From da06c12925d50264b13b5b8b2a4581163f9bc4fd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Marjam=C3=A4ki?= Date: Sat, 21 Mar 2009 18:31:28 +0100 Subject: [PATCH] refactoring error messages --- src/checkdangerousfunctions.cpp | 18 +++++++++++++++--- src/checkdangerousfunctions.h | 9 +++++++++ src/checksecurity.cpp | 26 ++++++++------------------ src/checksecurity.h | 26 ++++++++++++++++++-------- src/errorlogger.h | 20 ++++---------------- test/testsecurity.cpp | 4 ++-- 6 files changed, 56 insertions(+), 47 deletions(-) diff --git a/src/checkdangerousfunctions.cpp b/src/checkdangerousfunctions.cpp index cf5940ddc..f333c160b 100644 --- a/src/checkdangerousfunctions.cpp +++ b/src/checkdangerousfunctions.cpp @@ -53,20 +53,32 @@ void CheckDangerousFunctionsClass::dangerousFunctions() { if (Token::simpleMatch(tok, "mktemp (")) { - _errorLogger->dangerousFunctionmktemp(_tokenizer, tok); + dangerousFunctionmktemp(tok); } else if (Token::simpleMatch(tok, "gets (")) { - _errorLogger->dangerousFunctiongets(_tokenizer, tok); + dangerousFunctiongets(tok); } else if (Token::simpleMatch(tok, "scanf (")) { - _errorLogger->dangerousFunctionscanf(_tokenizer, tok); + dangerousFunctionscanf(tok); } } } //--------------------------------------------------------------------------- +void CheckDangerousFunctionsClass::dangerousFunctionmktemp(const Token *tok) +{ + reportError(tok, "style", "dangerousFunctionmktemp", "Found 'mktemp'. You should use 'mkstemp' instead"); +} +void CheckDangerousFunctionsClass::dangerousFunctiongets(const Token *tok) +{ + reportError(tok, "style", "dangerousFunctiongets", "Found 'gets'. You should use 'fgets' instead"); +} +void CheckDangerousFunctionsClass::dangerousFunctionscanf(const Token *tok) +{ + reportError(tok, "style", "dangerousFunctionscanf", "Found 'scanf'. You should use 'fgets' instead"); +} diff --git a/src/checkdangerousfunctions.h b/src/checkdangerousfunctions.h index f28ca7f33..4ff505564 100644 --- a/src/checkdangerousfunctions.h +++ b/src/checkdangerousfunctions.h @@ -45,6 +45,15 @@ public: /** Check for buffer overruns */ void dangerousFunctions(); + +private: + /** Error Messages.. */ + void dangerousFunctionmktemp(const Token *tok); + void dangerousFunctiongets(const Token *tok); + void dangerousFunctionscanf(const Token *tok); + + + }; //--------------------------------------------------------------------------- diff --git a/src/checksecurity.cpp b/src/checksecurity.cpp index 204c920c3..03084c0ba 100644 --- a/src/checksecurity.cpp +++ b/src/checksecurity.cpp @@ -18,22 +18,8 @@ */ #include "checksecurity.h" -#include "errorlogger.h" -#include "token.h" -#include "tokenize.h" -CheckSecurity::CheckSecurity(const Tokenizer *tokenizer, ErrorLogger *errorLogger) - : _tokenizer(tokenizer), _errorLogger(errorLogger) -{ - -} - -CheckSecurity::~CheckSecurity() -{ - -} - /** * Check that there are input validation when reading number from FILE/stream */ @@ -66,11 +52,11 @@ void CheckSecurity::readnum() for (const Token *tok2 = tok; tok2; tok2 = tok2->next()) { if (Token::Match(tok2, "cin >> %varid%", varId)) - _errorLogger->unvalidatedInput(_tokenizer, tok2); + unvalidatedInput(tok2); if (Token::Match(tok2, "fscanf ( %var% , %str% , %varid%", varId)) - _errorLogger->unvalidatedInput(_tokenizer, tok2); + unvalidatedInput(tok2); if (Token::Match(tok2, "scanf ( %str% , %varid%", varId)) - _errorLogger->unvalidatedInput(_tokenizer, tok2); + unvalidatedInput(tok2); } } } @@ -103,11 +89,15 @@ void CheckSecurity::gui() // Getting the value.. const Token *tok2 = Token::findmatch(tok, (dangerousfunc + " ( " + varname + " .").c_str()); if (tok2) - _errorLogger->unvalidatedInput(_tokenizer, tok2); + unvalidatedInput(tok2); } } } } +void CheckSecurity::unvalidatedInput(const Token *tok) +{ + reportError(tok, "security", "unvalidatedInput", "Unvalidated input"); +} diff --git a/src/checksecurity.h b/src/checksecurity.h index 808b5d8fc..2b6ad5c52 100644 --- a/src/checksecurity.h +++ b/src/checksecurity.h @@ -23,15 +23,26 @@ #define checksecurityH //--------------------------------------------------------------------------- -class ErrorLogger; -class Token; -class Tokenizer; +#include "check.h" -class CheckSecurity +class CheckSecurity : public Check { public: - CheckSecurity(const Tokenizer *tokenizer, ErrorLogger *errorLogger); - ~CheckSecurity(); + /** This constructor is used when registering the CheckClass */ + CheckSecurity() : Check() + { } + + /** This constructor is used when running checks.. */ + CheckSecurity(const Tokenizer *tokenizer, const Settings *settings, ErrorLogger *errorLogger) + : Check(tokenizer, settings, errorLogger) + { } + + void runSimplifiedChecks(const Tokenizer *tokenizer, const Settings *settings, ErrorLogger *errorLogger) + { + CheckSecurity checkSecurity(tokenizer, settings, errorLogger); + checkSecurity.readnum(); + checkSecurity.gui(); + } /** Reading a number from a stream/FILE */ void readnum(); @@ -40,8 +51,7 @@ public: void gui(); private: - const Tokenizer *_tokenizer; - ErrorLogger *_errorLogger; + void unvalidatedInput(const Token *tok); }; //--------------------------------------------------------------------------- diff --git a/src/errorlogger.h b/src/errorlogger.h index b94f7a24d..23ed2ac71 100644 --- a/src/errorlogger.h +++ b/src/errorlogger.h @@ -324,37 +324,25 @@ public: return true; } - void dangerousFunctionmktemp(const Tokenizer *tokenizer, const Token *Location) - { - _writemsg(tokenizer, Location, "style", "Found 'mktemp'. You should use 'mkstemp' instead", "dangerousFunctionmktemp"); - } + static bool dangerousFunctionmktemp(const Settings &s) { return s._checkCodingStyle; } - void dangerousFunctiongets(const Tokenizer *tokenizer, const Token *Location) - { - _writemsg(tokenizer, Location, "style", "Found 'gets'. You should use 'fgets' instead", "dangerousFunctiongets"); - } + static bool dangerousFunctiongets(const Settings &s) { return s._checkCodingStyle; } - void dangerousFunctionscanf(const Tokenizer *tokenizer, const Token *Location) - { - _writemsg(tokenizer, Location, "style", "Found 'scanf'. You should use 'fgets' instead", "dangerousFunctionscanf"); - } + static bool dangerousFunctionscanf(const Settings &s) { return s._checkCodingStyle; } - void unvalidatedInput(const Tokenizer *tokenizer, const Token *Location) - { - _writemsg(tokenizer, Location, "security", "Unvalidated input", "unvalidatedInput"); - } + static bool unvalidatedInput(const Settings &s) { return s._security; diff --git a/test/testsecurity.cpp b/test/testsecurity.cpp index a20025c6e..3ad34b078 100644 --- a/test/testsecurity.cpp +++ b/test/testsecurity.cpp @@ -52,7 +52,7 @@ private: errout.str(""); // Check char variable usage.. - CheckSecurity checkSecurity(&tokenizer, this); + CheckSecurity checkSecurity(&tokenizer, 0, this); checkSecurity.readnum(); } @@ -83,7 +83,7 @@ private: errout.str(""); // Check char variable usage.. - CheckSecurity checkSecurity(&tokenizer, this); + CheckSecurity checkSecurity(&tokenizer, 0, this); checkSecurity.gui(); }