Commit Graph

227 Commits

Author SHA1 Message Date
PKEuS 141d2ac215 Refactorization: Improved internal implementation of severity and certainty levels
Backported from LCppC.
2021-02-24 22:00:06 +01:00
Rikard Falkeborn f018163551
Improve handling of realloc in memory leak checker (#3036)
Mark realloced variables as realloced instead of freed. This allows
improved checking for code with error realloc handling.

If cppcheck finds an if-statement which checks the validity of the
allocated memory or resource, check if the memory/resource is
reallocated from another variable. If so, we can add checking of that
variable in the if-statement instead. This allows to check that variable
for memleaks and double frees.

This fixes #9292 and #9990 which both concern FPs with double frees
after correct error handling.
2021-01-11 07:55:05 +01:00
Oliver Stöneberg 0a1012a273
fixed and enabled -Wdocumentation and -Wdocumentation-pedantic clang warnings (#2819) 2020-12-27 09:15:59 +01:00
Rikard Falkeborn de19dc9e3e
Fix #8327 (Memleak with mmap return value check) (#2864)
Also fix a broken test case related to checking the return value -1
where socket was not defined in the library used in the tests.

This was tested running test-my-pr with 500 packages. The difference was
six fewer FPs.
2020-10-29 13:17:33 +01:00
Rikard Falkeborn 2ace2b006a Refactor: Use visitAstNodes in checkleakautovar 2020-07-20 10:25:00 +02:00
Rikard Falkeborn 1e679cc5d1 Fix #9635 (FP: Memory leak with comma operator in if-statement)
When checking for comparisons in if-statements, if there are comma
operators in the if-statement, skip until after the last comma.
2020-07-09 21:31:43 +02:00
Rikard Falkeborn 4996ec190e Fix #9652 (fp memleak with function call with cast)
When the first argument was (void *)(1), at the start of the second
iteration, arg was pointing to the "1", which caused problems for
nextArgument(), which saw the ")" as the next token and returned
nullptr, signalling that there are no more arguments.

Instead, save the first token in the argument, which makes
nextArgument() do the right thing.
2020-07-08 00:02:39 +02:00
Oliver Stöneberg 37bc0483a4
made check.h less heavy (#2633) 2020-05-23 07:16:49 +02:00
Daniel Marjamäki 08ddd84780 Update copyright year 2020-05-10 11:16:32 +02:00
Daniel Marjamäki 3e0218299b Revert "Update copyright year"
This reverts commit 6eec6c4bd5.
2020-05-10 11:13:05 +02:00
Daniel Marjamäki 6eec6c4bd5 Update copyright year 2020-05-10 11:11:34 +02:00
Oliver Stöneberg 1af959af2c
fixed -Wextra-semi-stmt Clang warnings (#2553)
* fixed -Wextra-semi-stmt Clang warnings

* adjusted REDIRECT macro to require a semicolon

* testmathlib.cpp: rolled back accidental change
2020-04-21 17:27:51 +02:00
Oliver Stöneberg 2c1e36e63e
cleaned up includes based on include-what-you-use (#2600)
* cleaned up includes based on include-what-you-use

* check.h: trying to work around Visual Studio 2012 bug

* fixed Visual Studio compilation
2020-04-13 13:44:48 +02:00
Ken-Patrick Lehrmann 7044c17599
9575: false positive in fclose (#2540)
Fix false positive introduced by
0b7649ca9b

Only return the function token from checkTokenInsideExpression when it
might be one the argument (hence keeping a pointer to one of them).
Otherwise, we can directly skip to the token after the function call.
2020-02-17 10:25:30 +01:00
Daniel Marjamäki b6833b525f Clang import 2020-01-25 17:01:17 +01:00
Ken-Patrick Lehrmann 0b7649ca9b Fix 9298 (#2476)
* Fix 9298

Tell cppcheck that strcpy returns its first argument, and use that
knowledge in checkTokenInsideExpression.

* Add missing unit tests in cmake
2020-01-09 08:47:36 +01:00
Sebastian c990d10ffa
Check for JSON error when parsing addon .json files + fixes (#2374)
* cppcheck.cpp: Check for JSON error when parsing addon .json files

This fixes that errors in JSON files given via `--addon=*.json` are
silently ignored and maybe only a part of the JSON file is used.
Now the error message which picojson can return is checked and a
corresponding error message is returned again by getAddonInfo().

* naming.json: Fix missing comma

* CLI: Fix naming violations detected by addon naming.py via naming.json

* Addon naming: Add argument for validating names of constants

* LIB: Rename functions/variables so they are valid, loosen naming rules

* GUI: Fix naming violations
2019-11-20 15:37:09 +01:00
Rikard Falkeborn bb5ac32872 Fix #7031 (improve error message for memory related warnings) (#2204)
Printout both the locations on double free errors, mismatching
alloc/dealloc and dealloc return error.
2019-09-22 21:50:02 +02:00
Rikard Falkeborn df800e35d4 Fix memleak FP with return with parenthesis (#2202)
* Fix memleak FP with return  with parenthesis

Fix FPs pointed out by daca@home on the following form:

    void* f(void) {
        void* x = malloc(1);
        return(x);
    }

Fix it by only skipping tokens if there is an actual match with a
variable. This allows to remove the special casing of "return;".

* Add testcase with cast
2019-09-22 19:18:31 +02:00
Rikard Falkeborn 46ac0d79c1 Checkmemleakautovar: fix crash and FP (#2196)
This fixes crashes found by daca where valueType() is NULL. Also,
somewhat related, it removes warnings when casting to a type that is
unknown to cppcheck, for example, there is no longer a warning for the
following code:

	void* f() {
		void *x = malloc(1);
		return (mytype)x;
	}
2019-09-21 14:59:54 +02:00
Oliver Stöneberg 9028b4a81d do not access static methods through instance (#2189) 2019-09-20 21:54:30 +02:00
Ken-Patrick Lehrmann 49b7ef84d9 Fix crashes in checkleakautovar (#2195)
Crashes found by daca@home
http://cppcheck1.osuosl.org:8000/crash.html

For instance
```
2019-09-20 16:27
ftp://ftp.se.debian.org/debian/pool/main/n/nedit/nedit_5.7.orig.tar.gz
cppcheck-options: -j1 --library=posix --library=gnu --library=motif -D__GNUC__ --check-library --inconclusive --enable=style,information --platform=unix64 --template=daca2 -rp=temp temp
platform: Linux-4.19.0-6-amd64-x86_64-with-debian-10.1
python: 2.7.16
client-version: 1.1.37
cppcheck: head 1.89
head-info: 38dec6a9a (2019-09-20 16:46:57 +0200)
count: Crash! 934
elapsed-time: -11.0 9.0
head results:
Checking temp/nedit-5.7/source/shell.c: __GNUC__=1...

Program received signal SIGSEGV, Segmentation fault.
0x000055555564b862 in CheckLeakAutoVar::ret (this=0x7fffffffb8c0, tok=0x5555582ea9e0, varInfo=...) at lib/token.h:340
340	        return mImpl->mValueType;
 #0  0x000055555564b862 in CheckLeakAutoVar::ret (this=0x7fffffffb8c0, tok=0x5555582ea9e0, varInfo=...) at lib/token.h:340
 #1  0x0000555555651764 in CheckLeakAutoVar::check (this=0x7fffffffb8c0) at build/checkleakautovar.cpp:714
 #2  0x0000555555652b37 in CheckLeakAutoVar::runChecks (this=<optimized out>, tokenizer=0x7fffffffc3a0, settings=<optimized out>, errorLogger=<optimized out>) at lib/checkleakautovar.h:108
 #3  0x00005555556bc833 in CppCheck::checkNormalTokens (this=0x7fffffffce50, tokenizer=...) at build/cppcheck.cpp:732
 #4  0x00005555556bf694 in CppCheck::checkFile (this=0x7fffffffce50, filename=..., cfgname=..., fileStream=...) at build/cppcheck.cpp:542
 #5  0x00005555556c1cb8 in CppCheck::check (this=this@entry=0x7fffffffce50, path="temp/nedit-5.7/source/shell.c") at /usr/include/c++/8/bits/basic_string.h:936
 #6  0x00005555557fd63f in CppCheckExecutor::check_internal (this=0x7fffffffdbd0, cppcheck=..., argv=<optimized out>) at cli/cppcheckexecutor.cpp:884
 #7  0x00005555557fda92 in CppCheckExecutor::check (this=this@entry=0x7fffffffdbd0, argc=argc@entry=14, argv=argv@entry=0x7fffffffdf58) at cli/cppcheckexecutor.cpp:198
 #8  0x00005555555e6358 in main (argc=14, argv=0x7fffffffdf58) at cli/main.cpp:95

DONE
```
2019-09-20 21:29:17 +02:00
Rikard Falkeborn 007b5d3e8d Fix #9343 (memleak FP when return with cast) (#2162)
This was most likely introduced when the checks were changed to run on
the full tokenlist instead of the simplified one.

Take care to warn about cases where casts destroy the pointer, such as

	uint8_t f() {
		void* x = malloc(1);
		return (uint8_t)x;
	}
2019-09-20 15:09:27 +02:00
Daniel Marjamäki 474fed453e memleak: Fixed false negative for sample 2019-08-18 19:45:39 +02:00
Ken-Patrick cb0b057595 8706 (#2066)
* 8706

* Add test case for #8706
2019-08-07 08:04:10 +02:00
amai2012 f02636e995 Refactoring: Convert enums to enum classes 2019-08-02 21:14:29 +02:00
Rikard Falkeborn f95d193e22 Fix #8282 (memleak FP when returning std::pair) (#2039) 2019-07-26 07:03:58 +02:00
Paul Fultz II 4c3191e577 Lower recursion limit when using asan (#2013) 2019-07-24 09:57:53 +02:00
Rikard Falkeborn abea580b78 Fix FP memory leak with unknown function call in condition (#2012)
* Fix FP memory leak with unknown function call in condition

This was introduced in 8513fb81d2 when
fixing memory leaks for global variables allocated in condition. The
refactored code had an inconsistency where c and c++ code behaved
slightly differently when `var` is NULL. This seemed to not have an
impact as the code was written prior to 8513fb81d2,
but when the same code was used for conditions, FPs were introduced.

The introduced FPs were memleak warnings when there should have been an
information message about missing configurations for code like

	void f() {
		char *p = malloc(10);
		if (set_data(p)) {}
	}

Fix this by always returning true if varTok->Variable() is NULL for
both c and c++ code.

* Improve function name
2019-07-18 15:23:19 +02:00
Daniel Marjamäki 5800692fa1 Move and refactor the CheckMemoryLeak::isclass 2019-07-17 08:59:09 +02:00
Rikard Falkeborn 8513fb81d2 Fix #9206 (FP with global variable allocated in condition) (#2007) 2019-07-17 07:43:07 +02:00
Daniel Marjamäki e877683f01 Replace 'unsigned' with 'nonneg' in checkleakautovar 2019-07-16 08:54:21 +02:00
Daniel Marjamäki 4122b2111f astyle formatting
[ci skip]
2019-07-15 12:56:44 +02:00
IOBYTE c2ccfd5f8b Increase Windows stack size to 8M (#1998)
* Increase Windows stack size to 8M

* try to add stack size cmake
2019-07-15 12:39:58 +02:00
IOBYTE 526a86dc60 Fix recursiveCount in CheckLeakAutoVar to really be recursive count. (#1988) 2019-07-13 07:40:24 +02:00
Daniel Marjamäki ae933c20c7 Fixed #1765 (Improve check: delete not handled well when there are extra parentheses) 2019-07-12 18:25:20 +02:00
IOBYTE 74e3114a64 Fix #9097 (Crash on thousands of "else ifs"s in gcc-avr package) (#1982)
* Fix #9097 (Crash on thousands of "else ifs"s in gcc-avr package)

* increase recursion count maximum to 512 because cppcheck was hitting the 256 limit

* 512 was too much for windows
2019-07-12 07:56:05 +02:00
Rikard Falkeborn a1a14b8465 Fix FP with cast pointer to free() (#1961)
This fixes false positives when the pointer passed to free() (or similar
deallocation functions) is cast using a c-style cast.
2019-07-10 09:13:59 +02:00
Rikard Falkeborn 839fcddd8a Fix #6115 (Add support to realloc to cfg files) (#1953)
* Allow to configure realloc like functions

* memleakonrealloc: Bring back tests.

The old memleak checker was removed, and the tests for it was removed in
commit 9765a2dfab. This also removed the
tests for memleakOnRealloc. Bring back those tests, somewhat modified
since the checker no longer checks for memory leaks.

* Add realloc to mem leak check

* Add tests of realloc buffer size

* Configure realloc functions

* Add test of freopen

* Allow to configure which element is realloc argument

* Fix wrong close in test

cppcheck now warns for this

* Update manual

* Update docs

* Rename alloc/dalloc/realloc functions

Naming the member function realloc caused problems on appveyor. Rename
the alloc and dealloc functions as well for consistency.

* Change comparisson order

* Remove variable and use function call directly

* Create temporary variable to simplify

* Throw mismatchError on mismatching allocation/reallocation

* Refactor to separate function

* Fix potential nullptr dereference

As pointed out by cppcheck.
2019-07-05 12:44:52 +02:00
Rikard Falkeborn 60a213e6a5 Fix #9047 (c-style casts before malloc) (#1930)
* Fix #9047 (c-style casts before malloc)

Note that there are still no warnings for c++-style casts

* Fix memleak check with casts of assignments in if-statements

* Fix possible null pointer dereference

As pointed out by cppcheck.

* Add check of astOperand2 when removing casts

This is similar to how it is done in other checks.
2019-07-03 08:39:44 +02:00
Daniel Marjamäki 7a3302b3e3 CheckLeakAutoVar: Fixed FP seen in daca@home 2019-06-02 15:25:54 +02:00
Daniel Marjamäki 4da50942b0 Fixed #8120 (False positive: Memory pointed to by 'p' is freed twice) 2019-05-30 16:22:41 +02:00
Daniel Marjamäki da46bff1b3 CheckLeakAutoVar: Use Library::isSmartPointer() 2019-04-24 15:35:47 +02:00
Daniel Marjamäki bd7790fd8c Update copyright year 2019-02-09 07:24:06 +01:00
Daniel Marjamäki 54cebfaf94 Fixed #8392 (false positive: "Memory leak" with malloc in if) 2019-01-27 10:27:44 +01:00
Daniel Marjamäki 75e367c48b Fixed #8340 (incorrect memleak errors) 2019-01-09 19:50:41 +01:00
Daniel Marjamäki d18f5d8709 CTU: Reuse CheckNullPointer::isPointerDeRef in the nullpointer isUnsafeUsage 2018-12-29 09:26:57 +01:00
Daniel Marjamäki 9d8e5e36eb Added a few TODO comments 2018-11-20 22:57:01 +01:00
Daniel Marjamäki eeda082a2f Refactoring: use range for loops 2018-07-14 09:54:52 +02:00
Daniel Marjamäki d90c38802f Fixed Cppcheck warnings (variable scope can be reduced) 2018-06-21 06:54:56 +02:00
Daniel Marjamäki 79ffe1d4fc Rename _tokenizer, _settings, _errorLogger 2018-06-16 16:10:28 +02:00
Daniel Marjamäki 45379a3aa6 Updated copyright year for modified files
[ci skip]
2018-06-10 22:07:21 +02:00
orbitcowboy 33777c5b72 Improved const correcntess of local variables. 2018-05-29 13:24:48 +02:00
orbitcowboy 1914d5e630 Running astlye 2018-05-25 08:35:37 +02:00
umanamente a3b02d6ece Fixed #8262: false positive memleak (`shared_ptr` in function argument) (#1249)
* Fixed #8262.
checkleakautovar.cpp:
* added `isFunctionCall` (supports template functions)
* smart pointer check in `functionCall`
* updated test case

* Renamed "bracket" to "parenthesis"

* (#8262) Fixed broken test

* (#8262) Code review comments

* (#8262) Renamed `tokOpeningBr` to `tokOpeningPar`
2018-05-22 09:08:23 +02:00
Paul Fultz II 406aa6cf1c Improve support of using a lambda as a deleter (#1246)
* Improve support of using a lambda as a deleter

* Use simple match
2018-05-21 08:22:18 +02:00
Daniel Marjamäki 8c2a5c9813 astyle formatting
[ci skip]
2018-05-06 09:50:53 +02:00
Paul Fultz II 067d82f0ea Check for smart pointer release (#1206) 2018-05-05 18:06:49 +02:00
Daniel Marjamäki f336c2efe7 Refactoring; Renamed Scope::classStart and Scope::classEnd 2018-04-27 22:36:30 +02:00
Paul Fultz II bad66594d6 Fix double free regression with smart pointers (#1184) 2018-04-21 11:24:19 +02:00
Paul Fultz II 7d5a1b1248 Fix shadow warning (#1175) 2018-04-17 08:37:41 +02:00
Daniel Marjamäki a4f8c44432 astyle formatting
[ci skip]
2018-04-16 12:55:37 +02:00
Paul Fultz II 2a657cfd08 Check for double frees when using smart pointers (#1172)
* Check for double frees when using smart pointers

* Some updates from feedback

* Add test for mismatch allocation

* Constants

* Check smart pointer deleter

* Switch order

* Use next

* Add owned state

* Fix handling of leaks

* Use ast for checking addressof operator

* Remove stray character

* Add a test for mismatch allocator

* Add another test for deallocating with custom function
2018-04-16 11:11:13 +02:00
Daniel Marjamäki 9a0756c13f CheckLeakAutoVar: clarify the code; replace magic values with constants, add a comment 2018-04-15 01:53:00 +02:00
Daniel Marjamäki a0906140a6 Suppressions: New extensible Suppressions xml format that allow more attributes. To start with it also allows symbolName. 2018-04-09 06:43:48 +02:00
jrp2014 94048d93f6 Refactor lib/checkleakautovar.cpp 2018-04-05 15:58:28 +02:00
jrp2014 b6504c70ca Improve constness 2018-04-04 21:51:31 +02:00
Daniel Marjamäki c4caee6b18 Updated copyright year 2018-01-14 15:37:52 +01:00
Björge Dijkstra 94031ef11d Fix for conditional memory allocation inside if-condition (#986)
* Add test cases for allocation inside if-condition

* Fix missed memory leak and false positive double free for allocation inside if-condition
2017-10-26 19:11:00 +02:00
Dmitry-Me 2d1c47b474 Omit repeated map access 2017-10-11 17:36:43 +03:00
Daniel Marjamäki 7161daefbd Fixed #8040 (False positive resourceLeak - handle assigned to class instead of scalar) 2017-07-08 22:28:31 +02:00
Daniel Marjamäki 6b48781fdc Fixed #7105 (False positive resourceLeak - socket handle wiped after close) 2017-07-07 21:51:48 +02:00
Daniel Marjamäki 4827751b04 improve constness 2017-07-01 09:10:23 +02:00
Daniel Marjamäki f847631cdb Fixed #5273 (FP memleak: Unknown if() condition should make error inconclusive) 2017-06-30 23:05:09 +02:00
Ayaz Salikhov 28aa939d69 iwyu - include what you use 2017-05-27 04:33:47 +02:00
Daniel Marjamäki 65297ce285 Fixed #7191 (false positive memleak on in-place new) 2017-05-04 19:39:57 +02:00
orbitcowboy 537045b176 Improved const correctness. There are no functional changes. 2017-04-25 14:57:48 +02:00
Daniel Marjamäki 140e086206 Fixed #7738 (False positive deallocret - delete and return NULL pointer) 2017-04-24 22:05:16 +02:00
PKEuS b1f4bd7504 Refactorization: Reimplemented Settings::_enabled as a bitfeld instead of std::set (#7995) 2017-04-11 11:49:26 +02:00
PKEuS 3c8f5b85ae Refactorization: Allocate Token::_values (ValueFlow information) dynamically, reducing size of each token by around 10% 2017-03-27 18:48:34 +02:00
Daniel Marjamäki b5f2fd3c55 Fixed #7738 (False positive deallocret - delete and return NULL pointer) 2017-03-03 18:36:06 +01:00
Daniel Marjamäki 99544069d1 CheckLeakAutoVar: better handling of noreturn functions. Partial fix for #7918. 2017-02-25 11:36:48 +01:00
Simon Martin f43431408b Ticket #7685: Properly handle function calls as argument to a dealloc function. (#853)
Add an optional extended description…
2016-12-29 13:17:46 +01:00
PKEuS 2f6350a0d0 Refactorized Library 2016-12-06 14:09:28 +01:00
PKEuS 54959d1932 CheckLeakAutoVar: Distinguish between new and new[] (#888) 2016-10-09 10:28:19 +02:00
Daniel Marjamäki 4b903a838f Fixed #5522 (CheckLeakAutoVar: Don't treat 'x==p' as dereference of p) 2016-05-26 19:22:38 +02:00
Daniel Marjamäki 54be403f64 Fixed #7026 (Cppcheck does not recognizes the use of a variabile inside lambda function) 2016-05-26 18:07:56 +02:00
Daniel Marjamäki 38741868b5 Fixed #3989 (false positive: memory leak (inline function)) 2016-05-26 17:42:27 +02:00
PKEuS 64d2fd2f57 Added new attribute "arg" to <alloc> and <dealloc> to specify the argument that is allocated/deallocated.
This fixes several issues with allocation functions in windows.cfg, such as HeapAlloc() and VirtualAllocEx() (#7503)
2016-05-22 17:19:14 +02:00
Daniel Marjamäki c23c1f245c Fixed #6989 (incorrect memleak error) 2016-05-21 14:03:28 +02:00
Daniel Marjamäki a5dc76d50c Refactoring, use ast instead of token list to find if variable is used in rhs 2016-05-21 13:45:08 +02:00
Daniel Marjamäki 2668cee3cf Fixed #6397 (FP deallocuse - conditional deallocation and conditional return) 2016-05-15 20:27:44 +02:00
Kamil Dudka efe98883ab checkleakautovar: do not miss 'throw' followed by :: 2016-05-13 21:37:49 +02:00
PKEuS f23668dfcc Fixed false positive doubleFree (#7401) 2016-05-04 12:14:42 +02:00
Daniel Marjamäki 3da997e163 astyle formatting
[ci skip]
2016-02-08 10:44:04 +01:00
Daniel Marjamäki a361f0192d More CheckLeakAutoVar debug output 2016-02-07 19:53:55 +01:00
Daniel Marjamäki 5e10e680da CWE: refactoring. use constants instead of magic numbers. 2016-01-25 20:01:48 +01:00
Roberto Martelloni 5ce69da02d Mapped 26 errors to their CWEs ID. 2016-01-24 20:53:05 +00:00
Lauri Nurmi 996c9244d8 Update copyright year to 2007-2016. 2016-01-01 15:34:45 +02:00
Daniel Marjamäki 0f9d90d2be Changed Copyrights. Removed my name. 2015-11-18 20:04:50 +01:00