29a5404d1e
Incomplete statement: Fix FP for 'ar & x'
2019-03-31 11:50:57 +02:00
73433c2961
Syntax error: Clarify a syntax error in audacity
2019-03-31 10:46:59 +02:00
b30d463baf
Fix wrong syntax error
2019-03-31 09:34:19 +02:00
c5807459f9
CheckBufferOverrun: Add check for pointer arithmetics
2019-03-31 09:00:52 +02:00
51b64191e5
Fixed slow checking in FwdAnalysis
...
Credit to OSS-Fuzz for reporting this!
2019-03-30 14:22:24 +01:00
b0c58f2b10
Fixed #9000 (SymbolDatabase: lambda scope)
2019-03-30 10:32:36 +01:00
fe285f1df3
Fixed #9055 (SymbolDatabase: second argument is missing in the symbol database)
2019-03-30 07:44:36 +01:00
d88ee2d6a2
Fixed #9070 (Segmentation fault in TemplateSimplifier::simplifyTemplateAliases (scram package)) ( #1771 )
...
This only fixes the crash. It does not fix the underlying problem of
template using with templates of templates causing the use of deleted
instantiations.
2019-03-30 06:53:17 +01:00
d233b56d58
Fix #9079 (make checkcfg crashes on Linux) ( #1769 )
...
temp.bufferSizeArg2 was not initialized when only bufferSizeArg1
was specified or the value was out of range. But in valueflow.cpp in
valueFlowDynamicBufferSize() it was used as if it is always initialized
and has a sane value (greater than 0).
2019-03-30 05:58:23 +01:00
b5a285319c
Fixed #9073 (Segmentation fault in Token::isUnaryOp() with ode)
2019-03-29 19:37:23 +01:00
54bea2847a
STL: Better out of bounds checking for empty containers when index is unknown
2019-03-29 15:20:17 +01:00
3c30d274a0
Clarify STL out of bounds warning message
2019-03-29 11:13:25 +01:00
e88a0c00c1
Fixed #9039 (STL: array index out of bounds: str.begin() + 1)
2019-03-28 12:49:52 +01:00
22f01f035c
Fixed #9042 (Another `using BOOL` type breach) ( #1765 )
2019-03-27 21:42:50 +01:00
0f6a90c595
Fixed #9069 (crash on invalid code: ' x= y{ } name5 ')
...
Credit to OSS-Fuzz for reporting this!
2019-03-27 18:17:11 +01:00
4a45655bc2
astyle formatting
...
[ci skip]
2019-03-27 18:15:12 +01:00
574b77cf1f
Fixed: FP return reference to thread_local variable ( #1758 )
2019-03-27 12:22:53 +01:00
88dc74929a
Add defines set by compiler options when using compilation database ( #1763 )
...
* Add defines set by compiler options when using compilation database
sets __cplusplus and __STDC_VERSION__ based on -std and the defines for -municode, -fpie, -fPIE, -fpic and -fPIC
* Fixed merge
2019-03-27 10:23:04 +01:00
c77f31319d
Fix crash when checking re2c textfile
2019-03-26 20:51:41 +01:00
7c6f21a158
astyle formatting
2019-03-26 20:51:04 +01:00
c262aeffdd
Fixed #9068 (crash on invalid code)
2019-03-26 19:57:32 +01:00
ce11778a20
fixed parsing of -std= in compilation database
2019-03-26 19:02:08 +01:00
29815b2dd8
Fix #8922 (SIGSEGV below exprDependsOnThis - stack overflow?) ( #1761 )
...
This limits the recursion depth as a last line of defense to avoid stack
overflows when there are really huge arrays.
See https://trac.cppcheck.net/ticket/8922
2019-03-26 18:57:01 +01:00
15676612c0
Fixed #9034 (crash on reading invalid code: '> typedef')
2019-03-26 16:14:24 +01:00
5b72e1f568
Fixed #9040 (Type alias 'BOOL' declared with 'using' keyword breaks type detection) ( #1759 )
...
Moved simplifyUsing from TemplateSimplifier to Tokenizer.
2019-03-26 07:09:56 +01:00
49e2f9d551
Fixed #9063 (Crash on invalid code: x='0' ++ '0' ( return)[ ];)
2019-03-25 15:29:23 +01:00
10fcf731d9
Fixed #9021 (template simplifier: crash in simplifyCalculations) ( #1757 )
2019-03-25 14:56:51 +01:00
b6faa11fbf
Fixed #9056 ("using namespace" inside namespace causes "SymbolDatabase bailout;) ( #1753 )
...
Fixed the bailout warning and one of the varid bugs.
The trailing return type still has a varid.
2019-03-24 17:31:34 +01:00
7995b2fb86
getArguments: Avoid too deep recursion in array initialization
2019-03-24 11:51:28 +01:00
e0f1418228
Fixed #9034 (Tokenizer::setVarId: function call parameter is not variable declaration)
2019-03-24 07:06:21 +01:00
18aa968a7a
Astyle formatting
2019-03-23 19:03:57 +01:00
5126e4b1af
Try to fix Visual Studio compiler error
2019-03-23 19:02:05 +01:00
418eb43d45
Fixed #9032 (False-positive detection of reassigned value before used for pointer parameter)
2019-03-23 19:01:02 +01:00
d82c792c1b
astyle formatting
2019-03-23 19:00:03 +01:00
a9082c902a
Fixed #9058 (crash on invalid code in FwdAnalysis::checkRecursive)
2019-03-23 18:27:41 +01:00
d6b806c592
CheckBufferOverrun: Better CTU checking when variable address is passed
2019-03-23 15:57:17 +01:00
d27a4ad82e
CheckBufferOverrun: Fix ctu checking
2019-03-23 15:26:13 +01:00
9653760547
CheckBufferOverrun: Improved CTU analysis for array
2019-03-23 11:20:35 +01:00
40af889df0
Fixed #9053 (simplifyTypedef: wrong simplification of '(const d)' when 'd' is a array) ( #1751 )
...
* Fixed #9053 (simplifyTypedef: wrong simplification of '(const d)' when 'd' is a array)
* fix whitespace
2019-03-23 10:45:38 +01:00
7c7ee66cf9
Fix crash in TemplateSimplifier::TokenAndName::TokenAndName in case of template constexpr ( #1748 )
...
This is not propper solution. This change just eliminates crash and logs error.
https://trac.cppcheck.net/ticket/9046
2019-03-23 10:42:41 +01:00
a135683d2f
Refactoring; Renamed CWE786 and CWE788
2019-03-23 08:41:20 +01:00
15fc9a622d
CheckBufferOverrun: Add CTU analysis
2019-03-23 08:36:10 +01:00
91138578cc
Fix 9052: Crash: SIGSEGV in Token::previous (this=0x0) while checking mariadb-10.0
2019-03-22 01:56:09 +01:00
55433fce40
Library: added bufferSize parameters
2019-03-20 19:26:57 +01:00
14528bcf25
Library: allowed values for the buffer-size attribute: malloc/calloc/strdup
2019-03-20 06:46:55 +01:00
031362ae01
CheckBufferOverrun: Fix false positive
2019-03-19 21:07:08 +01:00
6cbe818f1a
Fix uninitialized variable usage
2019-03-19 13:17:27 +01:00
a0e58f0039
Revert "Revert "CheckBufferOverrun: Handle multidimensional arrays""
...
This reverts commit 9d1755f449
2019-03-19 13:16:22 +01:00
9d1755f449
Revert "CheckBufferOverrun: Handle multidimensional arrays"
...
This reverts commit e98a4a6f14
2019-03-19 13:13:29 +01:00
e98a4a6f14
CheckBufferOverrun: Handle multidimensional arrays
2019-03-19 09:29:32 +01:00
774464eabb
Fix issue 8996: False positive duplicateCondition
...
This fixes issue 8996 by improving the alias checking by using lifetime analysis. It also extends the lifetime checker to handle constructors and initializer lists for containers and arrays.
2019-03-19 06:25:10 +01:00
794f65bac1
Handle prefixed strings and characters in Token ( #1742 )
...
This makes it possible to call getStrLength() and similar functions
before the tokenizer is called.
2019-03-18 06:18:25 +01:00
b53a2e5dc4
CheckBufferOverrun: restore minsize code
2019-03-17 20:34:49 +01:00
03f8535c71
Better multiline warning when there is buffer overflow
2019-03-17 20:12:02 +01:00
3c85d8a8ac
ValueFlow: Better info for buffer size values
2019-03-17 19:02:36 +01:00
19e9e42dd7
Library: Enhance minsize configuration and allow simple values. ( #1736 )
...
Some POSIX and Windows functions require buffers of at least some
specific size. This is now possible to configure via for example this
minsize configuration: `<minsize type="value" value="26"/>`.
The range for valid buffer size values is 1 to LLONG_MAX
(9223372036854775807)
2019-03-17 14:22:26 +01:00
0771929518
Buffer overflow: Handling of dynamically allocated buffer
2019-03-17 13:40:56 +01:00
92f4113b59
Array index: Checking array index out of bounds for dynamic buffers
2019-03-17 13:09:15 +01:00
18668a52b9
Library: Added buffer-size attribute for <alloc>
2019-03-17 10:55:15 +01:00
a3257349b9
astyle formatting
...
[ci skip]
2019-03-17 10:50:06 +01:00
c7155a8e08
Removed '--experimental-fast' flag
2019-03-17 08:19:56 +01:00
b0c92c1ac1
CheckNullPointer: Use library instead of hardcoding
2019-03-17 07:37:38 +01:00
87fe5c060e
Refactoring of Null Pointer Checker
2019-03-16 21:21:30 +01:00
d0c1632b51
Fix CheckBufferOverrun::array_index_12 when compiling with VS
2019-03-16 19:41:13 +01:00
3dc34f1515
Disable all simplified checks
2019-03-16 09:17:50 +01:00
0e88a17aca
CheckInternal: Use 'normal' checking
2019-03-16 08:51:33 +01:00
f40a80c349
Use 'normal' checking instead of 'simplified'
2019-03-16 07:19:48 +01:00
a2a216bbe3
SymbolDatabase: Improved handling of 'normal' non simplified token list
2019-03-15 19:00:42 +01:00
92485245ce
Restore severity for 'autoVariables'
2019-03-15 15:13:11 +01:00
08d41ab8af
Load std.cfg before all other libraries ( #1740 )
...
- CLI: Save the libraries that should be loaded to a list and load them
after the std.cfg has been loaded.
- GUI: Load std.cfg (and windows.cfg / posix.cfg when applicable) before
setting other options and loading the other libraries.
In the project-file-dialog the std.cfg is searched first. If some
other library fails to load is is retried with first loading std.cfg.
- boost.cfg: Enable containers that depend on std containers.
2019-03-15 06:59:37 +01:00
3615eac347
Move useStlAlgorithm to normal checking ( #1741 )
2019-03-15 06:15:56 +01:00
a1ade2dd7d
Refactoring: Use range for
2019-03-14 19:57:58 +01:00
56c47fc6ed
Refactoring: use continue
2019-03-14 19:53:45 +01:00
3656f1ae4f
Auto variables: Fix false negatives for normal tokens
2019-03-14 13:51:35 +01:00
6eeee743d2
Auto variables: Minor cleanup
2019-03-14 06:41:11 +01:00
b984897526
ValueFlow: Fix sizeof for array of library type
2019-03-13 18:31:41 +01:00
2ecfae0a98
CheckBufferOverrun: the bufferNotZeroTerminated did not work well, hide that for now
2019-03-13 06:45:01 +01:00
81a1d744c6
CheckBufferOverrun: fix FP for array definition of static class member
2019-03-13 06:39:09 +01:00
67e8b99c2c
CheckBufferOverrun: Readd a check for strncpy/memcpy/etc
2019-03-12 21:15:26 +01:00
2a00667609
CheckBufferOverrun: cleanup
2019-03-12 18:58:14 +01:00
11e32ff445
ValueFlow: Handle compound assignments in execute()
2019-03-12 18:53:58 +01:00
0c08f6db6c
CheckBufferOverrun: Use AST to lookup array
2019-03-12 06:46:38 +01:00
4ababeb704
Fix 'make checkcfg'
2019-03-11 21:39:39 +01:00
ea23033a65
Array index out of bounds: Fix false positive
2019-03-11 20:33:08 +01:00
7b17b33a49
ValueFlow: fix handling of sizeof(*p)
2019-03-11 20:32:24 +01:00
17253cdb55
buffer overflow: Fix false positive
2019-03-11 19:40:17 +01:00
bd048085bd
Add CheckBufferOverrun::arrayIndexThenCheck
2019-03-11 19:20:06 +01:00
a933261e14
Add message id arrayIndexOutOfBoundsCond
2019-03-11 19:12:03 +01:00
0721c9f7f0
Running astyle [ci skip].
2019-03-11 15:32:30 +01:00
729f57d8f1
Start a major rewrite of CheckBufferOverrun. For now only the 'array index' and 'buffer overflow' checks are rewritten.
...
There are important TODOs still; for instance adding CTU support using our CTU infrastructure, add handling of pointers (maybe I'll use FwdAnalysis for this), add handling of multidimensional arrays, etc..
2019-03-11 12:34:33 +01:00
34711bcb93
Remove unused functions
2019-03-11 12:23:22 +01:00
df8cfe2fc6
Travis: Fix Cppcheck warning
2019-03-10 12:24:41 +01:00
6a3dd9a185
Handle concatenated string and char literals
...
This handles concatenated strings and characters from simplecpp.
Previously, L'c' would be preprocessed to the tokens "L" and "'c'".
cppcheck would then remove the "L" token and set "'c'" to be a wide
character literal. Now, it needs to remove the prefix instead.
When doing this, add handling of utf32 encoded literals (U) and UTF-8
encoded literals (u8).
2019-03-10 10:38:50 +01:00
3eb5de756c
Buffer overrun: Refactorings; use range for loops and write in message
2019-03-09 22:19:09 +01:00
4ce6de39c5
CheckCondition: Moved checks to 'normal'
2019-03-09 22:00:59 +01:00
ea9b2032c1
CheckClass: Moved checks to 'normal'
2019-03-09 21:38:36 +01:00
69c05acd3b
CheckBoost: Use 'normal' checking
2019-03-09 20:00:31 +01:00
5a42c54d0f
CheckBool: Use normal checking
2019-03-09 19:16:07 +01:00
ac42382cd9
Rewrite CheckBool::checkAssignBoolToPointer to use ValueType
2019-03-09 19:15:06 +01:00
e17ddfd964
Changed AST for variable declarations with initializations
2019-03-09 19:09:15 +01:00
Daniel Marjamäki
IOBYTE
Sebastian
Frank Zingsheim
Oliver Stöneberg
Pavol Misik
Paul Fultz II
Rikard Falkeborn
orbitcowboy