walkero
/
cppcheck
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

add CERT STR03-C check (#1898) 

* add CERT STR03-C check

* fix cert test
This commit is contained in:
fuzzelhjb 2019-06-24 18:41:43 +02:00 committed by Daniel Marjamäki
parent 0d76d078e2
commit f36d671bc5
2 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
addons/cert.py
View File

@ -231,6 +231,17 @@ def msc30(data):
if simpleMatch(token, "rand ( )") and isStandardFunction(token): if simpleMatch(token, "rand ( )") and isStandardFunction(token):
reportError(token, 'style', 'Do not use the rand() function for generating pseudorandom numbers', 'MSC30-c') reportError(token, 'style', 'Do not use the rand() function for generating pseudorandom numbers', 'MSC30-c')
# STR03-C
# Do not inadvertently truncate a string
def str03(data):
for token in data.tokenlist:
if not isFunctionCall(token, 'strncpy'):
continue
arguments = cppcheckdata.getArguments(token)
if len(arguments)!=3:
continue
if arguments[2].str=='(' and arguments[2].astOperand1.str=='sizeof':
reportError(token, 'style', 'Do not inadvertently truncate a string', 'STR03-C')
# STR05-C # STR05-C
# Use pointers to const when referring to string literals # Use pointers to const when referring to string literals
@ -283,6 +294,7 @@ for arg in sys.argv[1:]:
exp42(cfg) exp42(cfg)
exp46(cfg) exp46(cfg)
int31(cfg, data.platform) int31(cfg, data.platform)
str03(cfg)
str05(cfg) str05(cfg)
str07(cfg) str07(cfg)
msc30(cfg) msc30(cfg)

9
addons/test/cert-test.c
View File

@ -61,6 +61,15 @@ void msc30()
int a = rand; int a = rand;
} }
void str03()
{
char *string_data=(char*)malloc(16);
char a[16];
int d;
strncpy(a, string_data, sizeof(a)); //cert-STR03-C
strncpy(a, string_data, 5); d=sizeof(int);
}
void str05() void str05()
{ {
char *str1 = "abc"; //cert-STR05-C char *str1 = "abc"; //cert-STR05-C