Commit Graph

11084 Commits

Author SHA1 Message Date
Daniel Marjamäki 1769af4a6c ExprEngine: Passing variable address to function 2019-09-24 19:53:33 +02:00
Daniel Marjamäki ba035074f0 ExprEngine: Extended value truncation 2019-09-24 13:28:14 +02:00
Paul Fultz II 0df4876059 Fix issue 9367: FP knownConditionTrueFalse (#2209) 2019-09-24 08:15:03 +02:00
Daniel Marjamäki c1ff3419a6 ExprEngine: Value truncation 2019-09-23 20:28:12 +02:00
Paul Fultz II 1616282f6b Use fixed number of iterations for valueflow loop (#2205) 2019-09-23 19:35:39 +02:00
Daniel Marjamäki 9025b47f82 ExprEngine: some handling of NULL pointer 2019-09-23 18:10:06 +02:00
Paul Fultz II a903aa7070 Fix issue 9351: false negative: (style) Condition '...' is always true (#2201) 2019-09-23 08:49:04 +02:00
Rikard Falkeborn bb5ac32872 Fix #7031 (improve error message for memory related warnings) (#2204)
Printout both the locations on double free errors, mismatching
alloc/dealloc and dealloc return error.
2019-09-22 21:50:02 +02:00
Daniel Marjamäki 28d13e7567 ExprEngine: Implement basic float handling 2019-09-22 21:14:36 +02:00
Rikard Falkeborn df800e35d4 Fix memleak FP with return with parenthesis (#2202)
* Fix memleak FP with return  with parenthesis

Fix FPs pointed out by daca@home on the following form:

    void* f(void) {
        void* x = malloc(1);
        return(x);
    }

Fix it by only skipping tokens if there is an actual match with a
variable. This allows to remove the special casing of "return;".

* Add testcase with cast
2019-09-22 19:18:31 +02:00
Daniel Marjamäki 6e17853ea9 ExprEngine: Guess function call return value 2019-09-22 16:40:48 +02:00
Daniel Marjamäki 5c07cfd2e8 ExprEngine: Better handling of pointer aliasing 2019-09-22 15:58:55 +02:00
Daniel Marjamäki ec4b7c1f4b ExprEngine: Better handling of pointers 2019-09-22 10:56:57 +02:00
Daniel Marjamäki 7d6fd915be ExprEngine: Better handling of compound assignments 2019-09-21 21:15:51 +02:00
Paul Fultz II c1961cec1c Fix issue 9362: FP: (style) Condition '(v&1)==0' is always false (#2200) 2019-09-21 19:53:54 +02:00
Daniel Marjamäki da91c139d5 ExprEngine: Passing array to function, array data might be overwritten 2019-09-21 19:34:06 +02:00
Rikard Falkeborn 46ac0d79c1 Checkmemleakautovar: fix crash and FP (#2196)
This fixes crashes found by daca where valueType() is NULL. Also,
somewhat related, it removes warnings when casting to a type that is
unknown to cppcheck, for example, there is no longer a warning for the
following code:

	void* f() {
		void *x = malloc(1);
		return (mytype)x;
	}
2019-09-21 14:59:54 +02:00
Daniel Marjamäki b2cab003ff ExprEngine: Fix output for arrays 2019-09-21 14:17:16 +02:00
Daniel Marjamäki 3d0d3ec4c5 ExprEngine: handling array initialization with string literal 2019-09-21 11:36:34 +02:00
Tyson Nottingham d6a70d27c7 Fix false negatives in checkAssignBoolToFloat and minor related improvements (#2198)
* Fix false negatives in checkAssignBoolToFloat

Detect assignments to expressions involving pointer dereferences, array
element accesses, etc.

* Pass assignment token to assignBoolToFloatError

Pass assignment token rather than boolean token to make error reporting
consistent between checkAssignBoolToFloat and checkAssignBoolToPointer,
as well as with other assignment checks in the code base.

* Make checkAssignBoolToPointer check consistent with checkAssignBoolToFloat
2019-09-21 08:24:54 +02:00
Paul Fultz II 40f1635c35 Fix issue 9361: false positive: (style) Condition 'isdigit(c)!=0' is always true (#2199) 2019-09-21 08:19:54 +02:00
Oliver Stöneberg 65d1e90aa3 deleted methods should be public (#2193) 2019-09-20 21:58:09 +02:00
Oliver Stöneberg b5c598cca4 added missing OVERRIDE usage and removed redundant virtual (#2190) 2019-09-20 21:57:16 +02:00
Oliver Stöneberg 9028b4a81d do not access static methods through instance (#2189) 2019-09-20 21:54:30 +02:00
Ken-Patrick Lehrmann 49b7ef84d9 Fix crashes in checkleakautovar (#2195)
Crashes found by daca@home
http://cppcheck1.osuosl.org:8000/crash.html

For instance
```
2019-09-20 16:27
ftp://ftp.se.debian.org/debian/pool/main/n/nedit/nedit_5.7.orig.tar.gz
cppcheck-options: -j1 --library=posix --library=gnu --library=motif -D__GNUC__ --check-library --inconclusive --enable=style,information --platform=unix64 --template=daca2 -rp=temp temp
platform: Linux-4.19.0-6-amd64-x86_64-with-debian-10.1
python: 2.7.16
client-version: 1.1.37
cppcheck: head 1.89
head-info: 38dec6a9a (2019-09-20 16:46:57 +0200)
count: Crash! 934
elapsed-time: -11.0 9.0
head results:
Checking temp/nedit-5.7/source/shell.c: __GNUC__=1...

Program received signal SIGSEGV, Segmentation fault.
0x000055555564b862 in CheckLeakAutoVar::ret (this=0x7fffffffb8c0, tok=0x5555582ea9e0, varInfo=...) at lib/token.h:340
340	        return mImpl->mValueType;
 #0  0x000055555564b862 in CheckLeakAutoVar::ret (this=0x7fffffffb8c0, tok=0x5555582ea9e0, varInfo=...) at lib/token.h:340
 #1  0x0000555555651764 in CheckLeakAutoVar::check (this=0x7fffffffb8c0) at build/checkleakautovar.cpp:714
 #2  0x0000555555652b37 in CheckLeakAutoVar::runChecks (this=<optimized out>, tokenizer=0x7fffffffc3a0, settings=<optimized out>, errorLogger=<optimized out>) at lib/checkleakautovar.h:108
 #3  0x00005555556bc833 in CppCheck::checkNormalTokens (this=0x7fffffffce50, tokenizer=...) at build/cppcheck.cpp:732
 #4  0x00005555556bf694 in CppCheck::checkFile (this=0x7fffffffce50, filename=..., cfgname=..., fileStream=...) at build/cppcheck.cpp:542
 #5  0x00005555556c1cb8 in CppCheck::check (this=this@entry=0x7fffffffce50, path="temp/nedit-5.7/source/shell.c") at /usr/include/c++/8/bits/basic_string.h:936
 #6  0x00005555557fd63f in CppCheckExecutor::check_internal (this=0x7fffffffdbd0, cppcheck=..., argv=<optimized out>) at cli/cppcheckexecutor.cpp:884
 #7  0x00005555557fda92 in CppCheckExecutor::check (this=this@entry=0x7fffffffdbd0, argc=argc@entry=14, argv=argv@entry=0x7fffffffdf58) at cli/cppcheckexecutor.cpp:198
 #8  0x00005555555e6358 in main (argc=14, argv=0x7fffffffdf58) at cli/main.cpp:95

DONE
```
2019-09-20 21:29:17 +02:00
Daniel Marjamäki 6c59957109 ExprEngine: Better handling of conditions 2019-09-20 21:27:51 +02:00
Rikard Falkeborn 007b5d3e8d Fix #9343 (memleak FP when return with cast) (#2162)
This was most likely introduced when the checks were changed to run on
the full tokenlist instead of the simplified one.

Take care to warn about cases where casts destroy the pointer, such as

	uint8_t f() {
		void* x = malloc(1);
		return (uint8_t)x;
	}
2019-09-20 15:09:27 +02:00
Daniel Marjamäki 049f6475ee astyle formatting
[ci skip]
2019-09-20 15:07:27 +02:00
Paul Fultz II ad8abdb0c3 Add impossible values to ValueFlow (#2186)
* Add impossible category

* Replace values

* Try to adjust known values

* Add ! for impossible values

* Add impossible with possible values

* Remove contradictions

* Add values when the branch is not dead

* Only copy possible values

* Dont bail on while loops

* Load std lib in valueflow

* Check for function calls

* Fix stl errors

* Fix incorrect impossible check

* Fix heap-after-use error

* Remove impossible values when they are lowered

* Show the bound and remove overlaps

* Infer conditions

* Dont push pointer values through dynamic_cast

* Add test for dynamic_cast issue

* Add shifttoomanybits test

* Add test for div by zero

* Add a test for issue 9315

* Dont make impossible value inconclusive

* Fix FP with shift operator

* Improve handleKnownValuesInLoop for impossible values

* Fix cppcheck warning

* Fix impossible values for ctu

* Bailout for streams

* Check equality conditions

* Fix overflows

* Add regression test for 9332

* Remove duplicate conditions

* Skip impossible values for invalid value

* Check for null

* Rename bound to range

* Formatting
2019-09-20 15:06:37 +02:00
IOBYTE 8c5cf8c029 Fixed #9046 syntaxError (#2180)
* Fixed #9046 syntaxError

* fix another syntax error

* fix some more syntax errors
2019-09-20 12:35:01 +02:00
Daniel Marjamäki 8fba2af267 Try to make Travis happy 2019-09-20 07:04:58 +02:00
Daniel Marjamäki 6c38b69e11 Rename dataIndex to mDataIndex according to our naming conventions 2019-09-20 06:12:35 +02:00
Oliver Stöneberg de9f489b08 use range loops / constness (#2181)
* use range loops / constness

* platform.cpp: avoid shadowed variable
2019-09-19 20:29:33 +02:00
Daniel Marjamäki 5f0f8afc27 ExprEngine: Print some 'debug' output 2019-09-19 20:18:55 +02:00
Sebastian bf55e835aa
Windows testrunner: Add testexprengine.cpp (#2184)
Add export of executeAllFunctions() in exprengine.h
2019-09-19 19:40:00 +02:00
Daniel Marjamäki 745c91106e Removed unused Data::dump 2019-09-19 09:16:18 +02:00
orbitcowboy b37b0c0f78 Running astyle [ci skip] 2019-09-19 08:03:29 +02:00
amai2012 d97c826319 Compile fix for VisualStudio 2019-09-18 22:07:42 +02:00
amai2012 5355df8b6e Add exprengine.cpp to VisualStudio solution 2019-09-18 21:56:31 +02:00
amai2012 5a6084fbec Map #warning to #pragma message for VisualStudio 2019-09-18 21:50:23 +02:00
Daniel Marjamäki b66d701599 Fix Cppcheck warnings 2019-09-17 22:28:36 +02:00
Daniel Marjamäki 2d651b09fc ExprEngine: Add new experimental path-sensitive data flow analysis. Initially used for 'verification' but could possibly later be used as a complement in the normal analysis. The code is work-in-progress and hacky! 2019-09-17 21:00:59 +02:00
Daniel Marjamäki 033640310b One more fix for #9354 (Unknown macro is not reported and then Cppcheck is silent about issues) 2019-09-15 21:07:20 +02:00
Daniel Marjamäki 742c437953 Fixed #9354 (Unknown macro is not reported and then Cppcheck is silent about issues) 2019-09-13 13:05:48 +02:00
Paul Fultz II 068b0b246c Fix issue 9352: FP constParameter and constVariable for auto& in combination with ternary ?: operator (#2173) 2019-09-13 08:33:30 +02:00
Daniel Marjamäki fc25fe83bd ctu: fixed error locations 2019-09-12 19:20:13 +02:00
Daniel Marjamäki 4e076e1854 Fix travis build 2019-09-12 19:06:57 +02:00
Daniel Marjamäki da363c7d6f Fixed #9349 (FP ctuuninitvar for pointer dereferenced inside sizeof) 2019-09-12 13:29:52 +02:00
Daniel Marjamäki b8e3d3b982 CTU: Add 'column' 2019-09-12 10:46:33 +02:00
Daniel Marjamäki 8855978f8a Import project: Ignoring paths better 2019-09-12 09:32:24 +02:00