Daniel Marjamäki
1c51fbce7a
astyle formatting
...
[ci skip]
2016-08-01 13:01:01 +02:00
Daniel Marjamäki
8d89eefff9
Merge pull request #815 from boos/cwe-mapping-8
...
CWE mapping of invalidscanf, invalidScanfArgType_s, invalidScanfArgType_int, invalidScanfArgType_float, invalidPrintfArgType_s, invalidPrintfArgType_n, invalidPrintfArgType_p, invalidPrintfArgType_int, invalidPrintfArgType_uint, invalidPrintfArgType_sint, invalidPrintfArgType_float, wrongPrintfScanfParameterPositionError
2016-07-31 14:14:48 +02:00
Roberto Martelloni
9ab4057ddc
CWE mapping of invalidscanf, invalidScanfArgType_s, invalidScanfArgType_int, invalidScanfArgType_float, invalidPrintfArgType_s, invalidPrintfArgType_n, invalidPrintfArgType_p, invalidPrintfArgType_int, invalidPrintfArgType_uint, invalidPrintfArgType_sint, invalidPrintfArgType_float, wrongPrintfScanfParameterPositionError
2016-07-31 10:49:36 +01:00
Robert Reif
768c26805c
Fixed false positive: %Ld in format string (no. 1) requires 'long long' but the argument type is 'long long' ( #7601 ).
2016-07-16 10:33:46 +02:00
Simon Martin
12a298b9cd
Ticket #7445 : Properly represent integer types smaller than int in CheckIO::ArgumentInfo.
2016-05-28 15:36:13 +02:00
PKEuS
373ac52480
Mention exact function name in invalidscanf message ( #5649 )
2016-05-26 21:11:33 +02:00
PKEuS
851c6e0ed5
Improved buffer overflow checking for scanf: %c with a width ( #3494 )
2016-05-22 14:00:26 +02:00
Daniel Marjamäki
dc2a92263a
Fixed #7426 (RFC: time to replace simplifyEnum?)
2016-04-22 06:02:54 +02:00
Daniel Marjamäki
00a584d8d1
astyle formatting
2016-04-22 06:01:34 +02:00
Roberto Martelloni
e89cd1b8a4
CWE mapping of unsafeClassCanLeak, zerodivcond, invalidPointerCast, redundantCopy, redundantAssignment, comparisonFunctionIsAlwaysTrueOrFalse, checkCastIntToCharAndBack, cstyleCast, passedByValue, clarifyCondition, exceptThrowInDestructor, exceptDeallocThrow, exceptRethrowCopy, catchExceptionByValue, fflushOnInputStream, seekOnAppendedFile, publicAllocationError
...
CWE mapping of unsafeClassCanLeak, zerodivcond, invalidPointerCast, redundantCopy, redundantAssignment, comparisonFunctionIsAlwaysTrueOrFalse, checkCastIntToCharAndBack, cstyleCast, passedByValue, clarifyCondition, exceptThrowInDestructor, exceptDeallocThrow, exceptRethrowCopy, catchExceptionByValue, fflushOnInputStream, seekOnAppendedFile, publicAllocationError
2016-04-12 19:29:40 +02:00
PKEuS
6d0c2f7253
Fixed false positive useClosedFile when noreturn function is called ( #7359 )
2016-01-31 10:39:35 +01:00
Daniel Marjamäki
5e10e680da
CWE: refactoring. use constants instead of magic numbers.
2016-01-25 20:01:48 +01:00
Roberto Martelloni
5ce69da02d
Mapped 26 errors to their CWEs ID.
2016-01-24 20:53:05 +00:00
Robert Reif
966d078dcc
CheckIO: Fix FN when using '%x' as format specifier for a 'signed int' variable
2016-01-15 09:29:29 +01:00
Lauri Nurmi
996c9244d8
Update copyright year to 2007-2016.
2016-01-01 15:34:45 +02:00
PKEuS
940d569980
Refactorization: Removed redundant %any% patterns.
2015-12-24 14:40:48 +01:00
PKEuS
8f22e4924c
Updated AStyle to version 2.05.1
...
Tweaked runastyle.bat a little bit.
2015-12-17 15:53:13 +01:00
Alexander Mai
f762affea0
Small refactoring: replace NULL by nullptr, remove redundant static keyword, Tokenizer::setVarId() uses const variable 'notstart'
2015-11-30 22:13:49 +01:00
PKEuS
e8522c7883
Small refactorizations:
...
- #include cleanup
- Use std::array instead of std::vector
- Do not create a stringstream to concatenate 4 strings
- Use std::cout instead of printf
2015-11-29 10:56:44 +01:00
Daniel Marjamäki
0f9d90d2be
Changed Copyrights. Removed my name.
2015-11-18 20:04:50 +01:00
PKEuS
eefea507b9
Use ValueFlow in CheckIO::checkWrongPrintfScanfArguments() ( #6563 )
2015-11-06 09:52:22 +01:00
PKEuS
3971f8625f
Fixed false positive seekOnAppendedFile if FILE* is reused ( #6566 )
2015-10-13 15:32:13 +02:00
Daniel Marjamäki
2c7c6b3e38
CheckIO: Try to use ValueType more
2015-10-11 17:35:54 +02:00
Daniel Marjamäki
37d9a95ef1
CheckIO: Refactoring. Split out CheckIO::checkFormatString() from CheckIO::checkWrongPrintfScanfArguments().
2015-10-10 20:08:15 +02:00
Daniel Marjamäki
6d256b01b6
CheckIO: Use ValueType::Type::LONGDOUBLE type also
2015-10-08 19:52:24 +02:00
Daniel Marjamäki
a500f6f703
Improved handling of 'long double' and address-of in ValueType. Removed Tokenizer::simplifyFloatCasts() to handle float casts better.
2015-10-08 19:50:10 +02:00
Daniel Marjamäki
be72b7413a
ValueType: Handling of originalTypeName
2015-10-07 20:24:17 +02:00
Daniel Marjamäki
604a9acb48
ValueType: Handling constness
2015-10-07 19:08:26 +02:00
Daniel Marjamäki
b77203a277
CheckIO: Handle AST pointer type better
2015-10-05 19:59:15 +02:00
Daniel Marjamäki
b9036c2ca8
AST types: Fix for 'long long' handling
2015-10-05 19:20:42 +02:00
Daniel Marjamäki
bc8f1b972e
CheckIO: Early return
2015-10-05 19:04:29 +02:00
Daniel Marjamäki
8f6bd7fd0d
Fixed #7014 (False positive for printf("%c", "hello"[0]))
2015-10-05 10:12:30 +02:00
Dmitry-Me
aa60358458
Temp variables, better names
2015-09-15 15:34:12 +03:00
PKEuS
ee4a5843bb
Some small refactorizations
2015-08-15 19:46:31 +02:00
PKEuS
4d80df2f4a
Added pointer to Type to Token (similar to Token::Variable() and Token::function()):
...
- Accessible via Token::type()
- Renamed former Token::type() to Token::tokType()
- Removed SymbolDatabase::isClassOrStruct()
2015-08-15 11:19:21 +02:00
PKEuS
b0bf69bae7
Fixed false positive #6763 and reordered conditions
...
Ran AStyle
2015-08-14 12:50:45 +02:00
Daniel Marjamäki
e578988832
invalidScanf: removed the checking for 'scanf crash with huge input data for old glibc'. new systems are not vulnerable to this bug anymore.
2015-08-14 08:03:46 +02:00
Dmitry-Me
d81776b8c8
Avoid deep copying std::string
2015-08-07 17:16:41 +03:00
PKEuS
a0890ecd2c
Fixed false positive: Do not print useClosedFile on arrays ( #6823 )
2015-07-20 22:40:19 +02:00
Alexander Mai
b3c7a3f798
Fix more (potential) multi-threading issues
2015-06-20 22:26:51 +02:00
Alexander Mai
eebb5b8c77
Fix some compiler warnings in checkio.cpp. Fix some (potential) multi-threading issues in checkinternal.cpp
2015-06-17 21:25:15 +02:00
orbitcowboy
06e818f89d
Running astyle, no functional change.
2015-06-17 09:09:23 +02:00
amai2012
33d7631ee3
Fix another Borlad-specific test by setting Windows platform type
...
Refactoring: make CheckIO::ArgumentInfo aware of language (C vs. C++) to perform some optimizations
2015-06-16 23:11:34 +02:00
Alexander Mai
d704e97203
Fix (potential) multi-threading issues by moving static local vars (non-POD-type) to file scope
2015-06-10 21:14:17 +02:00
Alexander Mai
f0bc300198
#6510 False positive performance warning for std::list::size(). Fix this and other similar false positives. Refactoring of Variable::isStlType(), use fail-safe std::set instead of plain array. Run astyle
2015-05-17 20:02:41 +02:00
Daniel Marjamäki
88f59ad7e8
Partial fix for #6656 (Allow that CWE is mapped for error message)
2015-04-25 17:48:11 +02:00
Simon Martin
e5745d7d4a
Restore build with libc++ and revert PR#228 and PR#562.
2015-04-12 20:29:49 +02:00
Matthias Krüger
42f0955e3f
Move more setting checks out of loops and use const bools instead. Reorder a few related checks.
...
Follow up to eedcb6abcb
.
2015-04-10 14:31:19 +02:00
Matthias Krüger
eedcb6abcb
move setting flags checks out of for loops, make them const.
2015-04-07 07:23:28 +02:00
PKEuS
b2835051df
Refactorization: Renamed Token::Match pattern %var% to %name%, implement new pattern %var% which is true if varId > 0.
2015-01-31 12:32:04 +01:00
PKEuS
5c56e63996
Fixed false positive #6452 : Handle member functions in CheckIO::checkFileUsage()
2015-01-27 21:52:52 +01:00
Daniel Marjamäki
228f5960fc
CheckIO: only report warnings when --enable=warning has been used
2015-01-06 15:08:25 +01:00
Thomas Jarosch
1ef1143609
Make local functions static
2015-01-05 01:25:49 +01:00
Daniel Marjamäki
ff11ba9847
Updated copyright year to 2015
2015-01-03 12:14:58 +01:00
Daniel Marjamäki
051d42ae6b
astyle formatting
2014-11-20 14:20:09 +01:00
orbitcowboy
f5d804f71a
running astyle
2014-11-20 10:13:03 +01:00
Alexander Mai
5300ba2074
Make single-argument constructors explicit
2014-11-13 21:39:14 +01:00
Robert Reif
d5908f03b7
Fixed #6226 (false negative: printf format check for user defined array type)
2014-10-20 06:33:36 +02:00
PKEuS
1df1b9c2bd
Fixed #5836 : Make showing $ in stringified tokens optional
2014-09-29 14:50:00 +02:00
Robert Reif
1729ea6f0f
Fixed #6182 (Format specifier check confused by ternary operator)
2014-09-24 16:45:06 +02:00
PKEuS
6f92557478
Use information about pure/leak-ignore from library to improve accuracy of several bailouts
2014-09-11 20:27:07 +02:00
Martin Ettl
8a15486370
Fixed CID-1234716: Dereference after null check in lib/checkio.cpp
2014-09-01 09:00:05 +02:00
PKEuS
e8f7279039
Refactorization: Moved detection of STL strings to SymbolDatabase
2014-09-05 12:03:08 +02:00
PKEuS
a52401cf1b
Fixed some compiler warning about signed/unsigned conversions.
2014-09-02 11:44:51 +02:00
PKEuS
80df3dc642
Disabled several checks and simplifications for C code, if they are C++-only. Do not match arguments for C code, since there can't be overloads.
2014-09-01 18:43:24 +02:00
PKEuS
47764321f2
Several fixes to invalidScanfFormatWidthError():
...
- Different IDs for different messages (#5809 )
- severity is warning, not style, so check _settings->isEnabled() properly
- Removed never shown message text
2014-09-01 09:33:58 +02:00
PKEuS
288c94a47f
Extended Message "fflushOnInputStream" to files opened for reading.
2014-08-31 21:03:33 +02:00
PKEuS
b07f61170d
Changed severity of fflushOnInputStream to portability: The behaviour of fflush(stdin) is defined on Linux.
2014-08-31 20:56:05 +02:00
Dmitry-Me
443e846b2e
Remove duplicate return statements.
2014-08-18 16:02:35 +04:00
Moshe Kaplan
4894d3807d
Improved invalidScanf error message
2014-08-06 06:08:28 +02:00
PKEuS
de66ed4071
Added missing message to --errorlist output, changed Id to avoid duplicate
2014-08-02 20:55:59 +02:00
Robert Reif
90bc59e0fa
Fixed #6009 (Detect type mismatch in printf-like function when type is returned)
2014-07-28 09:16:35 +02:00
Dmitry-Me
07c120f1af
Cache option flags and check them first.
2014-07-23 17:06:27 +04:00
amai2012
9b38ae73c1
Attempt to fix 2 Coverity messages.
...
Replace a few unsigned int by std::size_t
2014-07-07 21:25:30 +02:00
Dmitry-Me
4f21b31004
Use temp variables to simplify code.
2014-07-04 10:56:43 +04:00
Daniel Marjamäki
86ef5f8ae7
CheckIO: Handle library types
2014-06-12 07:01:44 +02:00
Dmitry-Me
6e1568a6db
Simplify code - bail out early, vreak loops early, reorder checks and declarations.
2014-06-09 13:35:30 +04:00
Simon Martin
d2223ce419
Factorize type name equality checks in CheckIO.
2014-05-27 19:20:19 +02:00
PKEuS
8f79dc3ff8
Cleaned up includes and forward declarations in checkers:
...
- Removed definitely unnecessary forward declarations (e.g. "class Token"; token.h is already included by check.h, so a definition is unnecessary)
- Removed unused includes
2014-05-24 12:50:03 +02:00
PKEuS
f7a41057ad
Use AST in CheckIO::checkCoutCerrMisusage() - fixes #3254 .
2014-05-22 20:25:54 +02:00
Robert Reif
888fd44039
Fixed #5609 (Wrong warning: %zu requires 'size_t' - but type is 'std::size_t')
2014-05-04 07:55:23 +02:00
Robert Reif
b0af67f369
Fixed #5486 (false positive: (warning) %zd in format string (no. 1) requires 'ssize_t' but the argument type is 'ssize_t {aka long}'.)
2014-04-10 17:25:11 +02:00
PKEuS
4ad7ef69c6
Updated german translation
...
ran lupdate gui.pro
Reverted accidential change in checkio.cpp
2014-03-28 19:06:48 +01:00
PKEuS
a01bfcb62d
Fixed a few cppcheck messages
2014-03-28 18:55:16 +01:00
Robert Reif
5c88934431
CheckIo: Fixed FIXME
2014-03-19 20:57:33 +01:00
PKEuS
b564986d5d
Added missing casts causing assertion failures on Windows ( #5391 )
...
-> Changed much more occurences, especially in preprocessor.cpp.
2014-03-18 21:41:47 +01:00
PKEuS
3a4b7e5c07
Fixed false positive #5578
2014-03-18 13:44:27 +01:00
PKEuS
86e6bb430a
New check: Warning, if positioning operation (fseek) is performed on a file opened in "a" mode
2014-03-17 11:02:03 +01:00
Thomas Jarosch
93341f4449
Use simple match where possible
...
Fixes these warnings found by "--enable=internal":
[lib/checkclass.cpp:972]: (warning) Found simple pattern inside Token::Match() call: "* *"
[lib/checkbufferoverrun.cpp:635]: (warning) Found simple pattern inside Token::Match() call: "."
[lib/checkbufferoverrun.cpp:1397]: (warning) Found simple pattern inside Token::Match() call: ";"
[lib/checksizeof.cpp:299]: (warning) Found simple pattern inside Token::Match() call: "."
[lib/checksizeof.cpp:301]: (warning) Found simple pattern inside Token::Match() call: ")"
[lib/checksizeof.cpp:303]: (warning) Found simple pattern inside Token::Match() call: "]"
[lib/checksizeof.cpp:318]: (warning) Found simple pattern inside Token::Match() call: ")"
[lib/checknullpointer.cpp:413]: (warning) Found simple pattern inside Token::Match() call: "delete"
[lib/checkio.cpp:1336]: (warning) Found simple pattern inside Token::Match() call: "> ("
[lib/checkstl.cpp:1509]: (warning) Found simple pattern inside Token::findmatch() call: ";"
[lib/checkstl.cpp:1512]: (warning) Found simple pattern inside Token::findmatch() call: ";"
[lib/checkstl.cpp:1594]: (warning) Found simple pattern inside Token::Match() call: "="
[lib/checkstl.cpp:1598]: (warning) Found simple pattern inside Token::Match() call: "] ="
[lib/checkunusedvar.cpp:755]: (warning) Found simple pattern inside Token::Match() call: "goto"
[lib/checkunusedvar.cpp:793]: (warning) Found simple pattern inside Token::Match() call: "="
[lib/checkuninitvar.cpp:376]: (warning) Found simple pattern inside Token::Match() call: "> ("
[lib/checkother.cpp:86]: (warning) Found simple pattern inside Token::Match() call: "> ("
[lib/checkother.cpp:2181]: (warning) Found simple pattern inside Token::Match() call: "> {"
[lib/valueflow.cpp:54]: (warning) Found simple pattern inside Token::Match() call: "&"
[lib/valueflow.cpp:409]: (warning) Found simple pattern inside Token::Match() call: "do"
[lib/valueflow.cpp:425]: (warning) Found simple pattern inside Token::Match() call: ") {"
[lib/valueflow.cpp:487]: (warning) Found simple pattern inside Token::Match() call: ") {"
[lib/valueflow.cpp:511]: (warning) Found simple pattern inside Token::Match() call: "} else {"
[lib/valueflow.cpp:615]: (warning) Found simple pattern inside Token::Match() call: "for ("
[lib/symboldatabase.cpp:80]: (warning) Found simple pattern inside Token::Match() call: "= {"
[lib/symboldatabase.cpp:1069]: (warning) Found simple pattern inside Token::Match() call: "std ::"
[lib/tokenize.cpp:2207]: (warning) Found simple pattern inside Token::Match() call: "< >"
[lib/tokenize.cpp:2730]: (warning) Found simple pattern inside Token::Match() call: ";"
[lib/tokenize.cpp:4234]: (warning) Found simple pattern inside Token::Match() call: "try {"
[lib/tokenize.cpp:4235]: (warning) Found simple pattern inside Token::Match() call: "} catch ("
[lib/tokenize.cpp:5500]: (warning) Found simple pattern inside Token::Match() call: "INT8"
[lib/tokenize.cpp:5752]: (warning) Found simple pattern inside Token::Match() call: "}"
[lib/tokenize.cpp:5752]: (warning) Found simple pattern inside Token::Match() call: "do"
2014-03-14 16:27:47 +01:00
Robert Reif
cb1fc06a80
Fixed #5079 (CheckIO::checkFileUsage doesn't support wide char and microsoft functions)
2014-03-12 19:22:44 +01:00
Lauri Nurmi
70a67eaf85
Change some more 0 literals into nullptr.
2014-02-16 13:38:50 +02:00
Daniel Marjamäki
fd3a8a2a18
Update copyright
2014-02-15 07:45:39 +01:00
Simon Martin
8ff9696374
OSX's compiler supports C++11 but one needs to use GNU's STL to build cppcheck, that does not have cbegin/end.
2014-02-01 07:40:08 +01:00
Lucas Manuel Rodriguez
ad0269eeeb
Refactor checks using Variable::isStlType()
2014-01-30 01:26:48 -03:00
Robert Reif
d679a4c1f7
Fixed #5248 (False positive: Invalid argument in scanf for %zd)
2014-01-14 06:09:13 +01:00
PKEuS
b775714e3d
Moved several hardcoded function names in format string checking into libraries (std.cfg and windows.cfg).
...
Added support for loading a library in test suite.
2014-01-12 03:44:24 -08:00
Robert Reif
cbe3862599
Fixed #5264 (Size specifier in printf functions is wrong for some types)
2014-01-03 15:58:45 +01:00
Robert Reif
0afdbc73da
Fixed #5195 (Crash below CheckIO::checkWrongPrintfScanfArguments())
2013-11-23 08:40:35 +01:00
Martin Ettl
babbee4e73
Fixed typos in comments, no functional changes.
2013-11-09 16:07:28 +01:00
Robert Reif
a6ef3a224a
Fixed #5151 (false negative: improper formatstring - vector::at())
2013-11-08 12:44:05 +01:00