Merge pull request #823 from boos/cwe-mapping-12
CWE mapping of signedCharArrayIndex, unknownSignCharArrayIndex, suspiciousCase, suspiciousEqualityComparison, duplicateBranch, duplicateExpressionTernary, suspiciousSemicolon, incompleteArrayFill, redundantPointerOp, unusedLabelSwitch, unusedLabel, unknownEvaluationOrder, stlIfFind, useAutoPointerCopy
This commit is contained in:
commit
b5085db3c8
|
@ -33,11 +33,14 @@ namespace {
|
|||
CheckOther instance;
|
||||
}
|
||||
|
||||
static const struct CWE CWE128(128U); // Wrap-around Error
|
||||
static const struct CWE CWE131(131U); // Incorrect Calculation of Buffer Size
|
||||
static const struct CWE CWE197(197U); // Numeric Truncation Error
|
||||
static const struct CWE CWE362(362U); // Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
|
||||
static const struct CWE CWE369(369U); // Divide By Zero
|
||||
static const struct CWE CWE398(398U); // Indicator of Poor Code Quality
|
||||
static const struct CWE CWE475(475U); // Undefined Behavior for Input to API
|
||||
static const struct CWE CWE482(482U); // Comparing instead of Assigning
|
||||
static const struct CWE CWE561(561U); // Dead Code
|
||||
static const struct CWE CWE563(563U); // Assignment to Variable without Use ('Unused Variable')
|
||||
static const struct CWE CWE570(570U); // Expression is Always False
|
||||
|
@ -47,6 +50,7 @@ static const struct CWE CWE687(687U); // Function Call With Incorrectly Specif
|
|||
static const struct CWE CWE688(688U); // Function Call With Incorrect Variable or Reference as Argument
|
||||
static const struct CWE CWE704(704U); // Incorrect Type Conversion or Cast
|
||||
static const struct CWE CWE758(758U); // Reliance on Undefined, Unspecified, or Implementation-Defined Behavior
|
||||
static const struct CWE CWE768(768U); // Incorrect Short Circuit Evaluation
|
||||
static const struct CWE CWE783(783U); // Operator Precedence Logic Error
|
||||
|
||||
//----------------------------------------------------------------------------------
|
||||
|
@ -244,7 +248,7 @@ void CheckOther::checkSuspiciousSemicolon()
|
|||
void CheckOther::SuspiciousSemicolonError(const Token* tok)
|
||||
{
|
||||
reportError(tok, Severity::warning, "suspiciousSemicolon",
|
||||
"Suspicious use of ; at the end of '" + (tok ? tok->str() : std::string()) + "' statement.", CWE(0U), true);
|
||||
"Suspicious use of ; at the end of '" + (tok ? tok->str() : std::string()) + "' statement.", CWE398, true);
|
||||
}
|
||||
|
||||
|
||||
|
@ -893,7 +897,7 @@ void CheckOther::suspiciousCaseInSwitchError(const Token* tok, const std::string
|
|||
{
|
||||
reportError(tok, Severity::warning, "suspiciousCase",
|
||||
"Found suspicious case label in switch(). Operator '" + operatorString + "' probably doesn't work as intended.\n"
|
||||
"Using an operator like '" + operatorString + "' in a case label is suspicious. Did you intend to use a bitwise operator, multiple case labels or if/else instead?", CWE(0U), true);
|
||||
"Using an operator like '" + operatorString + "' in a case label is suspicious. Did you intend to use a bitwise operator, multiple case labels or if/else instead?", CWE398, true);
|
||||
}
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
|
@ -945,7 +949,7 @@ void CheckOther::checkSuspiciousEqualityComparison()
|
|||
void CheckOther::suspiciousEqualityComparisonError(const Token* tok)
|
||||
{
|
||||
reportError(tok, Severity::warning, "suspiciousEqualityComparison",
|
||||
"Found suspicious equality comparison. Did you intend to assign a value instead?", CWE(0U), true);
|
||||
"Found suspicious equality comparison. Did you intend to assign a value instead?", CWE482, true);
|
||||
}
|
||||
|
||||
|
||||
|
@ -1581,7 +1585,7 @@ void CheckOther::signedCharArrayIndexError(const Token *tok)
|
|||
"Signed 'char' type used as array index.\n"
|
||||
"Signed 'char' type used as array index. If the value "
|
||||
"can be greater than 127 there will be a buffer underflow "
|
||||
"because of sign extension.");
|
||||
"because of sign extension.", CWE128, false);
|
||||
}
|
||||
|
||||
void CheckOther::unknownSignCharArrayIndexError(const Token *tok)
|
||||
|
@ -1591,7 +1595,7 @@ void CheckOther::unknownSignCharArrayIndexError(const Token *tok)
|
|||
"unknownSignCharArrayIndex",
|
||||
"'char' type used as array index.\n"
|
||||
"'char' type used as array index. Values greater that 127 will be "
|
||||
"treated depending on whether 'char' is signed or unsigned on target platform.");
|
||||
"treated depending on whether 'char' is signed or unsigned on target platform.", CWE758, false);
|
||||
}
|
||||
|
||||
void CheckOther::charBitOpError(const Token *tok)
|
||||
|
@ -1856,7 +1860,7 @@ void CheckOther::duplicateBranchError(const Token *tok1, const Token *tok2)
|
|||
reportError(toks, Severity::style, "duplicateBranch", "Found duplicate branches for 'if' and 'else'.\n"
|
||||
"Finding the same code in an 'if' and related 'else' branch is suspicious and "
|
||||
"might indicate a cut and paste or logic error. Please examine this code "
|
||||
"carefully to determine if it is correct.", CWE(0U), true);
|
||||
"carefully to determine if it is correct.", CWE398, true);
|
||||
}
|
||||
|
||||
|
||||
|
@ -2057,7 +2061,7 @@ void CheckOther::duplicateExpressionTernaryError(const Token *tok)
|
|||
{
|
||||
reportError(tok, Severity::style, "duplicateExpressionTernary", "Same expression in both branches of ternary operator.\n"
|
||||
"Finding the same expression in both branches of ternary operator is suspicious as "
|
||||
"the same code is executed regardless of the condition.");
|
||||
"the same code is executed regardless of the condition.", CWE398, false);
|
||||
}
|
||||
|
||||
void CheckOther::selfAssignmentError(const Token *tok, const std::string &varname)
|
||||
|
@ -2381,11 +2385,11 @@ void CheckOther::incompleteArrayFillError(const Token* tok, const std::string& b
|
|||
if (boolean)
|
||||
reportError(tok, Severity::portability, "incompleteArrayFill",
|
||||
"Array '" + buffer + "' might be filled incompletely. Did you forget to multiply the size given to '" + function + "()' with 'sizeof(*" + buffer + ")'?\n"
|
||||
"The array '" + buffer + "' is filled incompletely. The function '" + function + "()' needs the size given in bytes, but the type 'bool' is larger than 1 on some platforms. Did you forget to multiply the size with 'sizeof(*" + buffer + ")'?", CWE(0U), true);
|
||||
"The array '" + buffer + "' is filled incompletely. The function '" + function + "()' needs the size given in bytes, but the type 'bool' is larger than 1 on some platforms. Did you forget to multiply the size with 'sizeof(*" + buffer + ")'?", CWE131, true);
|
||||
else
|
||||
reportError(tok, Severity::warning, "incompleteArrayFill",
|
||||
"Array '" + buffer + "' is filled incompletely. Did you forget to multiply the size given to '" + function + "()' with 'sizeof(*" + buffer + ")'?\n"
|
||||
"The array '" + buffer + "' is filled incompletely. The function '" + function + "()' needs the size given in bytes, but an element of the given array is larger than one byte. Did you forget to multiply the size with 'sizeof(*" + buffer + ")'?", CWE(0U), true);
|
||||
"The array '" + buffer + "' is filled incompletely. The function '" + function + "()' needs the size given in bytes, but an element of the given array is larger than one byte. Did you forget to multiply the size with 'sizeof(*" + buffer + ")'?", CWE131, true);
|
||||
}
|
||||
|
||||
//---------------------------------------------------------------------------
|
||||
|
@ -2511,7 +2515,7 @@ void CheckOther::checkRedundantPointerOp()
|
|||
void CheckOther::redundantPointerOpError(const Token* tok, const std::string &varname, bool inconclusive)
|
||||
{
|
||||
reportError(tok, Severity::style, "redundantPointerOp",
|
||||
"Redundant pointer operation on " + varname + " - it's already a pointer.", CWE(0U), inconclusive);
|
||||
"Redundant pointer operation on " + varname + " - it's already a pointer.", CWE398, inconclusive);
|
||||
}
|
||||
|
||||
void CheckOther::checkInterlockedDecrement()
|
||||
|
@ -2585,11 +2589,11 @@ void CheckOther::unusedLabelError(const Token* tok, bool inSwitch)
|
|||
if (inSwitch) {
|
||||
if (!tok || _settings->isEnabled("warning"))
|
||||
reportError(tok, Severity::warning, "unusedLabelSwitch",
|
||||
"Label '" + (tok ? tok->str() : emptyString) + "' is not used. Should this be a 'case' of the enclosing switch()?");
|
||||
"Label '" + (tok ? tok->str() : emptyString) + "' is not used. Should this be a 'case' of the enclosing switch()?", CWE398, false);
|
||||
} else {
|
||||
if (!tok || _settings->isEnabled("style"))
|
||||
reportError(tok, Severity::style, "unusedLabel",
|
||||
"Label '" + (tok ? tok->str() : emptyString) + "' is not used.");
|
||||
"Label '" + (tok ? tok->str() : emptyString) + "' is not used.", CWE398, false);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -2679,6 +2683,6 @@ void CheckOther::checkEvaluationOrder()
|
|||
void CheckOther::unknownEvaluationOrder(const Token* tok)
|
||||
{
|
||||
reportError(tok, Severity::error, "unknownEvaluationOrder",
|
||||
"Expression '" + (tok ? tok->expressionString() : std::string("x = x++;")) + "' depends on order of evaluation of side effects");
|
||||
"Expression '" + (tok ? tok->expressionString() : std::string("x = x++;")) + "' depends on order of evaluation of side effects", CWE768, false);
|
||||
}
|
||||
|
||||
|
|
|
@ -753,7 +753,7 @@ void CheckStl::if_findError(const Token *tok, bool str)
|
|||
"string. If your intention is to check that there are no findings in the string, "
|
||||
"you should compare with std::string::npos.", CWE597, false);
|
||||
else
|
||||
reportError(tok, Severity::warning, "stlIfFind", "Suspicious condition. The result of find() is an iterator, but it is not properly checked.");
|
||||
reportError(tok, Severity::warning, "stlIfFind", "Suspicious condition. The result of find() is an iterator, but it is not properly checked.", CWE398, false);
|
||||
}
|
||||
|
||||
|
||||
|
@ -1253,8 +1253,8 @@ void CheckStl::autoPointerError(const Token *tok)
|
|||
{
|
||||
reportError(tok, Severity::style, "useAutoPointerCopy",
|
||||
"Copying 'auto_ptr' pointer to another does not create two equal objects since one has lost its ownership of the pointer.\n"
|
||||
"'std::auto_ptr' has semantics of strict ownership, meaning that the 'auto_ptr' instance is the sole entity responsible for the object's lifetime. If an 'auto_ptr' is copied, the source looses the reference."
|
||||
);
|
||||
"'std::auto_ptr' has semantics of strict ownership, meaning that the 'auto_ptr' instance is the sole entity responsible for the object's lifetime. If an 'auto_ptr' is copied, the source looses the reference.",
|
||||
CWE398, false);
|
||||
}
|
||||
|
||||
void CheckStl::autoPointerContainerError(const Token *tok)
|
||||
|
|
Loading…
Reference in New Issue