Daniel Marjamäki
e73657b198
Clarify arrayIndexOutOfBounds
2017-05-23 14:58:43 +02:00
Daniel Marjamäki
f7cda81c0c
Refactoring: ValueFlow::Value::errorSeverity() will have the logic if value is 'error' or 'warning'
2017-05-23 11:43:56 +02:00
Daniel Marjamäki
55ae206ecc
ErrorPath: better output
2017-05-19 17:29:16 +02:00
Daniel Marjamäki
c617851567
ErrorLogger: Added ErrorPath where each item has token and info
2017-05-16 22:38:13 +02:00
Daniel Marjamäki
f92e7b3bfc
Emit better errorpath in CheckBufferOverrun::negativeIndexError
2017-05-16 19:08:47 +02:00
Simon Martin
b526fd7c49
Ticket #7964 : Don't crash on valid code using function pointers named strcpy or strcat in main().
2017-04-21 23:36:10 +02:00
PKEuS
b1f4bd7504
Refactorization: Reimplemented Settings::_enabled as a bitfeld instead of std::set ( #7995 )
2017-04-11 11:49:26 +02:00
Matthias Krüger
7d12e1f3a6
valueFlowGetArrayIndexes: convert Token::Match to Token::simpleMatch.
...
The pattern is a sole "[", but since "[" is also used for complexe patterns, the internal check that finds potential simple match patterns bailed out here.
2017-04-09 17:27:46 +02:00
Daniel Marjamäki
633ed23c0d
Fix Cppcheck warnings about mismatching function argument names
2017-04-01 09:31:27 +02:00
Daniel Marjamäki
cc3ef7bbe8
Fix so array access out of bounds for external arrays are detected again
2017-03-30 10:14:17 +02:00
PKEuS
3c8f5b85ae
Refactorization: Allocate Token::_values (ValueFlow information) dynamically, reducing size of each token by around 10%
2017-03-27 18:48:34 +02:00
PKEuS
2938278f00
Refactorization: Store minsizes in vector instead of list which has less overhead
2017-03-27 17:53:43 +02:00
PKEuS
63d39390b4
checkbufferoverrun.cpp: refactorizations
2017-03-27 16:09:51 +02:00
PKEuS
83b1e1c329
CheckBufferOverrun: Refactorizations
...
- Improved/Optimized conditions in checkBufferAllocatedWithStrlen()
- Avoid copying strings for checkScope()
2017-03-27 11:48:34 +02:00
PKEuS
680828788b
Fixed false negative in CheckBufferOverrun::checkInsecureCmdLineArgs(), removed redundant tests
2017-03-27 11:30:07 +02:00
PKEuS
171e1b8244
Fixed false negatives in CheckBufferOverrun::arrayIndexThenCheck()
2017-03-27 11:07:49 +02:00
orbitcowboy
6c71d74563
Cleanup: There is no need to clear a string directly after its creation.
2017-01-16 20:10:28 +01:00
Daniel Marjamäki
f0d91fb74b
Fixed #7869 (False positive: Array index out of bounds)
2016-12-20 22:01:19 +01:00
Daniel Marjamäki
f5ad7482a8
CheckBufferOverrun: Skip warnings about array index out of bounds in unions. Theoretically, the array is at least as large as the biggest union member.
2016-12-18 22:10:30 +01:00
PKEuS
cfac3b457d
Several small refactorizations
2016-12-06 22:12:02 +01:00
Stefan Weil
57b57428c2
Fix some typos in comments (found by codespell)
...
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2016-11-27 11:40:42 +01:00
Daniel Marjamäki
a61f4e9c94
Fixed #7831 (false-positive: terminateStrncpy)
2016-11-24 07:04:58 +01:00
Daniel Marjamäki
4732667488
ValueFlow: allow more value types
2016-11-13 22:33:39 +01:00
Daniel Marjamäki
9ff3e85899
Added --cppcheck-build-dir flag
2016-10-29 12:18:11 +02:00
Daniel Marjamäki
499e52c976
astyle formatting
...
[ci skip]
2016-08-15 18:04:55 +02:00
Roberto Martelloni
41dee04e90
CWE mapping of assignBoolToFloat, strncatUsage, sizeArgumentAsChar, terminateStrncpy, bufferNotZeroTerminated, negativeArraySize, noExplicitConstructor, virtualDestructor
2016-08-14 18:23:41 +01:00
Robert Reif
55b3f0bf38
Fixed #752 (SymbolDatabase: Does not match function if redundant keywords mismatch (C++))
2016-08-04 09:06:32 +02:00
PKEuS
3f4fe8f578
Refactorized CheckBufferOverrun:
...
- Removed redundant code
- Apply non-simplified checking in test suite
2016-07-27 17:28:43 +02:00
PKEuS
9a6569fde1
Always set ErrorMessage::file0 to ensure that the source file that cppcheck is checking when an error occurs can be identified
...
Removed unused function and unused includes from preprocessor.h/cpp
2016-07-26 16:28:40 +02:00
Simon Martin
bae81fba05
Silent clang -Wshadow warning. ( #812 )
...
Add an optional extended description…
2016-07-09 19:07:58 +02:00
PKEuS
44a19b527e
Use ValueFlow and SymbolDatabase to detect buffer overflows with new and malloc, improving support for enums ( #7576 )
2016-07-08 20:53:08 +02:00
PKEuS
644a216394
Fixed two false positives related to char arrays initialized by a literal:
...
- Run check for writing to string literals on non-simplified token list (#7283 )
- Run buffer overrun checking for string literals on non-simplified token list (https://sourceforge.net/p/cppcheck/discussion/general/thread/2c33dfc5/ )
2016-07-07 19:38:15 +02:00
umanamente
0f11007c19
Fixed #7083 (false positive: typedef and initialization with strings)
2016-06-21 22:42:46 +02:00
PKEuS
8c0eab3eb3
Optimization: Improved performance of CheckBufferOverrun::checkScope() when dealing with a large number of arrays ( #5975 )
...
-> checking time decreases from 1010s to 50s on the code snippet in #5975
-> Dropped a garbage code unit test
2016-05-25 14:42:00 +02:00
PKEuS
728d4242dc
Refactorizations in CheckBufferOverrun:
...
- Improved performance of CheckBufferOverrun::checkScope()
- Made some patterns less restrictive
2016-05-25 11:50:34 +02:00
Roberto Martelloni
d3645d874e
Mapped toomanyconfigs ,AssignmentAddressToInteger
...
,AssignmentIntegerToAddress ,CastIntegerToAddressAtReturn
,CastAddressToIntegerAtReturn ,assertWithSideEffect ,assignmentInAssert
,uselessAssignmentArg ,uselessAssignmentPtrArg
,comparisonOfFuncReturningBoolError
,comparisonOfTwoFuncsReturningBoolError ,comparisonOfBoolWithBoolError
,incrementboolean ,comparisonOfBoolWithInt ,compareBoolExpressionWithInt
,negativeIndex ,pointerOutOfBounds ,arrayIndexThenCheck
,possibleBufferAccessOutOfBounds ,argumentSize
,arrayIndexOutOfBoundsCond ,noConstructor ,copyCtorPointerCopying
,noCopyConstructor ,uninitMemberVar ,operatorEqVarError
,unusedPrivateFunction ,memsetClassFloat ,mallocOnClassWarning
,operatorEq ,thisSubtraction ,operatorEqRetRefThis ,operatorEqToSelf
,useInitializationList ,duplInheritedMember ,assignIfError
,comparisonError ,multiCondition ,mismatchingBitAnd
,oppositeInnerCondition ,incorrectLogicOperator ,redundantCondition
,moduloAlwaysTrueFalse to their CWEs ids.
2016-02-26 23:53:52 +00:00
Daniel Marjamäki
cef6b35bb8
Improve MAXTIME handling
2016-02-11 16:10:52 +01:00
Daniel Marjamäki
5e10e680da
CWE: refactoring. use constants instead of magic numbers.
2016-01-25 20:01:48 +01:00
Roberto Martelloni
5ce69da02d
Mapped 26 errors to their CWEs ID.
2016-01-24 20:53:05 +00:00
Daniel Marjamäki
659cd96b03
Fixed #7209 (False positive: Array index used before limits check reported in sizeof)
2016-01-24 14:06:02 +01:00
Dmitry-Me
afe659cc88
This variable type looks very suspicious
2016-01-18 09:52:35 +03:00
Roberto Martelloni
bb6880919c
CWE mapping
2016-01-15 17:07:14 +01:00
Dmitry-Me
26788a1dc1
Remove repeated code, better variable name
2016-01-15 17:20:40 +03:00
Lauri Nurmi
996c9244d8
Update copyright year to 2007-2016.
2016-01-01 15:34:45 +02:00
Dmitry-Me
5cba4ac602
Omit unneeded deep copy
2015-12-23 10:32:59 +03:00
Dmitry-Me
155ccecf2f
Drop useless braces
2015-12-22 10:31:49 +03:00
PKEuS
32e2fb2f78
Refactorization: Prefer Token::simpleMatch over Token::Match also for non-const patterns.
2015-12-03 13:04:55 +01:00
Daniel Marjamäki
9c3f25603e
CheckBufferOverrun: Remove old checking of strings and use new ValueFlow-based checking instead ( #6973 )
2015-11-30 16:36:52 +01:00
PKEuS
ac17541ca9
Refactorizations:
...
- Fixed a few more MSVC warnings by using correct types
- Store severity as enum instead of string in Settings::Rule
2015-11-28 12:30:21 +01:00
Daniel Marjamäki
6b124a37d8
Cleanup some casts
2015-11-28 10:11:07 +01:00
Daniel Marjamäki
0f9d90d2be
Changed Copyrights. Removed my name.
2015-11-18 20:04:50 +01:00
Daniel Marjamäki
5074c11b53
CheckBufferOverrun: Fixed FP when accessing string that contains '\0'. Refactoring address-of.
2015-11-09 10:30:39 +01:00
Daniel Marjamäki
ef5be435c7
Fixed #7113 (False positive arrayIndexOutOfBounds - using pointer alias with cast)
2015-11-08 17:21:32 +01:00
Daniel Marjamäki
fc564d779e
Fixed #7112 (crash: CheckBufferOverrun::checkGlobalAndLocalVariable (invalid code))
2015-11-08 14:21:12 +01:00
Daniel Marjamäki
48da1d5396
Refactoring CheckBufferOverrun
2015-11-08 12:39:08 +01:00
Daniel Marjamäki
7d6e1974eb
Fixed #7104 (False positive arrayIndexOutOfBounds)
2015-11-08 09:30:23 +01:00
Daniel Marjamäki
35ed902e3f
Try to fix crash when using getMaxValue()
2015-11-07 19:59:48 +01:00
Daniel Marjamäki
32627dc558
try to fix internal errors detected by Travis
2015-11-07 19:47:30 +01:00
Daniel Marjamäki
9c7271a5e9
CheckBufferOverrun: The simplifyKnownVariables() has been reduced, use ValueFlow instead
2015-11-07 18:12:01 +01:00
Daniel Marjamäki
d0ab3aea70
CheckBufferOverrun: Minor fixes for strings
2015-11-07 15:05:56 +01:00
Daniel Marjamäki
be7bca385d
avoid some fixes for noisy signedness warnings
2015-10-11 12:50:46 +02:00
Dmitry-Me
139ead15ef
Merge overlapping patterns
2015-09-01 16:17:17 +03:00
PKEuS
ab8afec3eb
Refactorizations:
...
- Avoid unnecessary loop iterations
- Avoid unnecessary condition checking
- Reduced code duplication in symboldatabase.cpp
2015-08-16 14:23:07 +02:00
PKEuS
4d80df2f4a
Added pointer to Type to Token (similar to Token::Variable() and Token::function()):
...
- Accessible via Token::type()
- Renamed former Token::type() to Token::tokType()
- Removed SymbolDatabase::isClassOrStruct()
2015-08-15 11:19:21 +02:00
Daniel Marjamäki
6790d91fbb
Improve error messages for conditional values. make valueFlowSwitchVariable values conditional that depend on the case. Partial fix for #6884 .
2015-07-29 19:54:57 +02:00
Daniel Marjamäki
c5bbea2994
Fixed #6816 (FP: buffer overflow, checkminsizes of array with string value)
2015-07-27 16:39:41 +02:00
Daniel Marjamäki
fef251ac76
negative array size: fixed noise when array is not vla
2015-07-04 09:42:42 +02:00
amai2012
11538c84f6
Refactoring: Distinguish between C and C++ code
...
Refactoring: Replace CheckNonReentrantFunctions::initNonReentrantFunctions by static initialization
2015-06-29 21:17:15 +02:00
Martin Ettl
b8e08ca5d8
Code cleanup.
2015-06-28 19:27:23 +02:00
Martin Ettl
7ff4d10c43
Astyle formatting, no functional changes.
2015-06-28 19:25:13 +02:00
amai2012
5814c3b84c
Fix some compiler warnings with VS
...
Minor refactoring on Windows SEH code.
2015-06-28 19:20:16 +02:00
Alexander Mai
0b225fa02f
2nd attempt to fix crash in CheckUnusedFunctions::check. CheckBufferOverrun::checkBufferAllocatedWithStrlen: Don't check for 'new' in C code.
2015-06-28 18:34:09 +02:00
Alexander Mai
02a3a01eca
Fix compiler warnings
2015-06-28 18:07:31 +02:00
Alexander Mai
2c73518e29
Fix platform-dependent test result, formatting and crash in whole program analysis
2015-06-28 17:54:48 +02:00
Daniel Marjamäki
0ca410a4d7
Fixed #6668 (False positive bufferAccessOutOfBounds on sprintf() - regression)
2015-06-07 14:01:20 +02:00
Martin Ettl
d5d6d7fbb8
Running astyle, no functional changes.
2015-05-29 20:20:05 +02:00
amai2012
5b347c537b
Fix #6720 and #6721 (Crashes on garbage code)
...
Local fixes to avoid access to NULL-token
2015-05-29 19:30:55 +02:00
PKEuS
3ce4e68ca6
Refactorization: Make use of do-loops to avoid redundant Token::Match() calls
2015-05-13 13:40:40 +02:00
Daniel Marjamäki
baa1ae079d
New check: negative size in array declaration. Ticket #1760
2015-05-03 15:00:47 +02:00
Daniel Marjamäki
88f59ad7e8
Partial fix for #6656 (Allow that CWE is mapped for error message)
2015-04-25 17:48:11 +02:00
Matthias Krüger
42f0955e3f
Move more setting checks out of loops and use const bools instead. Reorder a few related checks.
...
Follow up to eedcb6abcb
.
2015-04-10 14:31:19 +02:00
Dmitry-Me
d735918a8a
Constructor parameter type need not be a number
2015-03-25 14:56:45 +03:00
Dmitry-Me
9398fa810b
Avoid value truncation
2015-03-25 10:39:09 +03:00
Dmitry-Me
c9cdba5865
Remove duplicate check
2015-03-24 15:58:03 +03:00
Dmitry-Me
4fcbe00913
Omit unnecessary operations
2015-03-19 15:14:07 +03:00
Dmitry-Me
2b50e73aa9
Misleading comment
2015-03-14 15:18:29 +03:00
PKEuS
cb4bf73749
Merge pull request #530 from Dmitry-Me/doChecksEarlier
...
Don't run the checks which will be silenced later anyway
2015-02-25 19:22:00 +01:00
Dmitry-Me
938b84903f
Remove redundant casts
2015-02-24 15:15:22 +03:00
Dmitry-Me
24d2b0368f
Don't run the checks which will be silenced later anyway
2015-02-24 10:20:43 +03:00
Dmitry-Me
19d05979ee
Remove C4189 in release builds
2015-02-20 11:00:34 +03:00
Alexander Mai
6a7605271a
Fix compiler warning. Add interfaces of POSIX passwd.h and pwd.h to posix.cfg
2015-02-18 20:56:44 +01:00
Daniel Marjamäki
2d21eb07ba
Cleaned up snprintf hardcoding in CheckBufferOverrun
2015-02-13 06:44:38 +01:00
Daniel Marjamäki
9aad4fa8ca
CheckBufferOverrun: Remove hardcoding for sprintf and rely on cfg configuration instead
2015-02-12 17:29:36 +01:00
Daniel Marjamäki
a24cbc448a
CheckBufferOverrun: loop through all arguments in checkFunctionCall
2015-02-11 16:24:25 +01:00
Daniel Marjamäki
d9deabe2ce
TestBufferOverrun: clean up
2015-02-10 17:29:36 +01:00
PKEuS
18b0e14590
Refactorizations: Fixed a pattern in checkbufferoverrun.cpp, simplified one in checkclass.cpp
2015-01-31 12:32:05 +01:00
PKEuS
b2835051df
Refactorization: Renamed Token::Match pattern %var% to %name%, implement new pattern %var% which is true if varId > 0.
2015-01-31 12:32:04 +01:00
PKEuS
03e44d4aa0
CheckMemoryLeakInFunction: Don't treat delete as delete operator for C code
...
Fixed GCC message in checkbufferoverrun.cpp
2015-01-30 20:55:53 +01:00
PKEuS
98e33a189f
Enhanced CheckBufferOverrun:
...
- Fixed bug in library: manual and existing libraries use "size", but library.cpp reads "sizeof" as podtype attribute
- Fixed a couple of bugs in handling unknown size in checkbufferoverrun.cpp, get size from library if available.
2015-01-30 20:27:48 +01:00
Dmitry-Me
e7bb43fc6b
Cache and reuse token pointer
2015-01-27 10:23:58 +03:00