walkero
/
cppcheck
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

refactoring error messages

This commit is contained in:
Daniel Marjamäki 2009-03-21 18:31:28 +01:00
parent 468ed653e2
commit da06c12925
6 changed files with 56 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
src/checkdangerousfunctions.cpp
View File

@ -53,20 +53,32 @@ void CheckDangerousFunctionsClass::dangerousFunctions()
{
if (Token::simpleMatch(tok, "mktemp ("))
{
_errorLogger->dangerousFunctionmktemp(_tokenizer, tok);
dangerousFunctionmktemp(tok);
}
else if (Token::simpleMatch(tok, "gets ("))
{
_errorLogger->dangerousFunctiongets(_tokenizer, tok);
dangerousFunctiongets(tok);
}
else if (Token::simpleMatch(tok, "scanf ("))
{
_errorLogger->dangerousFunctionscanf(_tokenizer, tok);
dangerousFunctionscanf(tok);
}
}
}
//---------------------------------------------------------------------------
void CheckDangerousFunctionsClass::dangerousFunctionmktemp(const Token *tok)
{
reportError(tok, "style", "dangerousFunctionmktemp", "Found 'mktemp'. You should use 'mkstemp' instead");
}
void CheckDangerousFunctionsClass::dangerousFunctiongets(const Token *tok)
{
reportError(tok, "style", "dangerousFunctiongets", "Found 'gets'. You should use 'fgets' instead");
}
void CheckDangerousFunctionsClass::dangerousFunctionscanf(const Token *tok)
{
reportError(tok, "style", "dangerousFunctionscanf", "Found 'scanf'. You should use 'fgets' instead");
}

9
src/checkdangerousfunctions.h
View File

@ -45,6 +45,15 @@ public:
/** Check for buffer overruns */
void dangerousFunctions();
private:
/** Error Messages.. */
void dangerousFunctionmktemp(const Token *tok);
void dangerousFunctiongets(const Token *tok);
void dangerousFunctionscanf(const Token *tok);
};
//---------------------------------------------------------------------------

26
src/checksecurity.cpp
View File

@ -18,22 +18,8 @@
*/
#include "checksecurity.h"
#include "errorlogger.h"
#include "token.h"
#include "tokenize.h"
CheckSecurity::CheckSecurity(const Tokenizer *tokenizer, ErrorLogger *errorLogger)
: _tokenizer(tokenizer), _errorLogger(errorLogger)
{
}
CheckSecurity::~CheckSecurity()
{
}
/**
* Check that there are input validation when reading number from FILE/stream
*/
@ -66,11 +52,11 @@ void CheckSecurity::readnum()
for (const Token *tok2 = tok; tok2; tok2 = tok2->next())
{
if (Token::Match(tok2, "cin >> %varid%", varId))
_errorLogger->unvalidatedInput(_tokenizer, tok2);
unvalidatedInput(tok2);
if (Token::Match(tok2, "fscanf ( %var% , %str% , %varid%", varId))
_errorLogger->unvalidatedInput(_tokenizer, tok2);
unvalidatedInput(tok2);
if (Token::Match(tok2, "scanf ( %str% , %varid%", varId))
_errorLogger->unvalidatedInput(_tokenizer, tok2);
unvalidatedInput(tok2);
}
}
}
@ -103,11 +89,15 @@ void CheckSecurity::gui()
// Getting the value..
const Token *tok2 = Token::findmatch(tok, (dangerousfunc + " ( " + varname + " .").c_str());
if (tok2)
_errorLogger->unvalidatedInput(_tokenizer, tok2);
unvalidatedInput(tok2);
}
}
}
}
void CheckSecurity::unvalidatedInput(const Token *tok)
{
reportError(tok, "security", "unvalidatedInput", "Unvalidated input");
}

26
src/checksecurity.h
View File

@ -23,15 +23,26 @@
#define checksecurityH
//---------------------------------------------------------------------------
class ErrorLogger;
class Token;
class Tokenizer;
#include "check.h"
class CheckSecurity
class CheckSecurity : public Check
{
public:
CheckSecurity(const Tokenizer *tokenizer, ErrorLogger *errorLogger);
~CheckSecurity();
/** This constructor is used when registering the CheckClass */
CheckSecurity() : Check()
{ }
/** This constructor is used when running checks.. */
CheckSecurity(const Tokenizer *tokenizer, const Settings *settings, ErrorLogger *errorLogger)
: Check(tokenizer, settings, errorLogger)
{ }
void runSimplifiedChecks(const Tokenizer *tokenizer, const Settings *settings, ErrorLogger *errorLogger)
{
CheckSecurity checkSecurity(tokenizer, settings, errorLogger);
checkSecurity.readnum();
checkSecurity.gui();
}
/** Reading a number from a stream/FILE */
void readnum();
@ -40,8 +51,7 @@ public:
void gui();
private:
const Tokenizer *_tokenizer;
ErrorLogger *_errorLogger;
void unvalidatedInput(const Token *tok);
};
//---------------------------------------------------------------------------

20
src/errorlogger.h
View File

@ -324,37 +324,25 @@ public:
return true;
}
void dangerousFunctionmktemp(const Tokenizer *tokenizer, const Token *Location)
{
_writemsg(tokenizer, Location, "style", "Found 'mktemp'. You should use 'mkstemp' instead", "dangerousFunctionmktemp");
}
static bool dangerousFunctionmktemp(const Settings &s)
{
return s._checkCodingStyle;
}
void dangerousFunctiongets(const Tokenizer *tokenizer, const Token *Location)
{
_writemsg(tokenizer, Location, "style", "Found 'gets'. You should use 'fgets' instead", "dangerousFunctiongets");
}
static bool dangerousFunctiongets(const Settings &s)
{
return s._checkCodingStyle;
}
void dangerousFunctionscanf(const Tokenizer *tokenizer, const Token *Location)
{
_writemsg(tokenizer, Location, "style", "Found 'scanf'. You should use 'fgets' instead", "dangerousFunctionscanf");
}
static bool dangerousFunctionscanf(const Settings &s)
{
return s._checkCodingStyle;
}
void unvalidatedInput(const Tokenizer *tokenizer, const Token *Location)
{
_writemsg(tokenizer, Location, "security", "Unvalidated input", "unvalidatedInput");
}
static bool unvalidatedInput(const Settings &s)
{
return s._security;

4
test/testsecurity.cpp
View File

@ -52,7 +52,7 @@ private:
errout.str("");
// Check char variable usage..
CheckSecurity checkSecurity(&tokenizer, this);
CheckSecurity checkSecurity(&tokenizer, 0, this);
checkSecurity.readnum();
}
@ -83,7 +83,7 @@ private:
errout.str("");
// Check char variable usage..
CheckSecurity checkSecurity(&tokenizer, this);
CheckSecurity checkSecurity(&tokenizer, 0, this);
checkSecurity.gui();
}