Although these files are part of our repo changes are being done via
their original projects so it might make sense to treat these as system
includes for some people instead of local ones.
Co-authored-by: Daniel Marjamäki <daniel.marjamaki@gmail.com>
I need to add parameters to some `check()` functions in the tests and
things are already pretty messy with having to specify all the default
values - readability aside.
I found this on https://stackoverflow.com/a/49572324/532627 - apparently
the CC BY-SA license by StackOverflow allows the usage within GPL.
* added CMake option `DISABLE_DMAKE` to disable `run-dmake` dependencies
* tools/CMakeLists.txt: added TODO
* use `ccache` for sanitizer builds
* aligned selfcheck between sanitizer workflows and disabled some currently unnecessary steps
* CI-unixish.yml: do not use precompiled headers with `ccache`
* moved `plistFile` from `ErrorLogger` to `CppCheck`
* got rid of global CWE objects
* lib/CMakeLists.txt: suppress some `-Wfloat-equal` clang warning in matchcompiled builds as well
* lib/CMakeLists.txt: moved a loop into proper block
* test/CMakeLists.txt: simplified `add_fixture`
* test/CMakeLists.txt: moved `fixture_cost`
* fixed `naming-privateMemberVariable` selfcheck warning
* lib/CMakeLists.txt: removed unnecessary external include
* look up tinyxml2 include dir when using system one and specify it
* lib/CMakeLists.txt: do not treat bundled headers as system ones
* CI-unixish.yml: actually perform system tinyxml2 build on macos
* do not emit `missingInclude` and `missingIncludeSystem` errors when not enabled / fixed and improved TestPreprocessor::inline_suppression_for_missing_include()
* testpreprocessor.cpp: added missing tests for `missingInclude` and `missingIncludeSystem`
* cppcheckexecutor.cpp: `missingIncludeSystem` was not emitted in normal analysis if `missingInclude` existed
* dmake
* added `run-dmake` as `testrunner` dependency
* runtests.sh: avoid redundant `pkg-config` checks and simplified the check
* runtests.sh: write a message when something is completely missing
* runtests.sh: derive paths from script location
* runtests.sh: improved readability by using individual functions for each file
* runtests.sh: added helper function `get_pkg_config_cflags()` to clean up cflag lookup from `pkg-config`
* runtests.sh: simplified `xmlstarlet` calls
So far, the cmake files of Cppcheck needed to be patched in order to
use installed tinyxml2 instead of the bundled version of tinyxml2.
- Introduce the CMake option USE_BUNDLED_TINYXML2 with a default value
of ON. This preserves the behavior as in the past and uses the
bundled version under externals/tinyxml2 by default.
- Usage of the installed tinyxml2 version of a system can be enabled
now using -DUSE_BUNDLED_TINYXML2=OFF as a cmake parameter.
- Some Linux distros do not install tinyxml2*.cmake files, which are
required to find tinyxml2 using find_package().
Try first using find_package(tinyxml2 QUIET) and if this fails, try
again using find_library(tinyxml2_LIBRARY tinyxml2)
* Fix 9298
Tell cppcheck that strcpy returns its first argument, and use that
knowledge in checkTokenInsideExpression.
* Add missing unit tests in cmake
When tests are built, the minimum required cmake version is 3.4.
The file test/CMakeLists.txt uses cmake_policy(SET CMP0064 NEW),
which requires cmake 3.4 [1].
[1] https://cmake.org/cmake/help/v3.4/policy/CMP0064.html
This will now warn when doing something like this:
```cpp
template <class T, class K, class V>
const V& get_default(const T& t, const K& k, const V& v) {
auto it = t.find(k);
if (it == t.end()) return v;
return it->second;
}
const int& bar(const std::unordered_map<int, int>& m, int k) {
auto x = 0;
return get_default(m, k, x);
}
```
The lifetime warning is considered inconclusive in this case.
I also updated valueflow to no tinject inconclusive values unless `--inconclusive` flag is passed. This creates some false negatives because library functions are not configured to not modify their input parameters, and there are some checks that do not check if the value is inconclusive or not.