Commit Graph

560 Commits

Author SHA1 Message Date
Dmitry-Me 0e444aa133 Cache and reuse values 2017-09-05 17:50:36 +03:00
Ayaz Salikhov b8cd7dbb5c Use nullptr instead of 0 or NULL (#936) 2017-08-09 20:00:26 +02:00
Matthias Krüger 9b6d371762 checkbufferoverrun: remove dead store
the variable was declared inside a loop and the dead store also took place inside the loop (guarded by a condition) without further access of the value after that store.
Found by clang analyzer.

Was:

lib/checkbufferoverrun.cpp:1223:17: warning: Value stored to 'tok' is never read
                tok = tok->next();
                ^     ~~~~~~~~~~~
2017-08-01 16:53:00 +02:00
Daniel Marjamäki 058c439b2a Coverity detected useless function call, cleanup code 2017-08-01 12:45:37 +02:00
Daniel Marjamäki fec0c46af0 Refactoring, use continue in loop 2017-07-30 14:53:58 +02:00
Ayaz Salikhov 4bbc830a85 Fix warnings 2017-07-17 10:13:11 +03:00
uburuntu f4ce49d883 ENH: perfomance: using clear() and empty() more faster for stl containers 2017-06-02 22:38:00 +04:00
Ayaz Salikhov 28aa939d69 iwyu - include what you use 2017-05-27 04:33:47 +02:00
Daniel Marjamäki 1dd42d9a9e arrayIndexOutOfBounds: Make sure error message is clarified for daca2 --template format 2017-05-25 08:18:37 +02:00
Daniel Marjamäki 70c2de62b7 arrayIndexOutOfBounds: better note 2017-05-23 16:06:32 +02:00
Daniel Marjamäki e73657b198 Clarify arrayIndexOutOfBounds 2017-05-23 14:58:43 +02:00
Daniel Marjamäki f7cda81c0c Refactoring: ValueFlow::Value::errorSeverity() will have the logic if value is 'error' or 'warning' 2017-05-23 11:43:56 +02:00
Daniel Marjamäki 55ae206ecc ErrorPath: better output 2017-05-19 17:29:16 +02:00
Daniel Marjamäki c617851567 ErrorLogger: Added ErrorPath where each item has token and info 2017-05-16 22:38:13 +02:00
Daniel Marjamäki f92e7b3bfc Emit better errorpath in CheckBufferOverrun::negativeIndexError 2017-05-16 19:08:47 +02:00
Simon Martin b526fd7c49 Ticket #7964: Don't crash on valid code using function pointers named strcpy or strcat in main(). 2017-04-21 23:36:10 +02:00
PKEuS b1f4bd7504 Refactorization: Reimplemented Settings::_enabled as a bitfeld instead of std::set (#7995) 2017-04-11 11:49:26 +02:00
Matthias Krüger 7d12e1f3a6 valueFlowGetArrayIndexes: convert Token::Match to Token::simpleMatch.
The pattern is a sole "[", but since "[" is also used for complexe patterns, the internal check that finds potential simple match patterns bailed out here.
2017-04-09 17:27:46 +02:00
Daniel Marjamäki 633ed23c0d Fix Cppcheck warnings about mismatching function argument names 2017-04-01 09:31:27 +02:00
Daniel Marjamäki cc3ef7bbe8 Fix so array access out of bounds for external arrays are detected again 2017-03-30 10:14:17 +02:00
PKEuS 3c8f5b85ae Refactorization: Allocate Token::_values (ValueFlow information) dynamically, reducing size of each token by around 10% 2017-03-27 18:48:34 +02:00
PKEuS 2938278f00 Refactorization: Store minsizes in vector instead of list which has less overhead 2017-03-27 17:53:43 +02:00
PKEuS 63d39390b4 checkbufferoverrun.cpp: refactorizations 2017-03-27 16:09:51 +02:00
PKEuS 83b1e1c329 CheckBufferOverrun: Refactorizations
- Improved/Optimized conditions in checkBufferAllocatedWithStrlen()
- Avoid copying strings for checkScope()
2017-03-27 11:48:34 +02:00
PKEuS 680828788b Fixed false negative in CheckBufferOverrun::checkInsecureCmdLineArgs(), removed redundant tests 2017-03-27 11:30:07 +02:00
PKEuS 171e1b8244 Fixed false negatives in CheckBufferOverrun::arrayIndexThenCheck() 2017-03-27 11:07:49 +02:00
orbitcowboy 6c71d74563 Cleanup: There is no need to clear a string directly after its creation. 2017-01-16 20:10:28 +01:00
Daniel Marjamäki f0d91fb74b Fixed #7869 (False positive: Array index out of bounds) 2016-12-20 22:01:19 +01:00
Daniel Marjamäki f5ad7482a8 CheckBufferOverrun: Skip warnings about array index out of bounds in unions. Theoretically, the array is at least as large as the biggest union member. 2016-12-18 22:10:30 +01:00
PKEuS cfac3b457d Several small refactorizations 2016-12-06 22:12:02 +01:00
Stefan Weil 57b57428c2 Fix some typos in comments (found by codespell)
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2016-11-27 11:40:42 +01:00
Daniel Marjamäki a61f4e9c94 Fixed #7831 (false-positive: terminateStrncpy) 2016-11-24 07:04:58 +01:00
Daniel Marjamäki 4732667488 ValueFlow: allow more value types 2016-11-13 22:33:39 +01:00
Daniel Marjamäki 9ff3e85899 Added --cppcheck-build-dir flag 2016-10-29 12:18:11 +02:00
Daniel Marjamäki 499e52c976 astyle formatting
[ci skip]
2016-08-15 18:04:55 +02:00
Roberto Martelloni 41dee04e90 CWE mapping of assignBoolToFloat, strncatUsage, sizeArgumentAsChar, terminateStrncpy, bufferNotZeroTerminated, negativeArraySize, noExplicitConstructor, virtualDestructor 2016-08-14 18:23:41 +01:00
Robert Reif 55b3f0bf38 Fixed #752 (SymbolDatabase: Does not match function if redundant keywords mismatch (C++)) 2016-08-04 09:06:32 +02:00
PKEuS 3f4fe8f578 Refactorized CheckBufferOverrun:
- Removed redundant code
- Apply non-simplified checking in test suite
2016-07-27 17:28:43 +02:00
PKEuS 9a6569fde1 Always set ErrorMessage::file0 to ensure that the source file that cppcheck is checking when an error occurs can be identified
Removed unused function and unused includes from preprocessor.h/cpp
2016-07-26 16:28:40 +02:00
Simon Martin bae81fba05 Silent clang -Wshadow warning. (#812)
Add an optional extended description…
2016-07-09 19:07:58 +02:00
PKEuS 44a19b527e Use ValueFlow and SymbolDatabase to detect buffer overflows with new and malloc, improving support for enums (#7576) 2016-07-08 20:53:08 +02:00
PKEuS 644a216394 Fixed two false positives related to char arrays initialized by a literal:
- Run check for writing to string literals on non-simplified token list (#7283)
- Run buffer overrun checking for string literals on non-simplified token list (https://sourceforge.net/p/cppcheck/discussion/general/thread/2c33dfc5/)
2016-07-07 19:38:15 +02:00
umanamente 0f11007c19 Fixed #7083 (false positive: typedef and initialization with strings) 2016-06-21 22:42:46 +02:00
PKEuS 8c0eab3eb3 Optimization: Improved performance of CheckBufferOverrun::checkScope() when dealing with a large number of arrays (#5975)
-> checking time decreases from 1010s to 50s on the code snippet in #5975
-> Dropped a garbage code unit test
2016-05-25 14:42:00 +02:00
PKEuS 728d4242dc Refactorizations in CheckBufferOverrun:
- Improved performance of CheckBufferOverrun::checkScope()
- Made some patterns less restrictive
2016-05-25 11:50:34 +02:00
Roberto Martelloni d3645d874e Mapped toomanyconfigs ,AssignmentAddressToInteger
,AssignmentIntegerToAddress ,CastIntegerToAddressAtReturn
,CastAddressToIntegerAtReturn ,assertWithSideEffect ,assignmentInAssert
,uselessAssignmentArg ,uselessAssignmentPtrArg
,comparisonOfFuncReturningBoolError
,comparisonOfTwoFuncsReturningBoolError ,comparisonOfBoolWithBoolError
,incrementboolean ,comparisonOfBoolWithInt ,compareBoolExpressionWithInt
,negativeIndex ,pointerOutOfBounds ,arrayIndexThenCheck
,possibleBufferAccessOutOfBounds ,argumentSize
,arrayIndexOutOfBoundsCond ,noConstructor ,copyCtorPointerCopying
,noCopyConstructor ,uninitMemberVar ,operatorEqVarError
,unusedPrivateFunction ,memsetClassFloat ,mallocOnClassWarning
,operatorEq ,thisSubtraction ,operatorEqRetRefThis ,operatorEqToSelf
,useInitializationList ,duplInheritedMember ,assignIfError
,comparisonError ,multiCondition ,mismatchingBitAnd
,oppositeInnerCondition ,incorrectLogicOperator ,redundantCondition
,moduloAlwaysTrueFalse to their CWEs ids.
2016-02-26 23:53:52 +00:00
Daniel Marjamäki cef6b35bb8 Improve MAXTIME handling 2016-02-11 16:10:52 +01:00
Daniel Marjamäki 5e10e680da CWE: refactoring. use constants instead of magic numbers. 2016-01-25 20:01:48 +01:00
Roberto Martelloni 5ce69da02d Mapped 26 errors to their CWEs ID. 2016-01-24 20:53:05 +00:00
Daniel Marjamäki 659cd96b03 Fixed #7209 (False positive: Array index used before limits check reported in sizeof) 2016-01-24 14:06:02 +01:00