Roberto Martelloni
|
e89cd1b8a4
|
CWE mapping of unsafeClassCanLeak, zerodivcond, invalidPointerCast, redundantCopy, redundantAssignment, comparisonFunctionIsAlwaysTrueOrFalse, checkCastIntToCharAndBack, cstyleCast, passedByValue, clarifyCondition, exceptThrowInDestructor, exceptDeallocThrow, exceptRethrowCopy, catchExceptionByValue, fflushOnInputStream, seekOnAppendedFile, publicAllocationError
CWE mapping of unsafeClassCanLeak, zerodivcond, invalidPointerCast, redundantCopy, redundantAssignment, comparisonFunctionIsAlwaysTrueOrFalse, checkCastIntToCharAndBack, cstyleCast, passedByValue, clarifyCondition, exceptThrowInDestructor, exceptDeallocThrow, exceptRethrowCopy, catchExceptionByValue, fflushOnInputStream, seekOnAppendedFile, publicAllocationError
|
2016-04-12 19:29:40 +02:00 |
Dmitry-Me
|
1f27c4b76b
|
Merge pull request #771 from Dmitry-Me/charUsedAsArrayIndex
Portability warning when 'char' type is used as array index
|
2016-02-10 20:11:38 +03:00 |
Dmitry-Me
|
c3399493ef
|
Portability warning when 'char' type is used as array index
|
2016-02-08 10:08:35 +03:00 |
PKEuS
|
b3a0d418e6
|
Refactorization: Compare only as much characters as necessary in Preprocessor
Fixed internal message
|
2016-02-05 21:06:07 +01:00 |
PKEuS
|
c66db46f66
|
Use ValueType in CheckOther::checkSignOfUnsignedVariable()
Fixed travis: replaced std::string::pop_back by std::string::substr
|
2016-02-05 20:43:06 +01:00 |
PKEuS
|
b4b38fb7ce
|
Use ValueType in CheckOther::invalidPointerCast()
False negative: operator new is currently not supported by ValueType.
|
2016-02-05 20:28:43 +01:00 |
PKEuS
|
841f17776b
|
Set ValueType for assignment operators, detect division by zero for %= and /= again (#7322)
|
2016-02-02 17:17:55 +01:00 |
PKEuS
|
9d2258677d
|
Improved CheckOther::checkUnusedLabel(): Write a warning instead of a style message if it happens inside a switch()
|
2016-01-31 12:07:24 +01:00 |
Daniel Marjamäki
|
5e10e680da
|
CWE: refactoring. use constants instead of magic numbers.
|
2016-01-25 20:01:48 +01:00 |
Roberto Martelloni
|
5ce69da02d
|
Mapped 26 errors to their CWEs ID.
|
2016-01-24 20:53:05 +00:00 |
Daniel Marjamäki
|
79aec559d5
|
Fixed #7243 (False positive unknownEvaluationOrder - comma operator inside while-clause)
|
2016-01-18 16:10:51 +01:00 |
Matthias Krüger
|
7b1710a44f
|
redundantAssignment: change from severity 'performance' to 'style' since avoiding unneccessary stores is a basic optimization done by compilers.
|
2016-01-15 22:01:40 +01:00 |
Matthias Krüger
|
e9e496199c
|
CheckOther::memsetZeroBytesError: remove now unused parameter.
was:
lib/checkother.cpp:1116:76: warning: unused parameter ‘varname’ [-Wunused-parameter]
void CheckOther::memsetZeroBytesError(const Token *tok, const std::string &varname)
^
|
2016-01-12 23:55:02 +01:00 |
Alexander Mai
|
7802517a69
|
#7285 wrong var name: memset() called to fill 0 bytes of '&' memset with pointer: remove var name from message. Correct some entries in posix.cfg.
|
2016-01-12 23:20:48 +01:00 |
Daniel Marjamäki
|
b2386fa011
|
minor refactoring, use 'else if' when appropriate
|
2016-01-06 15:49:44 +01:00 |
Lauri Nurmi
|
996c9244d8
|
Update copyright year to 2007-2016.
|
2016-01-01 15:34:45 +02:00 |
Daniel Marjamäki
|
8171154e12
|
Fixed #7230 (Confusing code snippet in error message)
|
2015-12-31 01:15:49 +01:00 |
Daniel Marjamäki
|
bd1037e95b
|
Fixed #7242 (False positive unknownEvaluationOrder - comma expression in function argument)
|
2015-12-29 12:06:42 +01:00 |
Daniel Marjamäki
|
0ddb5c12ce
|
Fixed #7238 (False positive unknownEvaluationOrder for comma operator on C code)
|
2015-12-28 13:45:55 +01:00 |
Daniel Marjamäki
|
908bc664a4
|
Evaluation order: ignore usage in sizeof
|
2015-12-27 14:08:16 +01:00 |
Daniel Marjamäki
|
c672210e06
|
Evaluation order: don't warn for 'dostuff(expr++, &expr)'
|
2015-12-26 15:48:43 +01:00 |
Daniel Marjamäki
|
e6ff77d825
|
Evaluation order: Don't use this checker on C++11 code
|
2015-12-25 18:57:59 +01:00 |
Daniel Marjamäki
|
90148ce2a1
|
Evaluation order: Only use this checker on non-C++11 code
|
2015-12-25 18:49:34 +01:00 |
Daniel Marjamäki
|
55779a5772
|
Evaluation order: Only use this checker on non-C++11 code
|
2015-12-25 18:45:46 +01:00 |
Daniel Marjamäki
|
24438c326e
|
Fixed #7233 (Fasle negative 'unknownEvaluationOrder in case of macro)
|
2015-12-25 18:31:21 +01:00 |
Daniel Marjamäki
|
27af1bcfd8
|
Fixed #7229 (Improve check; unknown evaluation order, write different message for self assignment)
|
2015-12-25 18:00:19 +01:00 |
Daniel Marjamäki
|
90a54b1fae
|
Fixed #7232 (False positive unknownEvaluationOrder on id = Remap( id += 42 );)
|
2015-12-25 16:45:11 +01:00 |
PKEuS
|
940d569980
|
Refactorization: Removed redundant %any% patterns.
|
2015-12-24 14:40:48 +01:00 |
Daniel Marjamäki
|
81f0597316
|
Fixed #3206 and #7226 (New check: Undefined execution order)
|
2015-12-24 09:13:20 +01:00 |
Daniel Marjamäki
|
0baad496f2
|
Fixed #6383 (FP shiftNegative - value converted to unsigned in function argument)
|
2015-12-14 10:55:23 +01:00 |
PKEuS
|
57e9954390
|
Merge pull request #715 from Dmitry-Me/eliminateRepeatedLookup3
Remove repeated lookup
|
2015-12-07 10:47:37 +01:00 |
Dmitry-Me
|
f00a73f1a1
|
Remove repeated lookup
|
2015-12-07 11:57:04 +03:00 |
Alexander Mai
|
9d8dffbd79
|
#6269 false positives in case of overloaded standard library functions. Detect memset() with proper argument cound, using new function numberOfArguments()
|
2015-12-06 12:50:05 +01:00 |
PKEuS
|
b8d39a2229
|
Refactorizations:
- Improve performance of simplifyTypedef by using Token::simpleMatch by ~15%
- Simplified code in simplifyTypedef
- Ran AStyle
|
2015-12-02 23:32:50 +01:00 |
Dmitry-Me
|
0a3959f201
|
Remove duplicate check
|
2015-12-02 17:28:21 +03:00 |
Dmitry-Me
|
8f8a0097fe
|
Detect more non-interlocked accesses
|
2015-12-02 10:58:57 +03:00 |
Daniel Marjamäki
|
fb8cce647c
|
invalidTestForOverflow: Refactor; move from checkother to checkcondition
|
2015-11-30 08:51:15 +01:00 |
Daniel Marjamäki
|
f6f4f27636
|
CheckOther::checkInvalidTestForOverflow: minor fix, only warn when warnings are enabled.
|
2015-11-29 22:03:42 +01:00 |
Daniel Marjamäki
|
26a07265a8
|
Fixed #7184 (Invalid test for overflow 'p + x < p')
|
2015-11-29 20:59:50 +01:00 |
Daniel Marjamäki
|
4fa888ec44
|
Warn when shifting a negative value, it is UB. (#4931)
|
2015-11-29 16:28:55 +01:00 |
PKEuS
|
e8522c7883
|
Small refactorizations:
- #include cleanup
- Use std::array instead of std::vector
- Do not create a stringstream to concatenate 4 strings
- Use std::cout instead of printf
|
2015-11-29 10:56:44 +01:00 |
PKEuS
|
f516de8633
|
Moved a few checks from CheckOther to CheckFunctions
|
2015-11-22 13:49:10 +01:00 |
Daniel Marjamäki
|
0f9d90d2be
|
Changed Copyrights. Removed my name.
|
2015-11-18 20:04:50 +01:00 |
Alexander Mai
|
65666a1ba4
|
Makefile: explicit list directories which should be used with ctags. Run astyle.
|
2015-11-15 19:03:18 +01:00 |
amai2012
|
f0bf749621
|
#7133 crash: Variable::declarationId().
|
2015-11-15 19:01:29 +01:00 |
PKEuS
|
1589841cb6
|
Fixed crash in clang test suite with member variable pointers
|
2015-11-11 18:26:59 +01:00 |
PKEuS
|
36c5815ddb
|
Fixed false positive about redundant variable assignment in try-scopes if the variable is read in catch block (#6555)
|
2015-11-11 17:21:55 +01:00 |
Simon Martin
|
1ec3175c99
|
Silence clang warning (-Wparentheses mode).
|
2015-11-10 08:12:36 +01:00 |
PKEuS
|
f15f8514f6
|
Fixed crash on garbage code (#7120)
|
2015-11-09 17:25:20 +01:00 |
PKEuS
|
c7987ad11a
|
Refactorization: Removed redundant nullptr checks. The existence of the tokens is guaranteed by previous Token::Match() call
|
2015-11-09 11:12:32 +01:00 |
PKEuS
|
ee58587706
|
Fixed false positive unreachableCode when ternary operator is used (#6664)
|
2015-10-26 08:29:43 +01:00 |
PKEuS
|
f637b84192
|
Fixed various false positives with --check-library (#6545, #6630)
|
2015-10-26 08:16:50 +01:00 |
PKEuS
|
2eb8492993
|
Fixed crash on garbage code #7034
|
2015-10-09 13:49:17 +02:00 |
Daniel Marjamäki
|
a500f6f703
|
Improved handling of 'long double' and address-of in ValueType. Removed Tokenizer::simplifyFloatCasts() to handle float casts better.
|
2015-10-08 19:50:10 +02:00 |
Daniel Marjamäki
|
f5d9ba9cf3
|
Rewrote the charvar checker. It now uses valueflow also to limit false negatives.
|
2015-10-06 17:30:51 +02:00 |
Dmitry-Me
|
662e3c8b8c
|
Omit unneeded match checks
|
2015-09-07 18:35:15 +03:00 |
Dmitry-Me
|
cd4f3cf8db
|
Treat checks as mutually exclusive
|
2015-09-04 10:42:26 +03:00 |
Dmitry-Me
|
7287b1a251
|
Avoid unneeded match checks
|
2015-09-03 18:30:05 +03:00 |
Dmitry-Me
|
0f073ad27e
|
Quick check to omit useless heavy matches
|
2015-09-03 13:09:57 +03:00 |
PKEuS
|
c5a8ecb6f9
|
New check: Detect unused 'goto' labels (#5124)
|
2015-08-30 16:45:47 +02:00 |
Simon Martin
|
6fb19b02d0
|
Properly differentiate arrays of pointers and pointers to arrays.
|
2015-08-25 21:19:19 +02:00 |
PKEuS
|
ab8afec3eb
|
Refactorizations:
- Avoid unnecessary loop iterations
- Avoid unnecessary condition checking
- Reduced code duplication in symboldatabase.cpp
|
2015-08-16 14:23:07 +02:00 |
PKEuS
|
b77912a0b5
|
Support namespaces in CheckOther::checkIgnoredReturnValue()
|
2015-08-15 12:19:14 +02:00 |
PKEuS
|
4d80df2f4a
|
Added pointer to Type to Token (similar to Token::Variable() and Token::function()):
- Accessible via Token::type()
- Renamed former Token::type() to Token::tokType()
- Removed SymbolDatabase::isClassOrStruct()
|
2015-08-15 11:19:21 +02:00 |
Matthias Krüger
|
391194579c
|
CheckOther::checkComparisonFunctionIsAlwaysTrueOrFalseError: "evaluates always" -> "always evaluates"
|
2015-08-11 13:27:55 +02:00 |
Alexander Mai
|
66676b8e55
|
Warning selfAssignment was only issued if style was enabled.
|
2015-08-09 13:45:35 +02:00 |
Daniel Marjamäki
|
c9e239afbf
|
Fixed #6908 (False positive: Same expression on both sides of '+='.)
|
2015-08-07 20:28:25 +02:00 |
Daniel Marjamäki
|
ec3d76be5e
|
astyle formatting
|
2015-08-07 20:27:32 +02:00 |
amai2012
|
53feb88614
|
Merge pull request #630 from Dmitry-Me/detectRaceInInterlockedAccess
Prototype for detecting non-interlocked check after InterlockedDecrement()
|
2015-08-06 15:43:10 +02:00 |
Dmitry-Me
|
43800a9419
|
Detect non-interlocked check after InterlockedDecrement()
|
2015-08-05 12:20:28 +03:00 |
Daniel Marjamäki
|
e598b07a6d
|
Moved functions to astutils
|
2015-08-03 09:20:50 +02:00 |
Alexander Mai
|
96c3c111fc
|
Refactoring: Move some AST related functions to distinct source file
|
2015-08-02 21:57:32 +02:00 |
Alexander Mai
|
965a034afd
|
Fix some more false positives on zerodiv: error should be issued if type of epxression is known to be integral
|
2015-08-01 18:42:17 +02:00 |
Alexander Mai
|
f91ad9bbf6
|
5402 false positive: (error) Division by zero -- with boost::format
|
2015-08-01 17:28:54 +02:00 |
Daniel Marjamäki
|
503fb485cf
|
Removed hardcoding of functions from checkZeroDivision
|
2015-07-30 13:48:51 +02:00 |
Daniel Marjamäki
|
594d30f7ae
|
Fix Cppcheck warning about unused variable
|
2015-07-29 20:26:00 +02:00 |
Daniel Marjamäki
|
6790d91fbb
|
Improve error messages for conditional values. make valueFlowSwitchVariable values conditional that depend on the case. Partial fix for #6884.
|
2015-07-29 19:54:57 +02:00 |
PKEuS
|
738057229c
|
Improved astIsFloat(): Handle function calls and sizeof, fixed ordering of checks
Handle sizeof in isSameExpression() (#6851)
|
2015-07-29 14:28:24 +02:00 |
Daniel Marjamäki
|
389aec51ae
|
Fixed #6598 (False positive zerodivcond - cast to double ignored)
|
2015-07-26 22:08:36 +02:00 |
Daniel Marjamäki
|
75f922e799
|
cleanup checkother
|
2015-07-22 18:48:43 +02:00 |
Daniel Marjamäki
|
0dd008e068
|
Fixed Cppcheck warning about possible null pointer dereference
|
2015-07-08 16:06:35 +02:00 |
Daniel Marjamäki
|
5a9328f26a
|
Fixed Cppcheck warning about possible null pointer dereference
|
2015-07-08 13:41:27 +02:00 |
Alexander Mai
|
56e90f95d9
|
Corrections for non-Microsoft compilers
|
2015-06-28 12:34:08 +02:00 |
amai2012
|
649a89d308
|
Refactoring: Expose some previously local functions to public and add Tokenizer as argument to distinguish between C and C++ code (e.g. in isSameExpression).
Refactoring: Improve type-safety for TestFixture::assertEquals to allow tests with types which were not handled correctly (e.g. unsigned long long)
|
2015-06-28 12:08:36 +02:00 |
amai2012
|
99524b1f59
|
#6780 segmentation fault (invalid code) in Token::multiCompare. Simple fix in CheckOther
|
2015-06-22 11:12:46 +02:00 |
Alexander Mai
|
4172011e78
|
Missing update for Makefile. CheckMemoryLeakInFunction::getcode(): skip some C++ token matching in C mode. Minor refactoring
|
2015-06-20 22:49:28 +02:00 |
Daniel Marjamäki
|
63f39ea48f
|
Change unusedScopedObject severity from error to style. The checker does not determine that there is ub or wrong behaviour.
|
2015-06-20 11:22:15 +02:00 |
Alexander Mai
|
13c1c2c035
|
Refactoring (use const std::set for strings). Omit some matching for C++ stuff within C code.
|
2015-06-17 22:28:15 +02:00 |
Daniel Marjamäki
|
3986c0dc64
|
fixed cppcheck warnings
|
2015-06-10 19:07:04 +02:00 |
Daniel Marjamäki
|
0836bf3d33
|
astyle formatting
|
2015-05-27 20:26:26 +02:00 |
amai2012
|
729b240d9c
|
Refactoring (compiler warnings and a typo)
|
2015-05-25 23:15:59 +02:00 |
Alexander Mai
|
e28e9be82f
|
Add TODO testcase for #5738. Refactoring: add some const
|
2015-05-25 08:20:14 +02:00 |
PKEuS
|
22fbc18fb7
|
Fixed false positive for *a++ in for-loop condition
Moved unit test to testgarbage.cpp
|
2015-05-07 20:34:57 +02:00 |
Daniel Marjamäki
|
88f59ad7e8
|
Partial fix for #6656 (Allow that CWE is mapped for error message)
|
2015-04-25 17:48:11 +02:00 |
Matthias Krüger
|
42f0955e3f
|
Move more setting checks out of loops and use const bools instead. Reorder a few related checks.
Follow up to eedcb6abcb .
|
2015-04-10 14:31:19 +02:00 |
Matthias Krüger
|
eedcb6abcb
|
move setting flags checks out of for loops, make them const.
|
2015-04-07 07:23:28 +02:00 |
Matthias Krüger
|
988acf11b4
|
don't print warning message if --enable=warning is not given.
message was of type:
(warning) Passing value 0 to foo() leads to implementation-defined result.
|
2015-04-06 13:37:27 +02:00 |
Dmitry-Me
|
ba423185b8
|
Omit uneeded checks
|
2015-04-02 10:26:19 +03:00 |
PKEuS
|
d6751a7987
|
Merge pull request #537 from Dmitry-Me/decouplePatternMatchingFromOtherChecks
Decouple pattern matching from other checks
|
2015-03-15 08:50:59 +01:00 |
Dmitry-Me
|
43a19dee8b
|
Remove unneded deep copy, make reference const
|
2015-03-14 13:45:21 +03:00 |