArgumentInfo* argInfo, bool isUnsigned)
{
@ -1839,7 +1841,7 @@ void CheckIO::invalidScanfArgTypeError_int(const Token* tok, unsigned int numFor
errmsg << " *\' but the argument type is ";
argumentType(errmsg, argInfo);
errmsg << ".";
reportError(tok, Severity::warning, "invalidScanfArgType_int", errmsg.str());
reportError(tok, Severity::warning, "invalidScanfArgType_int", errmsg.str(), CWE686, false);
}
void CheckIO::invalidScanfArgTypeError_float(const Token* tok, unsigned int numFormat, const std::string& specifier, const ArgumentInfo* argInfo)
{
@ -1856,7 +1858,7 @@ void CheckIO::invalidScanfArgTypeError_float(const Token* tok, unsigned int numF
errmsg << " *\' but the argument type is ";
argumentType(errmsg, argInfo);
errmsg << ".";
reportError(tok, Severity::warning, "invalidScanfArgType_float", errmsg.str());
reportError(tok, Severity::warning, "invalidScanfArgType_float", errmsg.str(), CWE686, false);
}
void CheckIO::invalidPrintfArgTypeError_s(const Token* tok, unsigned int numFormat, const ArgumentInfo* argInfo)
@ -1867,7 +1869,7 @@ void CheckIO::invalidPrintfArgTypeError_s(const Token* tok, unsigned int numForm
errmsg << "%s in format string (no. " << numFormat << ") requires \'char *\' but the argument type is ";
argumentType(errmsg, argInfo);
errmsg << ".";
reportError(tok, Severity::warning, "invalidPrintfArgType_s", errmsg.str());
reportError(tok, Severity::warning, "invalidPrintfArgType_s", errmsg.str(), CWE686, false);
}
void CheckIO::invalidPrintfArgTypeError_n(const Token* tok, unsigned int numFormat, const ArgumentInfo* argInfo)
{
@ -1877,7 +1879,7 @@ void CheckIO::invalidPrintfArgTypeError_n(const Token* tok, unsigned int numForm
errmsg << "%n in format string (no. " << numFormat << ") requires \'int *\' but the argument type is ";
argumentType(errmsg, argInfo);
errmsg << ".";
reportError(tok, Severity::warning, "invalidPrintfArgType_n", errmsg.str());
reportError(tok, Severity::warning, "invalidPrintfArgType_n", errmsg.str(), CWE686, false);
}
void CheckIO::invalidPrintfArgTypeError_p(const Token* tok, unsigned int numFormat, const ArgumentInfo* argInfo)
{
@ -1887,7 +1889,7 @@ void CheckIO::invalidPrintfArgTypeError_p(const Token* tok, unsigned int numForm
errmsg << "%p in format string (no. " << numFormat << ") requires an address but the argument type is ";
argumentType(errmsg, argInfo);
errmsg << ".";
reportError(tok, Severity::warning, "invalidPrintfArgType_p", errmsg.str());
reportError(tok, Severity::warning, "invalidPrintfArgType_p", errmsg.str(), CWE686, false);
}
static void printfFormatType(std::ostream& os, const std::string& specifier, bool isUnsigned)
{
@ -1944,7 +1946,7 @@ void CheckIO::invalidPrintfArgTypeError_uint(const Token* tok, unsigned int numF
errmsg << " but the argument type is ";
argumentType(errmsg, argInfo);
errmsg << ".";
reportError(tok, Severity::warning, "invalidPrintfArgType_uint", errmsg.str());
reportError(tok, Severity::warning, "invalidPrintfArgType_uint", errmsg.str(), CWE686, false);
}
void CheckIO::invalidPrintfArgTypeError_sint(const Token* tok, unsigned int numFormat, const std::string& specifier, const ArgumentInfo* argInfo)
@ -1957,7 +1959,7 @@ void CheckIO::invalidPrintfArgTypeError_sint(const Token* tok, unsigned int numF
errmsg << " but the argument type is ";
argumentType(errmsg, argInfo);
errmsg << ".";
reportError(tok, Severity::warning, "invalidPrintfArgType_sint", errmsg.str());
reportError(tok, Severity::warning, "invalidPrintfArgType_sint", errmsg.str(), CWE686, false);
}
void CheckIO::invalidPrintfArgTypeError_float(const Token* tok, unsigned int numFormat, const std::string& specifier, const ArgumentInfo* argInfo)
{
@ -1970,7 +1972,7 @@ void CheckIO::invalidPrintfArgTypeError_float(const Token* tok, unsigned int num
errmsg << "double\' but the argument type is ";
argumentType(errmsg, argInfo);
errmsg << ".";
reportError(tok, Severity::warning, "invalidPrintfArgType_float", errmsg.str());
reportError(tok, Severity::warning, "invalidPrintfArgType_float", errmsg.str(), CWE686, false);
}
void CheckIO::argumentType(std::ostream& os, const ArgumentInfo * argInfo)