Commit Graph

693 Commits

Author SHA1 Message Date
chrchr-github 5804cc44e7
Fix FP bufferAccessOutOfBounds (#4427)
* Fix FN with buffer size 1

* Fix FP bufferAccessOutOfBounds
2022-08-31 19:31:37 +02:00
chrchr-github 1e14e360cb
Fix #8295 FN (error) Buffer is accessed out of bounds (wcpncpy, wcsncpy) (#4412)
* Fix #8295 FN (error) Buffer is accessed out of bounds (wcpncpy, wcsncpy)

* Fix cfg, validation

* Fix validation
2022-08-29 12:24:58 +02:00
chrchr-github df704361f6
Fix FN with buffer size 1 (#4410) 2022-08-29 12:24:44 +02:00
chrchr-github 2ab8de2650
Fix #11145 FP negativeMemoryAllocationSize with possible value (#4387) 2022-08-20 07:56:31 +02:00
chrchr-github 5b4c6c1e73
Fix #11026 FP pointerOutOfBounds with strlen() (#4366) 2022-08-17 09:45:07 +02:00
chrchr-github 0d72216cca
Fix BufferOverrun TODO (#4300)
* Fix BufferOverrun TODO

* clang-tidy
2022-07-22 07:24:34 +02:00
chrchr-github 89a9e5ecc6
Fix #9944 FP: terminateStrncpy doesn't account for size check (#4252)
* Fix #9944 FP: terminateStrncpy doesn't account for size check

* Fix container size check

* Undo

* Format

* Rebuild

* Rebuild
2022-07-08 12:35:21 +02:00
PKEuS 9eb16e1002
Replaced check for pipe() buffer size by ordinary CheckBufferOverrun, provide required Library configuration option (#4183)
Merged from LCppC.
2022-06-19 12:01:55 +02:00
PKEuS 82af702c6f
LCppC backport: Restored Check: Detect negative VLA and allocation (new[]) sizes (#4187) 2022-06-11 09:55:38 +02:00
Daniel Marjamäki 3989408738 Update copyright year 2022-02-05 11:45:17 +01:00
Oliver Stöneberg 171da2e6f9
avoid dependency on transitive includes - based on include-what-you-use (#3757) 2022-01-27 19:03:20 +01:00
Paul Fultz II 7b793af451
Fix 10728: Crash in CheckStl::checkDereferenceInvalidIterator2 (#3721)
* Fix 10728: Crash in CheckStl::checkDereferenceInvalidIterator2

* Format
2022-01-18 14:48:02 +01:00
chrchr-github c05e2cc6c4
Fix #10154 False positive: objectIndex (#3666) 2022-01-04 10:37:16 +01:00
chrchr-github cea649761c
Fix FN buffer overrun with array of pointers (#3582) 2021-11-27 12:15:36 +01:00
Daniel Marjamäki f701a9361d chmod; Use 644 for source files 2021-11-17 08:25:25 +01:00
Paul Fultz II 8bff45281d
Fix 10599: regression- segmentation fault on template code (#3565) 2021-11-16 06:49:13 +01:00
Daniel Marjamäki a9a093e7cc Fixed #10367 (False positive; pointer out of bounds argv-1) 2021-09-15 08:29:10 +02:00
Paul Fultz II d4174a31ba
Fix 10414: FP 'The address of local variable 'single_value' might be accessed at non-zero index.' (regression) (#3447) 2021-09-06 07:15:46 +02:00
Daniel Marjamäki 06249c08f3 argumentSize: Clarify error message 2021-08-29 15:38:58 +02:00
Daniel Marjamäki db57efa486 CheckBufferOverrun: Reimplement CheckBufferOverrun::argumentSize check 2021-08-22 16:37:41 +02:00
Paul Fultz II e0de48bb1d
Fix 7524: ValueFlow: false path for 'x<3' (#3393) 2021-08-16 09:19:07 +02:00
Paul Fultz II 7f358b2bed
Format with uncrustify (#3388) 2021-08-07 20:51:18 +02:00
Daniel Marjamäki 5f6b56ada2 buffer overrun; Fixed false negative for dynamically allocated float buffer 2021-05-22 15:39:20 +02:00
Daniel Marjamäki 0db649c075 Fixed Cppcheck self check warning; redundant check 2021-05-22 15:34:39 +02:00
Daniel Marjamäki 9a9f14bd8a Buffer overflow; Fixed FPs when array size is 1 2021-05-22 12:13:39 +02:00
Daniel Marjamäki b8314289c6 testbufferoverrun; fixed TODO test cases for pointer arithmetic overflows 2021-05-15 20:32:46 +02:00
orbitcowboy e869452240 #10244: Fixed false negative: bufferAccessOutOfBounds 2021-04-13 16:40:38 +02:00
Daniel Marjamäki 42437277dc Update Copyright year 2021-03-21 20:58:32 +01:00
PKEuS 141d2ac215 Refactorization: Improved internal implementation of severity and certainty levels
Backported from LCppC.
2021-02-24 22:00:06 +01:00
Daniel Marjamäki 853c271f22 Fix gcc warning; variable vidx is assigned but not read 2021-01-16 18:13:06 +01:00
Daniel Marjamäki 1858465bca astyle formatting
[ci skip]
2021-01-12 21:28:56 +01:00
Paul Fultz II fc4238829f
Fix issue 10092: false positive: (warning) The address of local variable 'data' might be accessed at non-zero index. (#3041) 2021-01-12 10:24:28 +01:00
Daniel Marjamäki f493ce16b3 astyle formatting
[ci skip]
2021-01-10 14:46:19 +01:00
Oliver Stöneberg ac7647fcd8
some self-check suppression cleanups (#3032) 2021-01-09 20:32:38 +01:00
Rikard Falkeborn 50cdb6cbfc
Astyle: sync windows and linux folders (#3016) 2021-01-06 17:13:44 +01:00
Paul Fultz II e004731f1c
Fix issue 8650: ValueFlow: Track if pointer is created by '&' operator (#3011) 2021-01-05 16:56:38 +01:00
Daniel Marjamäki c6452adc88 Fixed Cppcheck warning; Remove unused private method CheckBufferOverrun::bufferNotZeroTerminatedError 2020-12-04 18:58:10 +01:00
Oliver Stöneberg 37bc0483a4
made check.h less heavy (#2633) 2020-05-23 07:16:49 +02:00
Daniel Marjamäki 08ddd84780 Update copyright year 2020-05-10 11:16:32 +02:00
Daniel Marjamäki 3e0218299b Revert "Update copyright year"
This reverts commit 6eec6c4bd5.
2020-05-10 11:13:05 +02:00
Daniel Marjamäki 6eec6c4bd5 Update copyright year 2020-05-10 11:11:34 +02:00
Oliver Stöneberg 1af959af2c
fixed -Wextra-semi-stmt Clang warnings (#2553)
* fixed -Wextra-semi-stmt Clang warnings

* adjusted REDIRECT macro to require a semicolon

* testmathlib.cpp: rolled back accidental change
2020-04-21 17:27:51 +02:00
Oliver Stöneberg 2c1e36e63e
cleaned up includes based on include-what-you-use (#2600)
* cleaned up includes based on include-what-you-use

* check.h: trying to work around Visual Studio 2012 bug

* fixed Visual Studio compilation
2020-04-13 13:44:48 +02:00
Paul Fultz II 3b20684aca
Fix issue 9360: False positive: arrayIndexOutOfBounds when function is called with different array sizes (#2541) 2020-02-17 10:31:08 +01:00
Daniel Marjamäki 84bb024662 Refactoring; Reuse variable typeSize 2020-01-19 09:17:38 +01:00
Daniel Marjamäki cefd7fb33f Fix testrunner 2020-01-18 12:29:03 +01:00
Daniel Marjamäki 9ffb657c1a Fixed #8597 (False positive - Array index is used before limits check.) 2019-12-20 09:46:01 +01:00
Daniel Marjamäki fcc5fad3ed Fixed #9113 (false positive: (error) Buffer is accessed out of bounds) 2019-11-10 16:42:48 +01:00
Rikard Falkeborn 73a569be97 TestBufferOverRun: Handle string literals (#2287) 2019-10-21 07:11:22 +02:00
Rikard Falkeborn 5c061c1c12 Set correct type and size of string and char literals (#2275)
* Set correct type and size of string and char literals

Use that string and char literal tokens store the prefix. This makes
it possible to distinghuish between different type of string literals
(i.e., utf8 encoded strings, utf16, wide strings, etc) which have
different type.

When the tokens holding the string and character values have the correct
type, it is possible to improve Token::getStrSize() to give the correct
result for all string types. Previously, it would return the number of
characters in the string, i.e., it would give the wrong size unless
the type of the string was char*.

Since strings now can have different size (in number of bytes) and
length (in number of elements), add a new helper function that returns
the number of characters. Checkers have been updated to use the correct
functions.

Having the size makes it possible to find more problems with prefixed
strings, and to reduce false positives, for example in the buffer
overflow checker.

Also, improve the stringLiteralWrite error message to also print the
prefix of the string (if there is one).

* Add comment and update string length
2019-10-20 07:11:57 +02:00