From e510902d58f0b7c6076ecc93cb7f57365deb0ff0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Marjam=C3=A4ki?= Date: Sat, 14 Feb 2015 17:30:08 +0100 Subject: [PATCH] TestBufferOverrun cleanup some more std.cfg testing --- test/testbufferoverrun.cpp | 94 ++++++++++++++------------------------ 1 file changed, 34 insertions(+), 60 deletions(-) diff --git a/test/testbufferoverrun.cpp b/test/testbufferoverrun.cpp index 945db5102..57dd32872 100644 --- a/test/testbufferoverrun.cpp +++ b/test/testbufferoverrun.cpp @@ -2590,76 +2590,50 @@ private: } void buffer_overrun_readSizeFromCfg() { + Settings settings; + const char xmldata[] = "\n" + "\n" + " \n" + " \n" + " false\n" + " \n" + " \n" + " \n" + " \n" + " \n" + ""; + tinyxml2::XMLDocument doc; + doc.Parse(xmldata, sizeof(xmldata)); + settings.library.load(doc); + // Attempt to get size from Cfg files, no false positives if size is not specified - checkstd("void f() {\n" - " uint8_t str[256];\n" - " str[0] = 0;\n" - " strcat(str, \"toto\");\n" - "}"); + check("void f() {\n" + " u8 str[256];\n" + " mystrcpy(str, \"abcd\");\n" + "}", settings); ASSERT_EQUALS("", errout.str()); - checkstd("void f() {\n" - " uint8_t str[2];\n" - " str[0] = 0;\n" - " strcat(str, \"toto\");\n" - "}"); - ASSERT_EQUALS("[test.cpp:4]: (error) Buffer is accessed out of bounds: str\n", errout.str()); - - checkstd("void f() {\n" - " int_fast8_t str[256];\n" - " str[0] = 0;\n" - " strcat(str, \"toto\");\n" - "}"); - ASSERT_EQUALS("", errout.str()); + check("void f() {\n" + " u8 str[2];\n" + " mystrcpy(str, \"abcd\");\n" + "}", settings); + ASSERT_EQUALS("[test.cpp:3]: (error) Buffer is accessed out of bounds: str\n", errout.str()); // The same for structs, where the message comes from a different check - checkstd("typedef struct mystruct_s {\n" - " uint8_t str[256];\n" - "} mystruct_t;\n" - "void f() {\n" - " mystruct_t ms;\n" - " ms.str[0] = 0;\n" - " strcat((char*)ms.str, \"toto\");\n" - "}"); + check("void f() {\n" + " struct { u8 str[256]; } ms;\n" + " mystrcpy(ms.str, \"abcd\");\n" + "}", settings); ASSERT_EQUALS("", errout.str()); - checkstd("typedef struct mystruct_s {\n" - " uint8_t str[2];\n" - "} mystruct_t;\n" - "void f() {\n" - " mystruct_t ms;\n" - " ms.str[0] = 0;\n" - " strcat((char*)ms.str, \"toto\");\n" - "}"); - ASSERT_EQUALS("[test.cpp:7]: (error) Buffer is accessed out of bounds: ms.str\n", errout.str()); - - checkstd("typedef struct mystruct_s {\n" - " int_fast8_t str[256];\n" - "} mystruct_t;\n" - "void f() {\n" - " mystruct_t ms;\n" - " ms.str[0] = 0;\n" - " strcat((char*)ms.str, \"toto\");\n" - "}"); - ASSERT_EQUALS("", errout.str()); + check("void f() {\n" + " struct { u8 str[2]; } ms;\n" + " mystrcpy(ms.str, \"abcd\");\n" + "}", settings); + ASSERT_EQUALS("[test.cpp:3]: (error) Buffer is accessed out of bounds: ms.str\n", errout.str()); } void valueflow_string() { // using ValueFlow string values in checking - checkstd("void f() {\n" - " char buf[3];\n" - " const char *x = s;\n" - " if (cond) x = \"abcde\";\n" - " strcpy(buf,x);\n" // <- buffer overflow when x is "abcde" - "}"); - ASSERT_EQUALS("[test.cpp:5]: (error) Buffer is accessed out of bounds: buf\n", errout.str()); - - checkstd("void f() {\n" - " const char *x = s;\n" - " if (cond) x = \"abcde\";\n" - " memcpy(buf,x,20);\n" // <- buffer overflow when x is "abcde" - "}"); - ASSERT_EQUALS("[test.cpp:4]: (error) Buffer is accessed out of bounds.\n", errout.str()); - check("char f() {\n" " const char *x = s;\n" " if (cond) x = \"abcde\";\n"