Commit Graph

155 Commits

Author SHA1 Message Date
Paul Fultz II f75c15af56 Fix issue 6821: New check: access heap/stack data using address of variable
This fixes errors with:

```cpp
int f() {
    int i;
    return (&i)[1];
}
```

It uses the lifetime analysis to detect the issues.
2019-05-31 12:24:31 +02:00
Daniel Marjamäki de4f57ec0f Buffer overflow: Add CTU checking for pointer arithmetic overflows 2019-04-03 06:43:56 +02:00
Daniel Marjamäki c5807459f9 CheckBufferOverrun: Add check for pointer arithmetics 2019-03-31 09:00:52 +02:00
Daniel Marjamäki 15fc9a622d CheckBufferOverrun: Add CTU analysis 2019-03-23 08:36:10 +01:00
Daniel Marjamäki a0e58f0039 Revert "Revert "CheckBufferOverrun: Handle multidimensional arrays""
This reverts commit 9d1755f449.
2019-03-19 13:16:22 +01:00
Daniel Marjamäki 9d1755f449 Revert "CheckBufferOverrun: Handle multidimensional arrays"
This reverts commit e98a4a6f14.
2019-03-19 13:13:29 +01:00
Daniel Marjamäki e98a4a6f14 CheckBufferOverrun: Handle multidimensional arrays 2019-03-19 09:29:32 +01:00
Daniel Marjamäki 03f8535c71 Better multiline warning when there is buffer overflow 2019-03-17 20:12:02 +01:00
Daniel Marjamäki 92f4113b59 Array index: Checking array index out of bounds for dynamic buffers 2019-03-17 13:09:15 +01:00
Daniel Marjamäki 3dc34f1515 Disable all simplified checks 2019-03-16 09:17:50 +01:00
Daniel Marjamäki 67e8b99c2c CheckBufferOverrun: Readd a check for strncpy/memcpy/etc 2019-03-12 21:15:26 +01:00
Daniel Marjamäki 2a00667609 CheckBufferOverrun: cleanup 2019-03-12 18:58:14 +01:00
Daniel Marjamäki bd048085bd Add CheckBufferOverrun::arrayIndexThenCheck 2019-03-11 19:20:06 +01:00
Daniel Marjamäki 729f57d8f1 Start a major rewrite of CheckBufferOverrun. For now only the 'array index' and 'buffer overflow' checks are rewritten.
There are important TODOs still; for instance adding CTU support using our CTU infrastructure, add handling of pointers (maybe I'll use FwdAnalysis for this), add handling of multidimensional arrays, etc..
2019-03-11 12:34:33 +01:00
Daniel Marjamäki bd7790fd8c Update copyright year 2019-02-09 07:24:06 +01:00
Daniel Marjamäki 8b5f36670a Introduce macro OVERRIDE for gcc-4.6 compatibility. 2019-01-12 07:37:42 +01:00
Daniel Marjamäki 271763e680 CTU: Refactoring 2018-12-25 21:11:23 +01:00
Daniel Marjamäki ad4ce84cf7 Rename private member variables 2018-06-17 17:20:16 +02:00
Matthias Krüger 2320034f4a fix -Winconsistent-missing-override warnings reported by clang 6.0. 2018-05-17 08:47:19 +02:00
IOBYTE ce50df8047 Fix override warnings. (#1234) 2018-05-15 16:37:40 +02:00
Daniel Marjamäki c4caee6b18 Updated copyright year 2018-01-14 15:37:52 +01:00
Ivan Maidanski 97ffec85c0 Fixed #7502 (Correct exit code if never used function is found) (#1026) 2018-01-12 08:24:01 +01:00
Daniel Marjamäki 18adb97873 astyle formatting
[ci skip]
2017-05-28 15:56:26 +02:00
Ayaz Salikhov 28aa939d69 iwyu - include what you use 2017-05-27 04:33:47 +02:00
Daniel Marjamäki 633ed23c0d Fix Cppcheck warnings about mismatching function argument names 2017-04-01 09:31:27 +02:00
Daniel Marjamäki cc3ef7bbe8 Fix so array access out of bounds for external arrays are detected again 2017-03-30 10:14:17 +02:00
PKEuS 83b1e1c329 CheckBufferOverrun: Refactorizations
- Improved/Optimized conditions in checkBufferAllocatedWithStrlen()
- Avoid copying strings for checkScope()
2017-03-27 11:48:34 +02:00
Daniel Marjamäki 461e5cc5c9 CheckBufferOverrun: Moved check from simplified to normal. This fixes a FP in asterisk. 2016-12-18 11:14:05 +01:00
Daniel Marjamäki 9ff3e85899 Added --cppcheck-build-dir flag 2016-10-29 12:18:11 +02:00
Alexander Mai e495bfb960 Use proper tokenizer variable 2016-07-10 22:24:28 +02:00
Alexander Mai 4eef5642c9 Avoid null pointer access in CheckBufferOverrun::runSimplifiedChecks 2016-07-09 19:00:59 +02:00
PKEuS 44a19b527e Use ValueFlow and SymbolDatabase to detect buffer overflows with new and malloc, improving support for enums (#7576) 2016-07-08 20:53:08 +02:00
PKEuS 644a216394 Fixed two false positives related to char arrays initialized by a literal:
- Run check for writing to string literals on non-simplified token list (#7283)
- Run buffer overrun checking for string literals on non-simplified token list (https://sourceforge.net/p/cppcheck/discussion/general/thread/2c33dfc5/)
2016-07-07 19:38:15 +02:00
PKEuS 8c0eab3eb3 Optimization: Improved performance of CheckBufferOverrun::checkScope() when dealing with a large number of arrays (#5975)
-> checking time decreases from 1010s to 50s on the code snippet in #5975
-> Dropped a garbage code unit test
2016-05-25 14:42:00 +02:00
amai2012 eba1b0881d Minor refactoring: use nullptr (instead of 0/NULL), change signature of Tokenizer::createTokens 2016-05-07 16:30:54 +02:00
Roberto Martelloni d3645d874e Mapped toomanyconfigs ,AssignmentAddressToInteger
,AssignmentIntegerToAddress ,CastIntegerToAddressAtReturn
,CastAddressToIntegerAtReturn ,assertWithSideEffect ,assignmentInAssert
,uselessAssignmentArg ,uselessAssignmentPtrArg
,comparisonOfFuncReturningBoolError
,comparisonOfTwoFuncsReturningBoolError ,comparisonOfBoolWithBoolError
,incrementboolean ,comparisonOfBoolWithInt ,compareBoolExpressionWithInt
,negativeIndex ,pointerOutOfBounds ,arrayIndexThenCheck
,possibleBufferAccessOutOfBounds ,argumentSize
,arrayIndexOutOfBoundsCond ,noConstructor ,copyCtorPointerCopying
,noCopyConstructor ,uninitMemberVar ,operatorEqVarError
,unusedPrivateFunction ,memsetClassFloat ,mallocOnClassWarning
,operatorEq ,thisSubtraction ,operatorEqRetRefThis ,operatorEqToSelf
,useInitializationList ,duplInheritedMember ,assignIfError
,comparisonError ,multiCondition ,mismatchingBitAnd
,oppositeInnerCondition ,incorrectLogicOperator ,redundantCondition
,moduloAlwaysTrueFalse to their CWEs ids.
2016-02-26 23:53:52 +00:00
Dmitry-Me 26788a1dc1 Remove repeated code, better variable name 2016-01-15 17:20:40 +03:00
Lauri Nurmi 996c9244d8 Update copyright year to 2007-2016. 2016-01-01 15:34:45 +02:00
PKEuS e8522c7883 Small refactorizations:
- #include cleanup
- Use std::array instead of std::vector
- Do not create a stringstream to concatenate 4 strings
- Use std::cout instead of printf
2015-11-29 10:56:44 +01:00
Daniel Marjamäki 0f9d90d2be Changed Copyrights. Removed my name. 2015-11-18 20:04:50 +01:00
Daniel Marjamäki 48da1d5396 Refactoring CheckBufferOverrun 2015-11-08 12:39:08 +01:00
PKEuS 1a266315f1 Removed some unused code 2015-08-15 19:17:25 +02:00
Alexander Mai 2c73518e29 Fix platform-dependent test result, formatting and crash in whole program analysis 2015-06-28 17:54:48 +02:00
Daniel Marjamäki baa1ae079d New check: negative size in array declaration. Ticket #1760 2015-05-03 15:00:47 +02:00
Alexander Mai 6a7605271a Fix compiler warning. Add interfaces of POSIX passwd.h and pwd.h to posix.cfg 2015-02-18 20:56:44 +01:00
Daniel Marjamäki 9aad4fa8ca CheckBufferOverrun: Remove hardcoding for sprintf and rely on cfg configuration instead 2015-02-12 17:29:36 +01:00
Daniel Marjamäki d9deabe2ce TestBufferOverrun: clean up 2015-02-10 17:29:36 +01:00
PKEuS b2835051df Refactorization: Renamed Token::Match pattern %var% to %name%, implement new pattern %var% which is true if varId > 0. 2015-01-31 12:32:04 +01:00
PKEuS 98e33a189f Enhanced CheckBufferOverrun:
- Fixed bug in library: manual and existing libraries use "size", but library.cpp reads "sizeof" as podtype attribute
- Fixed a couple of bugs in handling unknown size in checkbufferoverrun.cpp, get size from library if available.
2015-01-30 20:27:48 +01:00
Daniel Marjamäki ff11ba9847 Updated copyright year to 2015 2015-01-03 12:14:58 +01:00