walkero
/
cppcheck
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Refactoring; CWEs should be clarified

This commit is contained in:
Daniel Marjamäki 2020-01-01 09:09:10 +01:00
parent 28c37bb63f
commit b44029cdaa
4 changed files with 23 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
lib/checknullpointer.cpp
View File

@ -40,9 +40,6 @@ namespace {
CheckNullPointer instance; CheckNullPointer instance;
} }
static const CWE CWE476(476U); // NULL Pointer Dereference
static const CWE CWE682(682U); // Incorrect Calculation
//--------------------------------------------------------------------------- //---------------------------------------------------------------------------
static bool checkNullpointerFunctionCallPlausibility(const Function* func, unsigned int arg) static bool checkNullpointerFunctionCallPlausibility(const Function* func, unsigned int arg)
@ -487,14 +484,14 @@ void CheckNullPointer::nullPointerError(const Token *tok, const std::string &var
const std::string errmsgdefarg("$symbol:" + varname + "\nPossible null pointer dereference if the default parameter value is used: $symbol"); const std::string errmsgdefarg("$symbol:" + varname + "\nPossible null pointer dereference if the default parameter value is used: $symbol");
if (!tok) { if (!tok) {
reportError(tok, Severity::error, "nullPointer", "Null pointer dereference", CWE476, false); reportError(tok, Severity::error, "nullPointer", "Null pointer dereference", CWE_NULL_POINTER_DEREFERENCE, false);
reportError(tok, Severity::warning, "nullPointerDefaultArg", errmsgdefarg, CWE476, false); reportError(tok, Severity::warning, "nullPointerDefaultArg", errmsgdefarg, CWE_NULL_POINTER_DEREFERENCE, false);
reportError(tok, Severity::warning, "nullPointerRedundantCheck", errmsgcond, CWE476, false); reportError(tok, Severity::warning, "nullPointerRedundantCheck", errmsgcond, CWE_NULL_POINTER_DEREFERENCE, false);
return; return;
} }
if (!value) { if (!value) {
reportError(tok, Severity::error, "nullPointer", "Null pointer dereference", CWE476, inconclusive); reportError(tok, Severity::error, "nullPointer", "Null pointer dereference", CWE_NULL_POINTER_DEREFERENCE, inconclusive);
return; return;
} }
@ -504,9 +501,9 @@ void CheckNullPointer::nullPointerError(const Token *tok, const std::string &var
const ErrorPath errorPath = getErrorPath(tok, value, "Null pointer dereference"); const ErrorPath errorPath = getErrorPath(tok, value, "Null pointer dereference");
if (value->condition) { if (value->condition) {
reportError(errorPath, Severity::warning, "nullPointerRedundantCheck", errmsgcond, CWE476, inconclusive || value->isInconclusive()); reportError(errorPath, Severity::warning, "nullPointerRedundantCheck", errmsgcond, CWE_NULL_POINTER_DEREFERENCE, inconclusive || value->isInconclusive());
} else if (value->defaultArg) { } else if (value->defaultArg) {
reportError(errorPath, Severity::warning, "nullPointerDefaultArg", errmsgdefarg, CWE476, inconclusive || value->isInconclusive()); reportError(errorPath, Severity::warning, "nullPointerDefaultArg", errmsgdefarg, CWE_NULL_POINTER_DEREFERENCE, inconclusive || value->isInconclusive());
} else { } else {
std::string errmsg; std::string errmsg;
errmsg = std::string(value->isKnown() ? "Null" : "Possible null") + " pointer dereference"; errmsg = std::string(value->isKnown() ? "Null" : "Possible null") + " pointer dereference";
@ -517,7 +514,7 @@ void CheckNullPointer::nullPointerError(const Token *tok, const std::string &var
value->isKnown() ? Severity::error : Severity::warning, value->isKnown() ? Severity::error : Severity::warning,
"nullPointer", "nullPointer",
errmsg, errmsg,
CWE476, inconclusive || value->isInconclusive()); CWE_NULL_POINTER_DEREFERENCE, inconclusive || value->isInconclusive());
} }
} }
@ -590,7 +587,7 @@ void CheckNullPointer::pointerArithmeticError(const Token* tok, const ValueFlow:
Severity::error, Severity::error,
"nullPointerArithmetic", "nullPointerArithmetic",
errmsg, errmsg,
CWE682, CWE_INCORRECT_CALCULATION,
inconclusive); inconclusive);
} }
@ -608,7 +605,7 @@ void CheckNullPointer::redundantConditionWarning(const Token* tok, const ValueFl
Severity::warning, Severity::warning,
"nullPointerArithmeticRedundantCheck", "nullPointerArithmeticRedundantCheck",
errmsg, errmsg,
CWE682, CWE_INCORRECT_CALCULATION,
inconclusive); inconclusive);
} }
@ -681,7 +678,7 @@ bool CheckNullPointer::analyseWholeProgram(const CTU::FileInfo *ctu, const std::
warning ? Severity::warning : Severity::error, warning ? Severity::warning : Severity::error,
"Null pointer dereference: " + unsafeUsage.myArgumentName, "Null pointer dereference: " + unsafeUsage.myArgumentName,
"ctunullpointer", "ctunullpointer",
CWE476, false); CWE_NULL_POINTER_DEREFERENCE, false);
errorLogger.reportErr(errmsg); errorLogger.reportErr(errmsg);
foundErrors = true; foundErrors = true;

18
lib/checkuninitvar.cpp
View File

@ -48,12 +48,6 @@ namespace {
//--------------------------------------------------------------------------- //---------------------------------------------------------------------------
// CWE ids used:
static const struct CWE CWE476(476U); // NULL Pointer Dereference
static const struct CWE CWE676(676U);
static const struct CWE CWE908(908U);
static const struct CWE CWE825(825U);
// get ast parent, skip possible address-of and casts // get ast parent, skip possible address-of and casts
static const Token *getAstParentSkipPossibleCastAndAddressOf(const Token *vartok, bool *unknown) static const Token *getAstParentSkipPossibleCastAndAddressOf(const Token *vartok, bool *unknown)
{ {
@ -1297,19 +1291,18 @@ bool CheckUninitVar::isMemberVariableUsage(const Token *tok, bool isPointer, All
void CheckUninitVar::uninitstringError(const Token *tok, const std::string &varname, bool strncpy_) void CheckUninitVar::uninitstringError(const Token *tok, const std::string &varname, bool strncpy_)
{ {
reportError(tok, Severity::error, "uninitstring", "$symbol:" + varname + "\nDangerous usage of '$symbol'" + (strncpy_ ? " (strncpy doesn't always null-terminate it)." : " (not null-terminated)."), CWE676, false); reportError(tok, Severity::error, "uninitstring", "$symbol:" + varname + "\nDangerous usage of '$symbol'" + (strncpy_ ? " (strncpy doesn't always null-terminate it)." : " (not null-terminated)."), CWE_USE_OF_POTENTIALLY_DANGEROUS_FUNCTION, false);
} }
void CheckUninitVar::uninitdataError(const Token *tok, const std::string &varname) void CheckUninitVar::uninitdataError(const Token *tok, const std::string &varname)
{ {
reportError(tok, Severity::error, "uninitdata", "$symbol:" + varname + "\nMemory is allocated but not initialized: $symbol", CWE908, false); reportError(tok, Severity::error, "uninitdata", "$symbol:" + varname + "\nMemory is allocated but not initialized: $symbol", CWE_USE_OF_UNINITIALIZED_VARIABLE, false);
} }
void CheckUninitVar::uninitvarError(const Token *tok, const std::string &varname, ErrorPath errorPath) void CheckUninitVar::uninitvarError(const Token *tok, const std::string &varname, ErrorPath errorPath)
{ {
errorPath.emplace_back(tok, ""); errorPath.emplace_back(tok, "");
reportError(errorPath, Severity::error, "uninitvar", "$symbol:" + varname + "\nUninitialized variable: $symbol", CWE908, false); reportError(errorPath, Severity::error, "uninitvar", "$symbol:" + varname + "\nUninitialized variable: $symbol", CWE_USE_OF_UNINITIALIZED_VARIABLE, false);
// reportError(tok, Severity::error, "uninitvar", "$symbol:" + varname + "\nUninitialized variable: $symbol", CWE908, false);
} }
void CheckUninitVar::uninitStructMemberError(const Token *tok, const std::string &membername) void CheckUninitVar::uninitStructMemberError(const Token *tok, const std::string &membername)
@ -1317,7 +1310,7 @@ void CheckUninitVar::uninitStructMemberError(const Token *tok, const std::string
reportError(tok, reportError(tok,
Severity::error, Severity::error,
"uninitStructMember", "uninitStructMember",
"$symbol:" + membername + "\nUninitialized struct member: $symbol", CWE908, false); "$symbol:" + membername + "\nUninitialized struct member: $symbol", CWE_USE_OF_UNINITIALIZED_VARIABLE, false);
} }
static bool isLeafDot(const Token* tok) static bool isLeafDot(const Token* tok)
@ -1452,7 +1445,8 @@ bool CheckUninitVar::analyseWholeProgram(const CTU::FileInfo *ctu, const std::li
Severity::error, Severity::error,
"Using argument " + unsafeUsage.myArgumentName + " that points at uninitialized variable " + functionCall->callArgumentExpression, "Using argument " + unsafeUsage.myArgumentName + " that points at uninitialized variable " + functionCall->callArgumentExpression,
"ctuuninitvar", "ctuuninitvar",
CWE908, false); CWE_USE_OF_UNINITIALIZED_VARIABLE,
false);
errorLogger.reportErr(errmsg); errorLogger.reportErr(errmsg);
foundErrors = true; foundErrors = true;

6
lib/errorlogger.h
View File

@ -40,6 +40,12 @@ struct CWE {
unsigned short id; unsigned short id;
}; };
// CWE list: https://cwe.mitre.org/data/published/cwe_v3.4.1.pdf
static const struct CWE CWE_USE_OF_UNINITIALIZED_VARIABLE(457U);
static const struct CWE CWE_NULL_POINTER_DEREFERENCE(476U);
static const struct CWE CWE_USE_OF_POTENTIALLY_DANGEROUS_FUNCTION(676U);
static const struct CWE CWE_INCORRECT_CALCULATION(682U);
static const struct CWE CWE_EXPIRED_POINTER_DEREFERENCE(825U);
class Token; class Token;

2
lib/exprengine.cpp
View File

@ -1848,7 +1848,7 @@ void ExprEngine::runChecks(ErrorLogger *errorLogger, const Tokenizer *tokenizer,
dataBase->addError(tok->linenr()); dataBase->addError(tok->linenr());
std::list<const Token*> callstack{tok}; std::list<const Token*> callstack{tok};
ErrorLogger::ErrorMessage errmsg(callstack, &tokenizer->list, Severity::SeverityType::error, "verificationUninit", "Cannot determine that '" + tok->expressionString() + "' is initialized", CWE(908), false); ErrorLogger::ErrorMessage errmsg(callstack, &tokenizer->list, Severity::SeverityType::error, "verificationUninit", "Cannot determine that '" + tok->expressionString() + "' is initialized", CWE_USE_OF_UNINITIALIZED_VARIABLE, false);
errorLogger->reportErr(errmsg); errorLogger->reportErr(errmsg);
}; };
#endif #endif