Commit Graph

5732 Commits

Author SHA1 Message Date
Daniel Marjamäki 57c2e928d1 ValueFlow: Simple multivariable control flow analysis to avoid FP when 'control variable' is used 2014-08-01 07:35:15 +02:00
PKEuS 95afa51b24 Fixed crash #5991: Don't crash when lambda is incomplete
Fixed crash #6004: Support struct initializations in AST
2014-07-31 23:15:36 +02:00
Daniel Marjamäki 5de1e35350 CheckBufferOverrun: Fixed minsize checking of string literals. Check sizeof string instead of strlen. 2014-07-30 20:35:21 +02:00
Daniel Marjamäki 25846cf223 ValueFlow: Fix for if/else valueflow analysis 2014-07-30 18:12:33 +02:00
Daniel Marjamäki e8451b5d91 add missing flag. this testcase should only run in non-simplified mode. 2014-07-30 12:18:47 +02:00
Daniel Marjamäki 473b1bdb2b Multicondition: Fixed FP when using dynamic_cast 2014-07-30 11:23:09 +02:00
Daniel Marjamäki fdfea717c6 Suspicious string comparison: Refactoring using AST. Fixed FP in Lac. 2014-07-28 14:27:35 +02:00
Robert Reif 90bc59e0fa Fixed #6009 (Detect type mismatch in printf-like function when type is returned) 2014-07-28 09:16:35 +02:00
Daniel Marjamäki 76020d2ad0 astIsFloat: expression 'floatvar ? 0x40 : 0' is not float 2014-07-26 09:09:58 +02:00
Daniel Marjamäki 328cc7b8f5 Fixed #5996 (false positive: Clarify calculation precedence for '+' and '?'.) 2014-07-19 18:29:53 +02:00
Daniel Marjamäki af2b94e322 Fixed #5826 (Change error message for 'throw in destructor' check) 2014-07-19 03:29:50 +02:00
Daniel Marjamäki 2cc31acabb Fixed #5922 (FP: passedByValue for std::string::value_type) 2014-07-18 15:51:59 +02:00
Alexander Mai 55e45add4a Fix compiler warnings 2014-07-17 20:04:56 +02:00
PKEuS 8c96cc59c9 Fixed false positive #5976: Properly handle shift from stream. 2014-07-17 10:03:58 +02:00
Daniel Marjamäki 15bb447fdc Fixed #5965 (False positive zerodiv - loop iterating over double variable) 2014-07-17 08:44:55 +02:00
Daniel Marjamäki 5bdd197b01 Fixed #5981 (FP: nullPointer on repeated switch) 2014-07-16 09:12:56 +02:00
Daniel Marjamäki cb9d67b9ec Fixed #5901 (False positive: (error) Using 'memcpy' with vector of uint8_t items) 2014-07-09 15:00:06 +02:00
Daniel Marjamäki 14def42c99 Fixed #5972 (FP: Buffer is accessed out of bounds) 2014-07-08 16:31:08 +02:00
Daniel Marjamäki 254b6438b9 CheckBufferOverrun::checkStringArgument: sizeof string is strlen+1 2014-07-08 16:04:09 +02:00
Daniel Marjamäki 9a4bd73a18 Fixed unit test 2014-07-08 08:02:02 +02:00
Daniel Marjamäki 987ce5a408 Fixed #5968 (False positive: 'Possible null pointer dereference' when checking null in negated conjuction) 2014-07-07 17:48:58 +02:00
Daniel Marjamäki 3169a2d215 astyle formatting
[ci skip]
2014-07-06 17:50:21 +02:00
amai2012 0ddd7752b5 Avoid crash reported in #5943 (using the example from duplicate ticket #5971)
Replace a few size_t/unsigned int by std::size_t
2014-07-06 14:48:24 +02:00
amai2012 f1bf38004b Fix MSVC compiler warnings 2014-07-06 13:08:22 +02:00
Daniel Marjamäki 0fd334911a Fixed #5257 (Check memcpy size for string literals) 2014-07-06 08:41:39 +02:00
Daniel Marjamäki 53aa2f5982 astyle formatting
[ci skip]
2014-07-06 07:16:28 +02:00
amai2012 77095e2b05 Add some more functions to posix.cfg which allow to enable TestBufferOverrun::buffer_overrun_1_posix_functions
Fix some compiler warnings on MSVC
2014-07-05 22:47:10 +02:00
Daniel Marjamäki a3acc3241e Library: Added <minsize> element used for buffer overrun checking 2014-07-05 20:31:43 +02:00
PKEuS 719304a8fc Added internal check for || and | inside Token::Match patterns. 2014-07-02 15:51:18 +02:00
PKEuS b4f0869a71 Reduced Token::Match complexity, better support for complex patterns 2014-07-02 15:25:41 +02:00
PKEuS 817d32f791 Fixed and cleaned up Token::Match engine 2014-07-02 15:25:19 +02:00
Zachary D. Blair f6523e384b Fixed 4979 (Doesn't allow any ordering of int modifiers) 2014-07-01 23:59:04 -07:00
PKEuS 3d0ebe196b Several improvements to CheckUnusedVar::checkFunctionVariableUsage_iterateScopes():
- Use AST in some places
- Fixed misusage of Token::isStandardType (fixes false negative)
- Removed some redundant conditions
2014-07-02 00:18:40 +02:00
Daniel Marjamäki b7d7633b97 ValueFlow: Improved analysis after switch 2014-06-30 17:56:42 +02:00
Daniel Marjamäki f1762f9ed6 Fixed #5939 (fp: Possible null pointer dereference, after check against NULL in for loop) 2014-06-30 07:26:48 +02:00
Daniel Marjamäki df799f97c5 valueFlowBefore: better analysis of conditional assignment 2014-06-30 00:02:49 +02:00
Daniel Marjamäki 4f43e4f9aa Fixed #5959 (ValueFlow: return value from subfunction) 2014-06-29 18:04:38 +02:00
Daniel Marjamäki 893996d182 Fixed #5937 (ValueFlow: wrong analysis of calculations with different variable operands) 2014-06-29 10:57:39 +02:00
Daniel Marjamäki 41baffdda1 Fixed #5850 (Wrong Message on self assignment) 2014-06-28 15:26:22 +02:00
Daniel Marjamäki ab08883332 Merge pull request #351 from simartin/ticket_5952
Ticket #5952: Simplify redundant parentheses in pointer variable declarations
2014-06-28 12:20:27 +02:00
Daniel Marjamäki 9eaadc81e2 Fixed #5861 (valueFlowSubFunction: fp for float value) 2014-06-28 12:04:20 +02:00
Simon Martin 7b942650c2 Ticket #5952: Simplify redundant parentheses in pointer variable declarations. 2014-06-28 09:36:51 +02:00
Daniel Marjamäki 6c8558c112 CheckBufferOverrun: Removed old for-loop handling. This is handled through ValueFlow from now on. 2014-06-27 06:46:42 +02:00
Alexander Mai b6a40fceb7 Fix some compiler warnings 2014-06-26 20:34:07 +02:00
Daniel Marjamäki 036b2f8ccf CheckBufferOverrun: Added bufferOverrun2 that is based on ValueFlow/SymbolDatabase/Ast from the start. Replaced some old checking. 2014-06-26 17:36:20 +02:00
Daniel Marjamäki 72992c7973 AST: fixed ast for '++i;' 2014-06-26 17:31:57 +02:00
PKEuS ec1bd420a7 Refactorizations optimizing std::string usage:
1) Added global static const std::string emptyString; object:
-> Replaces some static variables in functions which might be not threadsafe
-> Avoids constructor call (std::string::string(""))
-> Even functions that return an empty string in some branches can return by reference now.
Added to config.h to ensure that it is available everywhere

2) Added overloads for TestFixture::assertEquals for the most common use cases:
-> Moves conversion from const char[] to std::string into a function, reducing code duplication in binary.
2014-06-26 11:51:02 +02:00
PKEuS e13de2681e SymbolDatabase: 'const' can't be the name of a variable - fix use after free #5882 2014-06-26 09:19:57 +02:00
PKEuS e80104327a AST: Fixed detection of operator new/delete - don't hang when C code is checked as C++ (#5910) 2014-06-26 09:19:57 +02:00
Daniel Marjamäki 5af96c2dd8 Fixed #5947 (valueFlowForward: forward conditions not handled properly) 2014-06-25 16:00:56 +02:00
orbitcowboy 95c49ec5dc Extended std.cfg about more missing functions. Moved POSIX functions to posix.cfg. Extended posix.cfg about more memory allocating functions. 2014-06-25 12:00:24 +02:00
Daniel Marjamäki c77786a745 valueFlowAfterCondition: wrong analysis for floats 2014-06-25 06:17:44 +02:00
Daniel Marjamäki 54aede9086 Fixed #5941 (ValueFlow: Wrong value in subfunction under ?) 2014-06-24 19:30:46 +02:00
Daniel Marjamäki 1ae6531c4c Fixed #5923 (false positive: (error) Resource leak: fp (static file pointer)) 2014-06-23 16:05:28 +02:00
orbitcowboy f57e875351 Astyle run; Extended std.cfg and avr.cfg about a few more functions. 2014-06-23 11:59:14 +02:00
Daniel Marjamäki f78cbda2db Refactoring: Removed CheckNullPointer::nullPointerByCheckAndDeRef and implemented needed analysis in ValueFlow instead. 2014-06-22 10:02:14 +02:00
Daniel Marjamäki ef81bc363a ValueFlow: analysis in condition. 2014-06-19 17:29:41 +02:00
PKEuS 188f9b4509 Fixed #error handling:
- Reporting them once is enough
- Don't report them if --force is used - since we silently drop these configurations when we check multiple configurations. Without the fix, -f combined with -D resulted in #error being shown erroneously.
- No redundant preprocessor instance to report them
2014-06-18 17:57:31 +02:00
Daniel Marjamäki 13761927ff ValueFlow: better analysis in valueFlowAfterCondition of 'if|while ( %var% )' etc 2014-06-18 06:57:48 +02:00
Daniel Marjamäki 9999ce9468 ValueFlow: extend aftercondition analysis below conditional code 2014-06-18 05:51:23 +02:00
Alexander Mai 2e3f26ba58 Patch from Dmitry-Me: reorder checks so that cheaper ones go first, reuse previously computed values, return early on edge condition 2014-06-16 21:36:31 +02:00
amai2012 c61d2b9f41 #5926 Dangerous iterator comparison using operator< on 'std::deque'.
std::deque features a random access iterator, so warning stlBoundaries
is a false positive
2014-06-16 20:50:47 +02:00
Daniel Marjamäki 847bb44bdd ValueFlow: Improved analysis after condition when ! operator is used 2014-06-16 16:39:41 +02:00
orbitcowboy 76f3f67bcf Fixed fsanitize=undefined: left shift of negative value -10000 in lib/templatesimplifier.cpp. 2014-06-16 10:58:41 +02:00
Daniel Marjamäki 0e971f2979 Merge pull request #341 from simartin/ticket_5268
Ticket #5268: Properly detect function heads when in Tokenizer::simplifyEnum
2014-06-15 18:14:20 +02:00
Daniel Marjamäki cb9725b18a ValueFlow: Fixed testcase 2014-06-15 17:15:09 +02:00
Daniel Marjamäki a27ca11b85 Fixed #5916 (ValueFlow: Add a valueFlowAfterCondition() function) 2014-06-15 16:47:01 +02:00
Simon Martin efb12f0409 Ticket #5268: Properly detect function heads when in Tokenizer::simplifyEnum. 2014-06-15 15:52:58 +02:00
Robert Reif 1f09cb0c30 Fixed #5807 (non virtual dtor in virtual class) 2014-06-14 12:55:20 +02:00
Daniel Marjamäki 17f1841fba Merge pull request #339 from simartin/ticket_5868
Ticket #5868: Ignore variables called like a typedef when substituting typedefs
2014-06-14 12:38:02 +02:00
PKEuS 8b9daadd25 Replaced static variable isCPP in Token (was not threadsafe):
- Encapsulate parameters passed through AST compiler functions in a struct
-> Reduces maintenance overhead when changing them
-> Contains parameter indicating if the file is C or C++
- Added eKeyword Token type (at the moment, only true for C++ keyword "delete", but should be set for other keywords as well)
2014-06-14 10:28:12 +02:00
Simon Martin d588ed49b3 Ticket #5868: Ignore variables called like a typedef when substituing typedefs. 2014-06-14 00:50:14 +02:00
Daniel Marjamäki ad879320e5 ValueFlow: Fixed 'function call => calculation' value flow 2014-06-13 16:34:57 +02:00
Daniel Marjamäki a4a6f3e1be Tokenizer: Removed Tokenizer::simplifyConditionOperator(). Using the AST and ValueFlow, it should be much easier to parse ?: than before. 2014-06-10 19:30:13 +02:00
Daniel Marjamäki 42c3b3c89d Library: Change range operator in validation pattern to ':' 2014-06-08 18:12:11 +02:00
Simon Martin dc12a73987 Ticket #5907: Properly handle extern declarations in Tokenizer::simplifyVarDecl. 2014-06-08 14:59:58 +02:00
Daniel Marjamäki 9e81fa04b2 Library: Added 'podtype' element. Partial fix for #5623 2014-06-08 12:09:00 +02:00
Alexander Mai e1513090e2 #5909 crash: clang: test/Preprocessor/ifdef-recover.c. Avoid segfault in Preprocessor::getcfgs() on invalid code. 2014-06-08 10:02:16 +02:00
Daniel Marjamäki 4c7b0806aa Library: handle validation expression '-1000-0'. Ticket #5847 2014-06-07 16:28:29 +02:00
Alexander Mai 4d5b463613 Fix clang compiler warning in mathlib.cpp and repair test case for #5895 2014-06-07 13:16:02 +02:00
PKEuS 8fe515b929 Improved testing of AST, added unit test for #5787 2014-06-05 17:39:14 +02:00
orbitcowboy 6d0f490138 #5895 - Fixed potential signed integer overflow in Checkother:getvalue. Added regression test. 2014-06-05 16:41:10 +02:00
PKEuS 51f381edf3 Fixed VS warnings 2014-06-04 18:55:29 +02:00
PKEuS 2455b76abd Fixed lots of bugs in the AST:
- Support new and delete
- Properly handle "..."
- References and rValue references as function parameters
- Destructor definitions
2014-06-04 18:47:56 +02:00
PKEuS 26e09ae4a4 Fixes for test suite, added a TODO unit test about bad typedef simplification 2014-06-04 18:46:11 +02:00
PKEuS 39b64ea5fb Simplify rValue reference arguments without name (&& -> & &) 2014-06-04 18:45:56 +02:00
PKEuS 8db0790407 Tokenizer::tokenize() can now be called without AST being created 2014-06-04 18:45:28 +02:00
orbitcowboy 8fe163285f MathLib: Added missing testcase for incdec. 2014-06-04 08:41:30 +02:00
orbitcowboy 60e80b6fb1 Fixed #5885 - fsanitize=undefined: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int' in lib/tokenize.cpp. 2014-05-29 18:25:01 +02:00
orbitcowboy e9144d1a78 Fixed #5890 - crash: wesnoth desktop_util.cpp / unicode.hpp. 2014-05-29 02:58:18 +02:00
Robert Reif e5ae575ace Fixed #5867 (invalid debug warnung: Scope::checkVariable : varid0) 2014-06-02 06:18:32 +02:00
Alexander Mai ad1662a201 #5875 fix 'lib/checksizeof.cpp:142:26: runtime error: member call on null pointer of type 'Token'. Improve error handling in CheckSizeof::checkSizeofForPointerSize() 2014-06-01 22:18:17 +02:00
Pierre Schweitzer 1cf2e36dd5 Add a new test for OpenFile function from windows.cfg.
It is here as a reminder for a TODO. When used with OF_EXIST flag, the function OpenFile doesn't return a handle and thus, doesn't leak any resource.
As cppcheck doesn't support such feature yet, it's added a TODO not to be forgotten for later fix when cppcheck supports this.

Also added a naive check, just to ensure the OpenFile check doesn't get broken when adding support for OF_EXIST.
2014-06-01 00:00:49 +02:00
Martin Ettl af369b4925 astyle run [ci skip] 2014-05-16 23:01:21 +02:00
amai2012 6f31ce334d #5875 Fix 'lib/mathlib.cpp:559:43: runtime error: division by zero'. Several fixes to MathLib::divide(): avoid division by zero, handle various representation of 0 value, use 'nan.' instead of '-nan.0' 2014-05-31 18:25:23 +02:00
amai 98ea1397b3 #5875 clang ubsan errors: lib/checkassignif.cpp:58:34: runtime error: member call on null pointer of type 'Token' 2014-05-31 15:12:04 +02:00
Daniel Marjamäki 66ad3c97b9 Fixed #5857 (strPlusChar: Crash on invalid code 'int+;') 2014-05-31 10:34:00 +02:00
Daniel Marjamäki 70b4c945de Fixed #5874 (False positive: 'opposite conditions in nested if' with arrays) 2014-05-30 19:19:24 +02:00
orbitcowboy 27cee5caa5 Fixed CID 1216439: potential copy&paste error in testing symbol database. 2014-05-28 17:05:42 +02:00
Simon Martin 966491d40b Added a test for out-of-bounds character array access. 2014-05-27 16:21:13 +02:00