Commit Graph

273 Commits

Author SHA1 Message Date
Thomas Jarosch abd2525339 Fixed #3161 (Show buffers size info for snprintf() buffer overruns) 2011-10-05 20:17:57 +02:00
Robert Reif 65b0fb4519 fix #3153 (false positive buffer access out-of-bounds) 2011-09-30 17:28:59 -04:00
Robert Reif ac070b90f2 fix for loop false positives when zero length arrays present 2011-09-22 21:23:40 -04:00
Robert Reif b349d36c50 fix #3124 (FP: Buffer access out-of-bounds when memset two dimension array (a[5][6])) 2011-09-19 20:32:50 -04:00
Robert Reif 3f517b5f23 partial fix for #2960 (false negative: buffer access out of bounds) 2011-09-11 21:51:05 -04:00
Robert Reif 40009d091d add multi-dimension array support to second checkScope and use it for member arrays 2011-09-11 20:42:57 -04:00
Robert Reif 0d6592dd2e use correct checkScope function in CheckBufferOverrun for single dimension member arrays 2011-09-11 19:21:13 -04:00
Robert Reif 19928e26d1 refactor to unify functionally identical code in CheckBufferOverrun::checkScope() 2011-09-11 14:00:53 -04:00
Robert Reif e18fe56d56 refactor CheckBufferOverrun to only use multi-dimension array error messages and remove single dimension array message 2011-09-11 09:54:26 -04:00
Robert Reif a9b4e21f60 refactor CheckBufferOverrun::checkScope to take an ArrayInfo parameter 2011-09-10 11:21:52 -04:00
Robert Reif 547a79d4fe calculate array size for variable length structures with array at end in CheckBufferOverrun::checkStructVariable() when possible 2011-09-10 10:14:32 -04:00
Robert Reif b0eab2587d better detection of variable sized structure in CheckBufferOverrun::checkStructVariable() 2011-09-09 08:37:24 -04:00
Robert Reif 27bfa2a346 fix some CheckBufferOverrun::checkStructVariable() flase negatives for possible variable length structs 2011-09-09 07:46:06 -04:00
Robert Reif 16924c7c7a fix #3094 (Buffer access out-of-bounds in struct variable) 2011-09-09 07:16:39 -04:00
Robert Reif 812a17f294 fix one of the TODO testcases added for #3094 (Buffer access out-of-bounds in struct variable) 2011-09-08 22:44:25 -04:00
Robert Reif cbbdd55177 fix some -Wconversion -Wsign-conversion warnings in checkbufferoverrun.cpp 2011-09-05 19:02:26 -04:00
Robert Reif 7451c5cece warn when buffer is not zero terminated after memmove 2011-09-05 15:59:41 -04:00
Robert Reif f5d71d1ac5 warn when buffer is not zero terminated after memcpy 2011-09-05 15:41:37 -04:00
Robert Reif 3c8988e7a5 warn when buffer is not zero terminated after strncpy 2011-09-05 15:19:38 -04:00
Robert Reif fe85b8779e fix #2528 (false negative: buffer access out of bounds) 2011-09-04 21:39:52 -04:00
Robert Reif 50688b28fd fix #2889 (false negative: buffer access out of bounds on local struct member) 2011-09-04 19:54:57 -04:00
Robert Reif e782d98241 final fix for #3063 (false negative: multi dimensional arrays not well supported) 2011-09-03 21:51:00 -04:00
Robert Reif 7cb5c97e7d move member variable lookup code from a check to the symbol database so it can be reused by other checks 2011-09-03 12:22:13 -04:00
Daniel Marjamäki d23c58d387 enable: break out 'performance' and 'portability' from the 'style' id. Ticket: #3074 2011-09-03 15:30:30 +02:00
Robert Reif d749e28dc0 another partial fix for #3063 (false negative: multi dimensional arrays not well supported) 2011-09-02 21:07:29 -04:00
Robert Reif d85410de8c partial fix for #3063 (false negative: multi dimensional arrays not well supported) 2011-09-02 19:35:09 -04:00
Daniel Marjamäki ef30da51bf Fixed #3034 (Cppcheck crash on specific file (truecrypt).) 2011-08-29 19:16:52 +02:00
Robert Reif d643397a7e better message for strncpy zero-terminated check 2011-08-28 09:06:51 -04:00
Robert Reif 8c093d0f8a refactor CheckBufferOverrun::checkScope strncpy check and change experimental to inconclusive 2011-08-27 21:18:39 -04:00
Robert Reif 9539d22a1a partial fix for #3050 (strncpy zero termination check behaving flaky) 2011-08-25 23:48:32 -04:00
Robert Reif 6e78b51071 make all functions that call reportError names in checkbufferoverrun end in Error for consisentcy 2011-08-24 07:11:39 -04:00
Robert Reif 8c1efe9bb6 improve message for #3035 (false negative: strcpy(dst, src) where src is bigger than dst) 2011-08-21 15:18:41 -04:00
Robert Reif 67e8731a96 partial fix for #3035 (false negative: strcpy(dst, src) where src is bigger than dst) 2011-08-21 14:44:55 -04:00
Robert Reif a30da73d3e fix #2986 (segmentation fault of cppcheck ( x[y] )) 2011-08-09 19:45:18 -04:00
Daniel Marjamäki e2367b4149 Fixed #2976 (False positive: array out of bounds) 2011-08-08 18:22:15 +02:00
Daniel Marjamäki 999b80bbb8 Buffer overrun: Fix false negative 2011-08-07 17:54:25 +02:00
Kimmo Varis cfcfa3f000 Use "enabled" list for the style checking.
Settings-class currently enables style checking via dedicated
boolean attribute. All other CLI's enable-options are handled
through the enable-list. This commit moves style-check enabling
to use the enable-list.

Main advantage is the consistency how options are handled/stored
in the Settings class. Which also unifies using them for the other
code. You need to enable certain type of checks? Use the
addEnabled()-method. You want to check if certain type of checks
are enabled? Use the isEnabled()-method.
2011-08-07 10:28:52 +03:00
Daniel Marjamäki fd7e085c9d Array index out of bounds: prevent false positive when a dimension for an array is unknown 2011-08-05 13:08:48 +02:00
Daniel Marjamäki 0186fc0650 tweaked the error message somewhat for id arrayIndexThenCheck 2011-08-05 09:10:07 +02:00
Daniel Marjamäki ceb763f57a Fixed #2956 (False negative: read array and then immediately check the index 'str[i] && i<sizeof(str)') 2011-08-04 11:15:14 +02:00
Daniel Marjamäki 3cfef6285c Fixed #2920 (False positive: Array 'arr[0]' index 0 out of bounds (array size and index are unknown)) 2011-07-20 07:57:42 +02:00
Daniel Marjamäki 7dcb68f5a4 CheckBufferOverrun: Detect overflows when buffer is allocated with alloca 2011-07-17 09:35:51 +02:00
Daniel Marjamäki e597ad72e7 Fixed #2841 (False positive: Array index out of bounds, can't compare ints to chars) 2011-06-29 18:44:05 +02:00
Robert Reif 93495613dd replace some pattern matching with variable lookup in checkGlobalAndLocalVariable 2011-06-24 08:02:41 -04:00
Robert Reif 65ecbfd4ff fix an off by 1 error introduced in 48e6ea271a that prevented checking all variables 2011-06-23 22:31:16 -04:00
Robert Reif a87fb388e3 use symbol database to lookup variable type for buffer overrun checks 2011-06-22 23:11:17 -04:00
Robert Reif 48e6ea271a start using symbol database array info for buffer overrun checks 2011-06-22 22:44:11 -04:00
Robert Reif dac826d0ac use a more conventional technique for accessing ArrayInfo private variables 2011-06-22 20:35:58 -04:00
Daniel Marjamäki af7c97f972 Fixed #1684 (false positive: buffer access out of bounds when using extern variable declaration) 2011-05-07 11:34:48 +02:00
Daniel Marjamäki e5d43d4ed2 Renamed Settings::stupid to Settings::experimental 2011-04-10 15:55:08 +02:00
Daniel Marjamäki 30ee9ba6e4 Added Settings::stupid flag that can be used to hide checking that generates false positives. 2011-04-10 13:23:45 +02:00
Daniel Marjamäki bd93997e4f Refactoring: Use %op% instead of Token::isOp in CheckBufferOverrun 2011-04-09 18:37:03 +02:00
Daniel Marjamäki f6d910ab3d Refactoring: Use Token::isOp 2011-04-09 15:54:36 +02:00
Daniel Marjamäki 0d3874693a Buffer overrun: broke out duplicate code 2011-04-04 17:33:43 +02:00
Stefan Weil 675e63b6a7 Spell checks 2011-03-30 16:45:31 +02:00
Daniel Marjamäki 07fe361964 Fixed #2638 (Tokenizer::setVarId : varid is wrongly given when unknown macro is used) 2011-03-13 17:52:45 +01:00
Daniel Marjamäki bea3875386 Fixed #2607 (segmentation fault of cppcheck ( struct C {} {} x)) 2011-03-09 21:00:28 +01:00
Daniel Marjamäki bf2362d558 Fixed #2634 (False positive: buffer access out of bounds) 2011-03-08 19:49:56 +01:00
Daniel Marjamäki bfe28d3b26 Fixed #2597 (False positive: Buffer access out-of-bounds for u_char, uint*_t, ...) 2011-02-20 21:24:57 +01:00
Robert Reif e6eb160395 fix [B#2589 (segmentation fault of cppcheck (struct B : A)) 2011-02-19 14:38:00 -05:00
Daniel Marjamäki 518a495334 Fixed #2576 (False positive: (error) Buffer access out-of-bounds) 2011-02-12 18:34:12 +01:00
Daniel Marjamäki 318f2e8a57 Fixed #2561 (False positive on array index when using conditional operator) 2011-02-12 11:31:10 +01:00
Daniel Marjamäki 08811c8179 CheckBufferOverrun: Refactoring. Broke out checkScope code for parsing 'for' bodies 2011-02-10 21:56:06 +01:00
Raphael Geissert f8e2d50e6f Use Token::simpleMatch where no special patterns are needed 2011-02-02 13:27:02 -06:00
Raphael Geissert 8d5863133c Use Token::simpleMatch where no patterns are used 2011-02-02 13:27:01 -06:00
Raphael Geissert cf2b6f7bc1 Remove useless spacing at the end of *Match strings 2011-02-02 13:27:01 -06:00
Daniel Marjamäki 9d3b242cd8 Fixed #1952 (false negative: buffer acces out of bounds with memcpy) 2011-01-22 21:31:26 +01:00
Reijo Tomperi 226b605774 Change year 2010 -> 2011 in license texts. 2011-01-09 21:33:36 +02:00
Daniel Marjamäki 79ef02812d Fixed #2211 (false negative: buffer access out of bounds for(int i=0; i !=6;i++)) 2011-01-09 18:51:28 +01:00
Daniel Marjamäki 04a117938d Buffer overrun: Added comments 2011-01-06 13:02:21 +01:00
Kimmo Varis b750a52f6d Improve strncat 3rd parameter usage warning message.
See forum thread:
https://sourceforge.net/apps/phpbb/cppcheck/viewtopic.php?f=3&t=192
2011-01-04 23:17:44 +02:00
Daniel Marjamäki c2a194ead0 Fixed #2393 (Token::Match called with varid 0) 2011-01-04 18:34:51 +01:00
Daniel Marjamäki 97f7a36e91 Buffer overruns: Added comments 2011-01-02 14:16:58 +01:00
Daniel Marjamäki 4ec9d418ff Fixed #2215 (Improve check: Writing outside malloc bounds not detected) 2011-01-01 20:56:21 +01:00
Daniel Marjamäki 04eb9cf305 Fixed #2378 (Refactoring: create utility function that skips redundant if/for/while) 2010-12-31 18:07:46 +01:00
Daniel Marjamäki ed6c76ce04 Fixed #2385 (False positive: array index out of bounds) 2010-12-31 17:43:38 +01:00
Daniel Marjamäki d8f241e033 gcc: fixed -Wconversion errors 2010-12-31 09:51:27 +01:00
Daniel Marjamäki fa3853803b gcc: fixed -Wconversion warnings 2010-12-31 09:30:56 +01:00
Daniel Marjamäki bdf0cb7115 Fixed #2370 (false negative: Buffer access out-of-bounds (for with if, no break)) 2010-12-28 20:46:31 +01:00
Daniel Marjamäki 6aa400fd80 Buffer overrun: UB when pointer arithmetic result points out of bounds. Ticket #1774 2010-12-26 21:23:28 +01:00
Daniel Marjamäki 8247270f35 Fixed #2328 (false positive: buffer overrun (for loop with a break => the end value is not reached)) 2010-12-19 10:39:43 +01:00
Daniel Marjamäki f6c00fc478 Fixed #2323 (false positive: Buffer access out of bounds) 2010-12-18 10:54:36 +01:00
vBm 46a11183a5 Fixed some spelling mistakes 2010-12-15 18:45:53 +01:00
Daniel Marjamäki 5ce63a1df0 Fixed #2292 (segmentation fault with cppcheck 1.46 with --errorlist) 2010-12-13 18:17:33 +01:00
Robert Reif 6c719c5806 Symbol database: removed unnecessary null pointer checks 2010-12-07 07:07:07 +01:00
Daniel Marjamäki 9d9a5b0623 VS: Fixed compiler warnings. Ticket: #2200 2010-11-21 11:48:27 +01:00
Daniel Marjamäki cda44e0c39 VS: Fixed compiler warnings 2010-11-20 11:48:03 +01:00
Daniel Marjamäki 66c2825b23 Fixed #2210 (False positive: buffer overrun (snprintf, unknown type)) 2010-11-18 19:26:46 +01:00
Daniel Marjamäki fb068a4e71 Fixed #2170 (false positive: After a strncpy() the buffer should be zero-terminated) 2010-11-07 09:37:45 +01:00
Daniel Marjamäki dd41c74d7f Fixed #2136 (false negative: array bounds) 2010-11-06 09:10:10 +01:00
Daniel Marjamäki 8d96697623 GCC: Fixed compiler warnings 2010-10-30 14:53:25 +02:00
Daniel Marjamäki b55f6458a2 Fixed #2120 (False positive: array index out of bounds (unknown type in struct, sub function)) 2010-10-30 12:32:43 +02:00
Daniel Marjamäki 79583ee45d #2133 (cppcheck: floating point exception) 2010-10-26 20:05:34 +02:00
Daniel Marjamäki b6106ddf72 Fixed #2132 (Internal error. Token::Match called with varid 0.) 2010-10-26 18:10:03 +02:00
Daniel Marjamäki 306587b1d0 Buffer overruns: Fixed TODO test case 2010-10-24 11:32:27 +02:00
Daniel Marjamäki f3c6c64e9a Fixed #2121 (False positive: Buffer access out-of-bounds when using uint32_t) 2010-10-23 13:12:17 +02:00
Daniel Marjamäki 5deb046ac5 Fixed #2120 (False positive: array index out of bounds (unknown type in struct, sub function)) 2010-10-23 08:49:03 +02:00
Daniel Marjamäki 9fdc03fc1d Fixed #2117 (false positive: buffer access out of bounds) 2010-10-22 20:15:51 +02:00
Daniel Marjamäki 2ca7dbc004 Fixed #2109 (false positive: buffer overrun) 2010-10-19 18:23:44 +02:00
Daniel Marjamäki 92a1e9e76e Severities: Added 'warning' and 'performance' severities. No changes to the command line options nor to the XML format. Ticket: #2106 2010-10-17 14:41:00 +02:00