Commit Graph

627 Commits

Author SHA1 Message Date
Daniel Marjamäki fb2198fd6b Travis: Try to fix test 2019-03-16 09:28:00 +01:00
Daniel Marjamäki f40a80c349 Use 'normal' checking instead of 'simplified' 2019-03-16 07:19:48 +01:00
Daniel Marjamäki 81a1d744c6 CheckBufferOverrun: fix FP for array definition of static class member 2019-03-13 06:39:09 +01:00
Daniel Marjamäki 67e8b99c2c CheckBufferOverrun: Readd a check for strncpy/memcpy/etc 2019-03-12 21:15:26 +01:00
Daniel Marjamäki 0c08f6db6c CheckBufferOverrun: Use AST to lookup array 2019-03-12 06:46:38 +01:00
Daniel Marjamäki ea23033a65 Array index out of bounds: Fix false positive 2019-03-11 20:33:08 +01:00
Daniel Marjamäki bd048085bd Add CheckBufferOverrun::arrayIndexThenCheck 2019-03-11 19:20:06 +01:00
Daniel Marjamäki 729f57d8f1 Start a major rewrite of CheckBufferOverrun. For now only the 'array index' and 'buffer overflow' checks are rewritten.
There are important TODOs still; for instance adding CTU support using our CTU infrastructure, add handling of pointers (maybe I'll use FwdAnalysis for this), add handling of multidimensional arrays, etc..
2019-03-11 12:34:33 +01:00
amai2012 eb9edbc177 #9024 Crash caused by package "procserv" in lib/token.h:921 function Token::getKnownIntValue - Fix and test for alternative code example. 2019-03-08 11:07:33 +01:00
Daniel Marjamäki c32d015337 Fixed false positives from terminateStrncpy 2019-03-06 18:50:50 +01:00
Daniel Marjamäki bd7790fd8c Update copyright year 2019-02-09 07:24:06 +01:00
Paul Fultz II 4b37f276c2 ValueFlow: Set arrays to true when converting to a boolean
This sets it by checking the parent. It doesn't handle function parameters yet.
2019-01-21 20:05:35 +01:00
Daniel Marjamäki 8dd641b8be Use OVERRIDE in test 2019-01-12 15:45:25 +01:00
Daniel Marjamäki bc34f0239d Disable the subfunction value flow analysis. It does not work well and needs to be rewritten. There are false positives. 2018-12-18 14:36:49 +01:00
orbitcowboy 0858488825
insecureCmdLineArgs: Fixed FN in case strdup() copies argv[]. (#1438)
* insecureCmdLineArgs: Fixed FN in case strdup() copies argv[].

* Formatted the code. There are no functional changes intended.

* Changes due to review comments from Daniel.
2018-10-19 11:04:15 +02:00
orbitcowboy a6e8270474
insecureCmdLineArgs: Fixed false negatives in case arguments are const. (#1419)
* insecureCmdLineArgs: Fixed false negatives in case arguments are const.

* Formatted the code, there are functional changes.

* Simplified matching as suggested by Daniel.
2018-10-15 10:05:43 +02:00
Daniel Marjamäki 20121b34d8 Fixed #7718 (False positive: out of bounds of already resized std::string) 2018-10-09 06:53:26 +02:00
Daniel Marjamäki f388c77042 Fixed #8721 (Regression: False positive array index out of bounds) 2018-08-31 18:25:43 +02:00
Daniel Marjamäki 27aae8d032 Fixed #8644 (crash (CheckBufferOverrun::checkGlobalAndLocalVariable): local function) 2018-08-30 10:04:07 +02:00
Simon Martin acb0b9f07e Ticket #8679: Add support for C++11 thread_local and GCC's (among others) __thread extension. (#1351) 2018-08-26 19:46:36 +02:00
rebnridgway 42a65c5160 Fix crash bug #8579 (#1238)
* Added declaration for deletePrevious function

* Added definition for deletePrevious function

* Fixed crash from deleteThis invalidating pointers

The crash was caused by deleteThis() invalidating the pointer to a constant variable usage.  This happened when a usage followed an assignment.  This fixes bug #8579.

* Added tokensFront to match tokensBack

This means deletePrevious can set the list's front if necessary.

* Initialised tokensFront in appropriate places

* Switched to using default Token constructor

* Switched to using Token default constructor

* Switched to using default constructor for Token

* Added missing argument to Token constructor

* Changed to use default constructor for Tokens

* Switched to using default constructor for Tokens

* Switched to using default constructor for Token

* Added new test for deleting front Token

Also made sure to use the correct constructor for Token in other tests.

* Syntax error

* Replaced tokensFront and tokensBack with a struct

This decreases the size of the Token class for performance purposes.

* Replaced tokensFront and tokensBack with a struct

* Added tokensFrontBack to destructor

* Reworked to use TokensBackFront struct

Also ran astyle.

* Reworked to use TokenList's TokensFrontBack member

* Reworked to use TokensFrontBack struct

* Reworked to use TokensFrontBack struct

* Reworked to work with TokensFrontBack struct

* Removed unnecessary scope operator

* Added missing parentheses

* Fixed syntax error

* Removed unnecessary constructor

* Default constructor now 0-initialises everything

This is safer for not using a temporary TokensFrontBack object, and doesn't use delegating constructors which aren't supported yet.

* Fixed unsafe null check

* Added missing explicit keyword

* Fixing stylistic nits

Removed default constructor as it has been superseded by the single-argument constructor with a default argument value.
Renamed listEnds to tokensFrontBack.
Fixed if statement that was supposed to be adding safety but would actually cause a crash if tokensFrontBack was null.

* Fixing stylistic nits

Removed default constructor and replaced it with a single-argument constructor with a default value.

* Fixing stylistic nits

Renamed _listEnds to _tokensFrontBack.

* Fixing stylistic nits

Renamed _listEnds to _tokensFrontBack.
2018-05-25 07:15:05 +02:00
IOBYTE ce50df8047 Fix override warnings. (#1234) 2018-05-15 16:37:40 +02:00
Daniel Marjamäki 8c2a5c9813 astyle formatting
[ci skip]
2018-05-06 09:50:53 +02:00
Paul Fultz II 0561877182 Fix false positive with negative array index in issue 8536 (#1202)
* Fix FP with negative array index in valueflow

* Remove values when valueflow fails

* Add valueflow test
2018-05-06 08:35:29 +02:00
PKEuS bbfcccf078 Refactorization: Replace several push_back-sequences by initializer lists 2018-04-09 09:41:24 +02:00
Daniel Marjamäki 7e4dba6a7e Updated copyright year 2018-03-31 20:59:09 +02:00
IOBYTE 5bc039b7da Fix #6367 and #8439 (improve sizeof value flow support) (#1132) 2018-03-23 08:28:12 +01:00
Daniel Marjamäki bc40f5041d Fixed #6356 (Improve checking: pointer arithmetic "ab.a + 100" overrun) 2018-01-27 15:39:39 +01:00
Daniel Marjamäki c4caee6b18 Updated copyright year 2018-01-14 15:37:52 +01:00
Daniel Marjamäki 7d2450e445 Fixed #1478 (false negative: buffer access out of bounds not detected after free and malloc) 2017-12-31 14:58:26 +01:00
Ayaz Salikhov 28aa939d69 iwyu - include what you use 2017-05-27 04:33:47 +02:00
Daniel Marjamäki 040d2f0012 Use simplecpp lexer in test cases 2017-05-18 21:52:31 +02:00
Daniel Marjamäki 7fd04cd8d0 Updated Token::expressionString(), write '->' instead of '.' 2017-04-30 14:22:18 +02:00
Simon Martin b526fd7c49 Ticket #7964: Don't crash on valid code using function pointers named strcpy or strcat in main(). 2017-04-21 23:36:10 +02:00
PKEuS b97779591e Fixed unit test in testbufferoverrun.cpp 2017-04-11 23:00:33 +02:00
PKEuS 680828788b Fixed false negative in CheckBufferOverrun::checkInsecureCmdLineArgs(), removed redundant tests 2017-03-27 11:30:07 +02:00
PKEuS 171e1b8244 Fixed false negatives in CheckBufferOverrun::arrayIndexThenCheck() 2017-03-27 11:07:49 +02:00
Daniel Marjamäki f0d91fb74b Fixed #7869 (False positive: Array index out of bounds) 2016-12-20 22:01:19 +01:00
Daniel Marjamäki f5ad7482a8 CheckBufferOverrun: Skip warnings about array index out of bounds in unions. Theoretically, the array is at least as large as the biggest union member. 2016-12-18 22:10:30 +01:00
Daniel Marjamäki 461e5cc5c9 CheckBufferOverrun: Moved check from simplified to normal. This fixes a FP in asterisk. 2016-12-18 11:14:05 +01:00
Daniel Marjamäki a61f4e9c94 Fixed #7831 (false-positive: terminateStrncpy) 2016-11-24 07:04:58 +01:00
Daniel Marjamäki 5b377ea2e4 Fixed #7821 (segmentation fault, invalid last token) 2016-11-20 14:15:51 +01:00
PKEuS 3f4fe8f578 Refactorized CheckBufferOverrun:
- Removed redundant code
- Apply non-simplified checking in test suite
2016-07-27 17:28:43 +02:00
PKEuS 44a19b527e Use ValueFlow and SymbolDatabase to detect buffer overflows with new and malloc, improving support for enums (#7576) 2016-07-08 20:53:08 +02:00
PKEuS 644a216394 Fixed two false positives related to char arrays initialized by a literal:
- Run check for writing to string literals on non-simplified token list (#7283)
- Run buffer overrun checking for string literals on non-simplified token list (https://sourceforge.net/p/cppcheck/discussion/general/thread/2c33dfc5/)
2016-07-07 19:38:15 +02:00
umanamente 0f11007c19 Fixed #7083 (false positive: typedef and initialization with strings) 2016-06-21 22:42:46 +02:00
PKEuS 8c0eab3eb3 Optimization: Improved performance of CheckBufferOverrun::checkScope() when dealing with a large number of arrays (#5975)
-> checking time decreases from 1010s to 50s on the code snippet in #5975
-> Dropped a garbage code unit test
2016-05-25 14:42:00 +02:00
Daniel Marjamäki 659cd96b03 Fixed #7209 (False positive: Array index used before limits check reported in sizeof) 2016-01-24 14:06:02 +01:00
Lauri Nurmi 996c9244d8 Update copyright year to 2007-2016. 2016-01-01 15:34:45 +02:00
Daniel Marjamäki 9c3f25603e CheckBufferOverrun: Remove old checking of strings and use new ValueFlow-based checking instead (#6973) 2015-11-30 16:36:52 +01:00
Daniel Marjamäki 0f9d90d2be Changed Copyrights. Removed my name. 2015-11-18 20:04:50 +01:00
Daniel Marjamäki 5074c11b53 CheckBufferOverrun: Fixed FP when accessing string that contains '\0'. Refactoring address-of. 2015-11-09 10:30:39 +01:00
Daniel Marjamäki ef5be435c7 Fixed #7113 (False positive arrayIndexOutOfBounds - using pointer alias with cast) 2015-11-08 17:21:32 +01:00
Daniel Marjamäki 7d6e1974eb Fixed #7104 (False positive arrayIndexOutOfBounds) 2015-11-08 09:30:23 +01:00
Daniel Marjamäki 9c7271a5e9 CheckBufferOverrun: The simplifyKnownVariables() has been reduced, use ValueFlow instead 2015-11-07 18:12:01 +01:00
PKEuS 0a34b206e8 Refactorization: Reduced code duplication in test suite 2015-10-08 11:35:51 +02:00
PKEuS 3a5cef8a7e Refactorization: Improved usage of Settings instances in test suite 2015-10-07 18:40:03 +02:00
Alexander Mai 8d2c4453ad Small optimizations for C code in Tokenizer. Add some regression tests for recently fixed results 2015-08-29 19:00:09 +02:00
Alexander Mai 66e4faa621 Add regression test for true negative argumentSize 2015-08-29 11:14:13 +02:00
PKEuS 128a926d9d Collected some more garbage code tests in testgarbage.cpp; Avoid std::string creation in testgarbage.cpp 2015-08-16 19:12:12 +02:00
Martin Ettl 42a406ac5f testbufferoverrun: Removed duplicate test case. 2015-07-30 22:42:45 +02:00
Daniel Marjamäki 6790d91fbb Improve error messages for conditional values. make valueFlowSwitchVariable values conditional that depend on the case. Partial fix for #6884. 2015-07-29 19:54:57 +02:00
Daniel Marjamäki c5bbea2994 Fixed #6816 (FP: buffer overflow, checkminsizes of array with string value) 2015-07-27 16:39:41 +02:00
PKEuS 176b3925b3 Removed "verify" code in testrunner. Fixing its messages reduces the accuracy of the test suite. 2015-07-25 14:18:41 +02:00
Daniel Marjamäki fef251ac76 negative array size: fixed noise when array is not vla 2015-07-04 09:42:42 +02:00
Daniel Marjamäki 0ca410a4d7 Fixed #6668 (False positive bufferAccessOutOfBounds on sprintf() - regression) 2015-06-07 14:01:20 +02:00
Daniel Marjamäki baa1ae079d New check: negative size in array declaration. Ticket #1760 2015-05-03 15:00:47 +02:00
Dmitry-Me d735918a8a Constructor parameter type need not be a number 2015-03-25 14:56:45 +03:00
PKEuS bc5132e0ac Refactorization: Moved declaration of errout, ... to testsuite.h, uniformized style 2015-03-11 22:54:43 +01:00
Daniel Marjamäki cc0f61376a more cleanup of std.cfg testing in TestBufferOverrun 2015-02-14 18:55:54 +01:00
Daniel Marjamäki e510902d58 TestBufferOverrun cleanup some more std.cfg testing 2015-02-14 17:30:08 +01:00
Daniel Marjamäki 360ec9d853 updated TestBufferOverrun test case. Since checker doesn't use library dont load std.cfg. 2015-02-14 16:44:08 +01:00
Daniel Marjamäki 0c0d62171e removed duplicate testcase. See testcase for #836 2015-02-14 16:41:51 +01:00
Daniel Marjamäki a57d5d7eda moved testcases 2015-02-14 16:37:48 +01:00
Daniel Marjamäki e01b30345e move testcases in TestBufferOverrun 2015-02-14 16:29:05 +01:00
Daniel Marjamäki 166db40af2 Fix TestBufferOverrun test case, it was wrongly written. 2015-02-14 15:51:13 +01:00
Daniel Marjamäki c43d537726 renamed TestBufferOverrun test method to same name as CheckBufferOverrun method that is tested 2015-02-14 15:49:17 +01:00
Daniel Marjamäki 2b7c7134e1 TestBufferOverrun: move memset test 2015-02-14 15:46:00 +01:00
Daniel Marjamäki e0d90c00be TestBufferOverrun: Cleanup testcases for memory functions 2015-02-13 16:16:59 +01:00
Daniel Marjamäki 2d21eb07ba Cleaned up snprintf hardcoding in CheckBufferOverrun 2015-02-13 06:44:38 +01:00
Daniel Marjamäki a6cfd15bde refactoring TestBufferOverrun 2015-02-12 17:36:22 +01:00
Daniel Marjamäki 9aad4fa8ca CheckBufferOverrun: Remove hardcoding for sprintf and rely on cfg configuration instead 2015-02-12 17:29:36 +01:00
Daniel Marjamäki d9deabe2ce TestBufferOverrun: clean up 2015-02-10 17:29:36 +01:00
Daniel Marjamäki 53718047f1 refactoring TestBufferOverrun 2015-02-10 06:49:48 +01:00
Daniel Marjamäki 9aa0420472 TestBufferOverrun: Moved out cfg tests. Created minsize-mul testing in TestBufferOverrun 2015-02-10 06:44:19 +01:00
Daniel Marjamäki ce1d0099cf TestBufferOverrun: Moved out cfg tests. Created minsize-argvalue testing in TestBufferOverrun 2015-02-10 06:35:41 +01:00
Daniel Marjamäki 631536980c TestBufferOverrun: split up strncpy testing, keep checker testing in TestBufferOverrun and move cfg tests to cfg test 2015-02-09 16:20:28 +01:00
PKEuS f78744ac30 Fixed AST generation if expression starts with ternary operator 2015-02-01 14:02:19 +01:00
PKEuS 21cb0cfd60 Take simplifyIfNotNull and simplifyIfNot out of simplifyTokenList1 (first step for #6072) 2015-01-31 20:12:02 +01:00
Daniel Marjamäki 73113c67e7 Fixed #6480 (False positive unreachableCode - member function exit called instead of ::exit()) 2015-01-31 16:55:55 +01:00
Daniel Marjamäki 57ec1aea91 Library: Don't rely on ast in isNotLibraryFunction since it's used in tokenizer 2015-01-31 10:24:10 +01:00
PKEuS 98e33a189f Enhanced CheckBufferOverrun:
- Fixed bug in library: manual and existing libraries use "size", but library.cpp reads "sizeof" as podtype attribute
- Fixed a couple of bugs in handling unknown size in checkbufferoverrun.cpp, get size from library if available.
2015-01-30 20:27:48 +01:00
PKEuS 3274a00b82 Moved some more tests to testgarbage.cpp 2015-01-21 10:04:46 +01:00
Daniel Marjamäki 6a8293a8b7 Library: More strict matching of functions 2015-01-08 19:31:41 +01:00
Daniel Marjamäki ff11ba9847 Updated copyright year to 2015 2015-01-03 12:14:58 +01:00
Daniel Marjamäki 6194a4eefd Fixed #6357 (Improve check: pointer arithmetic 'p+x' overrun, conditional x) 2014-12-26 09:12:00 +01:00
Daniel Marjamäki 7ab12cea63 Improved pointer arithmetic message 2014-12-25 14:31:46 +01:00
Daniel Marjamäki bc594d52c8 Fixed #6349 (Pointer arithmetic: clarify message) 2014-12-25 10:05:55 +01:00
Daniel Marjamäki 7cfa54f0e0 Fixed #6353 (False positive: CheckBufferOverrun checking reassigned array function parameter) 2014-12-24 14:03:52 +01:00
Daniel Marjamäki 1b2a23b3fe Fixed #6350 (Tokenizer::simplifyCast: set Token::isCasted when cast is removed) 2014-12-23 16:16:14 +01:00
Daniel Marjamäki 10ae551fef CheckBufferOverrun: Use portability warning for pointer arithmetic UB. It can be used by intention and usually works as intended. 2014-12-22 10:56:17 +01:00
Daniel Marjamäki 93ac5a41cd Fixed #6346 (pointer calculation overflow) 2014-12-22 09:38:00 +01:00
Daniel Marjamäki a95e5bff2b Fixed #6344 (false positive: out of bounds access when array size is unknown) 2014-12-20 18:50:08 +01:00
Daniel Marjamäki a1537e1a6e Fixed #6339 (false negative: array index out of bounds on allocated buffer using valueflow) 2014-12-17 16:23:48 +01:00
Alexander Mai c2584aa635 #6303 crash in CheckBufferOverrun. Add check on loop variable in CheckBufferOverrun::checkScope(). 2014-12-04 20:49:58 +01:00
Daniel Marjamäki 051d42ae6b astyle formatting 2014-11-20 14:20:09 +01:00
orbitcowboy f5d804f71a running astyle 2014-11-20 10:13:03 +01:00
Frank Zingsheim 71c5d4bd60 Ticket #6232 (cppOut of bounds array access)
--HG--
extra : rebase_source : 79ed3533a12a486ea3ed3f09f9bc55b1a4771161
2014-10-21 22:56:53 +02:00
PKEuS 6955e719cf Collected garbage code tests and moved them to testgarbage.cpp 2014-10-16 10:59:46 +02:00
PKEuS 68b26f8faa Fixed subsequent false negatives in CheckBufferOverrun::checkInsecureCmdLineArgs() (#5835) 2014-09-29 15:38:33 +02:00
Alexander Mai ccd80e3407 #6141 FP: Unknown type is assumed to have size 0. 2014-09-27 21:51:11 +02:00
Dmitry-Me 1e298a31cf Refactoring tests. Use utility function to warn about unsimplified code in tests. 2014-09-13 12:59:32 +02:00
PKEuS 4c18967329 Added unit test for #5849 2014-08-31 21:45:38 +02:00
Daniel Marjamäki b6355b991f Fixed #6070 (false positive: Array 'array[8192]' accessed at index 8192, which is out of bounds) 2014-08-19 07:03:00 +02:00
Daniel Marjamäki 47a2b35e98 BufferOverrun: Use ValueFlow string values more 2014-08-04 08:25:10 +02:00
Daniel Marjamäki 5de1e35350 CheckBufferOverrun: Fixed minsize checking of string literals. Check sizeof string instead of strlen. 2014-07-30 20:35:21 +02:00
Daniel Marjamäki 254b6438b9 CheckBufferOverrun::checkStringArgument: sizeof string is strlen+1 2014-07-08 16:04:09 +02:00
Daniel Marjamäki 9a4bd73a18 Fixed unit test 2014-07-08 08:02:02 +02:00
Daniel Marjamäki 0fd334911a Fixed #5257 (Check memcpy size for string literals) 2014-07-06 08:41:39 +02:00
Daniel Marjamäki 53aa2f5982 astyle formatting
[ci skip]
2014-07-06 07:16:28 +02:00
amai2012 77095e2b05 Add some more functions to posix.cfg which allow to enable TestBufferOverrun::buffer_overrun_1_posix_functions
Fix some compiler warnings on MSVC
2014-07-05 22:47:10 +02:00
Daniel Marjamäki a3acc3241e Library: Added <minsize> element used for buffer overrun checking 2014-07-05 20:31:43 +02:00
Daniel Marjamäki 6c8558c112 CheckBufferOverrun: Removed old for-loop handling. This is handled through ValueFlow from now on. 2014-06-27 06:46:42 +02:00
Daniel Marjamäki 036b2f8ccf CheckBufferOverrun: Added bufferOverrun2 that is based on ValueFlow/SymbolDatabase/Ast from the start. Replaced some old checking. 2014-06-26 17:36:20 +02:00
Simon Martin 966491d40b Added a test for out-of-bounds character array access. 2014-05-27 16:21:13 +02:00
PKEuS effa38c322 Fixed #5863 (False positive: array index is used before limits check) 2014-05-24 17:50:01 +02:00
PKEuS 04fbbdb5e8 Refactorized CheckBufferOverrun::arrayIndexThenCheck() and fixed false negative 2014-05-10 13:00:44 +02:00
Daniel Marjamäki ed1d63ffc0 Fixed #5636 (FP: matrix out of bounds) 2014-05-03 18:12:06 +02:00
Alexander Mai 89dc652af9 #5631 Typo and misleading error message in negativeMemoryAllocationSize 2014-04-08 20:23:00 +02:00
Daniel Marjamäki e5301b2b7a ValueFlow: Improved valueflow of for loop 'for (i=a; i<10; i++)' => unknown start value but end value is known 2014-03-29 20:20:22 +01:00
PKEuS 1c58628223 Handle pointer/reference to array in setVarId (#2645) 2014-03-28 16:10:27 +01:00
PKEuS 63254b33f9 Fixed uncaught exception in testbufferoverrun.cpp 2014-03-27 19:55:11 +01:00
Daniel Marjamäki 6da9cca4ab fixed unit test that I broke by mistake 2014-03-25 21:45:25 +01:00
Daniel Marjamäki 87daf5783e buffer overflow: clean up old checking for negative index 2014-03-25 20:37:32 +01:00
Daniel Marjamäki c8004a8d31 Buffer overruns: Use ValueFlow to detect negative index 2014-03-25 18:22:22 +01:00
Daniel Marjamäki aa05bf0f16 ValueFlow: Improved abstract interpretation 2014-03-24 06:48:06 +01:00
Daniel Marjamäki dbc8273cb7 ValueFlow: improved abstract interpretation of for loops 2014-03-24 00:16:02 +01:00
Daniel Marjamäki b6276058da Value Flow: Improved abstract interpretation of arithmetical expressions 2014-03-22 19:02:33 +01:00
PKEuS 49b25b05d9 Fixed crash in CheckBufferOverrun on garbage code (#5595) 2014-03-21 13:20:44 +01:00
Daniel Marjamäki e240282443 Value Flow: Another try with the abstract interpretation of for loops 2014-03-17 18:43:47 +01:00
Daniel Marjamäki 8c3f2c2ad9 Revert 894a65b0. abstract interpretation of for loops. there was some crashes and performance problems. I will fix those problems when I have time and recommit. 2014-03-16 08:38:52 +01:00
Daniel Marjamäki 894a65b0b1 ValueFlow: Refactor the for-loop handling. Use abstract interpretation. 2014-03-15 11:29:33 +01:00
Daniel Marjamäki 7fa73c0d64 Merge pull request #256 from xypron/5505
5505: FP: Array accessed out of bounds
2014-03-09 08:47:18 +01:00
Heinrich Schuchardt bd67db96f1 5505: FP: Array accessed out of bounds
CheckBufferOverrun::checkFunctionParameter alreacy considered usage of a
function parameter inside an if block as a special case.

With the patch the same is done for switch statements.

A test is added.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2014-03-07 19:51:13 +01:00
Daniel Marjamäki fd3a8a2a18 Update copyright 2014-02-15 07:45:39 +01:00
Martin Ettl 6ca7daec10 Fixed #389: Providing negative value to memory allocation function. 2014-02-01 22:38:29 +01:00
Daniel Marjamäki 9aa9530e0d Fixed #5426 (crash: btrfs-progs cmds-inspect.c) 2014-01-31 06:19:36 +01:00
Daniel Marjamäki abe8439917 Fixed #5416 (False positive: Array accessed at index, which is out of bounds.) 2014-01-28 16:55:10 +01:00
Daniel Marjamäki 0dbb86f0cb Cleanup ExecutionPath from CheckBufferOverrun 2014-01-22 21:25:37 +01:00
Daniel Marjamäki b91f42453b value flow: improved handling of cast 2014-01-20 22:26:55 +01:00