ac524c56ad
Reviewed handling of unknown types in ExecutionPathBufferOverrun
2012-06-23 08:15:59 +02:00
7d59d86ed6
Fixed #3893 (Improve check: Array index out of bounds not detected when down conting)
2012-06-16 17:44:51 +02:00
ffb9342084
Added array index out of bounds tests to testsuite.
2012-05-23 23:59:14 +02:00
b3d862e27e
#3838 added todo-testcase
2012-05-23 23:32:58 +02:00
ec00824fd3
Fixed #3357 :
...
- Print "inconclusive" tag in cli
- Fixed inconclusive handling in checkbufferoverrun.cpp
- Merged reportInconclusiveError into reportError by adding an additional parameter "bool inconclusive" which is false per default
2012-05-06 10:37:41 -07:00
4dcb2ef57b
Refactorizations in test suite:
...
- Removed again one custom stringify implementation
- Avoided unnecessary std::string creation in testbufferoverrun.cpp
2012-04-16 20:02:52 +02:00
b37cf11d20
Refactorizations:
...
- Increased encapsulation by making some functions private
- Removed redundant function CheckBufferOverrun::ArrayInfo::declare
- Avoided copy of ArrayInfo object
- Removed unnecessary and suspicious "if(sizeof(int) == 4)"
2012-03-27 19:40:39 +02:00
2be85e9d37
Fixed #3538 (false positive caused by bad tokenizer simplification)
2012-02-01 21:13:26 +01:00
aaa6070fc9
Run astyle.
2012-01-31 18:43:11 +01:00
86a5a9a7bf
fixed wrong testcase
2012-01-31 16:48:05 +01:00
c1e2802175
ticket 3569: added further testcases
2012-01-31 16:25:57 +01:00
7110fa2c0c
added tests for ticket #3569
2012-01-31 16:13:28 +01:00
8cae17fda8
Update year to 2012
2012-01-01 01:05:37 +02:00
7c95c6f680
Array index out of bounds: Added test case for #3428 (same name of structs)
2011-12-18 16:43:46 +01:00
772b8cc37d
Array index out of bounds: Avoid false positives when there are duplicate names for structs
2011-12-18 08:12:42 +01:00
5f712cc213
Array index out of bounds: Fixed false positive when taking address beyond array using calculated array index
2011-12-17 21:35:12 +01:00
95123854ba
Array index out of bounds: Fixed false positive when size is not known.
2011-12-17 13:20:42 +01:00
497c54a1a7
Fixed #3168 (false negative: buffer overflow in subfunction)
2011-12-11 08:16:58 +01:00
ee39f6402c
reverted fix for #3168 , I'll rewrite it
2011-12-10 20:46:10 +01:00
897e8637b4
Fixed #3168 (false negative: buffer overflow in subfunction)
2011-12-10 19:26:12 +01:00
1bef8d1247
Tokenizer: Code cleanups
2011-12-08 17:42:26 +01:00
4884a1dfe0
sanity check for ticket #3387 ( buffer access out of bounds)
2011-12-06 20:53:56 +01:00
344d7e2f34
Fixed #3283 (False negative: array index out of bounds not found for constant string and known array index value)
2011-11-30 19:17:09 -08:00
e0b50719f4
Fixed #909 (improve check: out of bounds of memchr function and out of bounds check)
2011-11-27 07:54:52 +01:00
603a37b08a
added testcase for ticket #3273
2011-11-01 11:52:39 +01:00
dc29d43e83
astyle formatting
2011-10-29 20:27:50 +02:00
d7be62a6f9
Fixed #3221 (FP: Array 'arr[2147483648]' index 0 out of bounds in loop when size unknown to cppcheck)
2011-10-29 20:26:24 +02:00
3413ffef3e
Refactor readlink() buffer check to also handle readlinkat()
2011-10-24 21:23:18 +02:00
b332ea8222
Fixed #3204 (Refactor standards support in Settings)
2011-10-22 09:45:48 +02:00
a52b73f9f9
Fix #3208 (Simplify pointer to standard type, C only)
...
The symbol database is unavailable during token simplification
and &data[0] might return something completely different for C++.
Moved code_is_c() from checkOther to Tokenizer.
2011-10-16 08:09:57 +02:00
7ae39f13cc
Fixed #3198 (Add check for readlink())
2011-10-14 19:45:51 +02:00
6f8e42a5af
changed the astyle formatting flags
2011-10-13 20:53:06 +02:00
b73896bcc5
Fixed #3163 (Out of bounds pointer arithmetic not reset)
2011-10-12 20:54:39 +02:00
abd2525339
Fixed #3161 (Show buffers size info for snprintf() buffer overruns)
2011-10-05 20:17:57 +02:00
65b0fb4519
fix #3153 (false positive buffer access out-of-bounds)
2011-09-30 17:28:59 -04:00
ac070b90f2
fix for loop false positives when zero length arrays present
2011-09-22 21:23:40 -04:00
b349d36c50
fix #3124 (FP: Buffer access out-of-bounds when memset two dimension array (a[5][6]))
2011-09-19 20:32:50 -04:00
3f517b5f23
partial fix for #2960 (false negative: buffer access out of bounds)
2011-09-11 21:51:05 -04:00
40009d091d
add multi-dimension array support to second checkScope and use it for member arrays
2011-09-11 20:42:57 -04:00
0d6592dd2e
use correct checkScope function in CheckBufferOverrun for single dimension member arrays
2011-09-11 19:21:13 -04:00
19928e26d1
refactor to unify functionally identical code in CheckBufferOverrun::checkScope()
2011-09-11 14:00:53 -04:00
547a79d4fe
calculate array size for variable length structures with array at end in CheckBufferOverrun::checkStructVariable() when possible
2011-09-10 10:14:32 -04:00
b0eab2587d
better detection of variable sized structure in CheckBufferOverrun::checkStructVariable()
2011-09-09 08:37:24 -04:00
27bfa2a346
fix some CheckBufferOverrun::checkStructVariable() flase negatives for possible variable length structs
2011-09-09 07:46:06 -04:00
16924c7c7a
fix #3094 (Buffer access out-of-bounds in struct variable)
2011-09-09 07:16:39 -04:00
812a17f294
fix one of the TODO testcases added for #3094 (Buffer access out-of-bounds in struct variable)
2011-09-08 22:44:25 -04:00
65b1a4df19
add soem test cases for #3094 (Buffer access out-of-bounds in struct variable)
2011-09-08 22:41:18 -04:00
7451c5cece
warn when buffer is not zero terminated after memmove
2011-09-05 15:59:41 -04:00
f5d71d1ac5
warn when buffer is not zero terminated after memcpy
2011-09-05 15:41:37 -04:00
3c8988e7a5
warn when buffer is not zero terminated after strncpy
2011-09-05 15:19:38 -04:00
fe85b8779e
fix #2528 (false negative: buffer access out of bounds)
2011-09-04 21:39:52 -04:00
50688b28fd
fix #2889 (false negative: buffer access out of bounds on local struct member)
2011-09-04 19:54:57 -04:00
c2b76cd41f
add some variable length array tests
2011-09-04 14:39:24 -04:00
e782d98241
final fix for #3063 (false negative: multi dimensional arrays not well supported)
2011-09-03 21:51:00 -04:00
d23c58d387
enable: break out 'performance' and 'portability' from the 'style' id. Ticket: #3074
2011-09-03 15:30:30 +02:00
d749e28dc0
another partial fix for #3063 (false negative: multi dimensional arrays not well supported)
2011-09-02 21:07:29 -04:00
d85410de8c
partial fix for #3063 (false negative: multi dimensional arrays not well supported)
2011-09-02 19:35:09 -04:00
ef30da51bf
Fixed #3034 (Cppcheck crash on specific file (truecrypt).)
2011-08-29 19:16:52 +02:00
cf6d04de74
fix #3044 (Symbol database: handle multidim array with unknown dimension 'char a[][4]')
2011-08-28 11:40:55 -04:00
d643397a7e
better message for strncpy zero-terminated check
2011-08-28 09:06:51 -04:00
8c093d0f8a
refactor CheckBufferOverrun::checkScope strncpy check and change experimental to inconclusive
2011-08-27 21:18:39 -04:00
c4fdb8d113
better test for symbol database bug fixed in last commit
2011-08-24 06:53:27 -04:00
8c1efe9bb6
improve message for #3035 (false negative: strcpy(dst, src) where src is bigger than dst)
2011-08-21 15:18:41 -04:00
67e8731a96
partial fix for #3035 (false negative: strcpy(dst, src) where src is bigger than dst)
2011-08-21 14:44:55 -04:00
a30da73d3e
fix #2986 (segmentation fault of cppcheck ( x[y] ))
2011-08-09 19:45:18 -04:00
e2367b4149
Fixed #2976 (False positive: array out of bounds)
2011-08-08 18:22:15 +02:00
999b80bbb8
Buffer overrun: Fix false negative
2011-08-07 17:54:25 +02:00
cfcfa3f000
Use "enabled" list for the style checking.
...
Settings-class currently enables style checking via dedicated
boolean attribute. All other CLI's enable-options are handled
through the enable-list. This commit moves style-check enabling
to use the enable-list.
Main advantage is the consistency how options are handled/stored
in the Settings class. Which also unifies using them for the other
code. You need to enable certain type of checks? Use the
addEnabled()-method. You want to check if certain type of checks
are enabled? Use the isEnabled()-method.
2011-08-07 10:28:52 +03:00
fd7e085c9d
Array index out of bounds: prevent false positive when a dimension for an array is unknown
2011-08-05 13:08:48 +02:00
0186fc0650
tweaked the error message somewhat for id arrayIndexThenCheck
2011-08-05 09:10:07 +02:00
ceb763f57a
Fixed #2956 (False negative: read array and then immediately check the index 'str[i] && i<sizeof(str)')
2011-08-04 11:15:14 +02:00
3cfef6285c
Fixed #2920 (False positive: Array 'arr[0]' index 0 out of bounds (array size and index are unknown))
2011-07-20 07:57:42 +02:00
7dcb68f5a4
CheckBufferOverrun: Detect overflows when buffer is allocated with alloca
2011-07-17 09:35:51 +02:00
e597ad72e7
Fixed #2841 (False positive: Array index out of bounds, can't compare ints to chars)
2011-06-29 18:44:05 +02:00
af7c97f972
Fixed #1684 (false positive: buffer access out of bounds when using extern variable declaration)
2011-05-07 11:34:48 +02:00
e5d43d4ed2
Renamed Settings::stupid to Settings::experimental
2011-04-10 15:55:08 +02:00
30ee9ba6e4
Added Settings::stupid flag that can be used to hide checking that generates false positives.
2011-04-10 13:23:45 +02:00
07fe361964
Fixed #2638 (Tokenizer::setVarId : varid is wrongly given when unknown macro is used)
2011-03-13 17:52:45 +01:00
bea3875386
Fixed #2607 (segmentation fault of cppcheck ( struct C {} {} x))
2011-03-09 21:00:28 +01:00
bf2362d558
Fixed #2634 (False positive: buffer access out of bounds)
2011-03-08 19:49:56 +01:00
7f9dc42ff1
Fix test array_index_24() to share code with environments where plain char is either signed or unsigned.
...
This was done, because that particular test has been already fixed a couple of times and it is still broken in some systems.
2011-02-22 21:46:12 +02:00
bfe28d3b26
Fixed #2597 (False positive: Buffer access out-of-bounds for u_char, uint*_t, ...)
2011-02-20 21:24:57 +01:00
5998ec4af9
Really fix the build failure this time
2011-02-15 14:10:56 -06:00
aacb94c427
Revert "Buffer overruns: Removed TODO test case. We intentionally don't check struct/class arrays fully to avoid false positives"
...
This reverts commit 87cc42e6f0
2011-02-13 22:48:26 +01:00
87cf0949f2
Buffer overruns: Removed TODO test case. We intentionally don't check struct/class arrays fully to avoid false positives
2011-02-13 21:48:13 +01:00
87cc42e6f0
Buffer overruns: Removed TODO test case. We intentionally don't check struct/class arrays fully to avoid false positives
2011-02-13 21:42:35 +01:00
518a495334
Fixed #2576 (False positive: (error) Buffer access out-of-bounds)
2011-02-12 18:34:12 +01:00
318f2e8a57
Fixed #2561 (False positive on array index when using conditional operator)
2011-02-12 11:31:10 +01:00
d8119cd57a
Fix test for architectures where char is unsigned
2011-02-12 02:42:31 -06:00
c7821675dd
Preprocessor: Test handling of strings with multiple spaces (Ticket: #2548 )
2011-02-11 18:57:58 +01:00
757c840633
astyle formatting
2011-01-31 17:26:07 +01:00
f3111b541e
#2528 added todo-testcase
2011-01-31 13:46:51 +01:00
098f0bf3e6
Fixed #2526 (Make TODO_ASSERT_EQUALS take three arguments (value, to_be, as_is)?...
...
Removed replaced EXPECTED with...
WANTED (to-be): The future expected value.
CURRENT (as-is): Documenting how cppcheck behaves now.
This removes the need for an ASSERT_EQUALS but enforces the check for every TODO_ASSERT_EQUALS.
2011-01-30 23:20:11 +11:00
9d3b242cd8
Fixed #1952 (false negative: buffer acces out of bounds with memcpy)
2011-01-22 21:31:26 +01:00
226b605774
Change year 2010 -> 2011 in license texts.
2011-01-09 21:33:36 +02:00
79ef02812d
Fixed #2211 (false negative: buffer access out of bounds for(int i=0; i !=6;i++))
2011-01-09 18:51:28 +01:00
b750a52f6d
Improve strncat 3rd parameter usage warning message.
...
See forum thread:
https://sourceforge.net/apps/phpbb/cppcheck/viewtopic.php?f=3&t=192
2011-01-04 23:17:44 +02:00
4ec9d418ff
Fixed #2215 (Improve check: Writing outside malloc bounds not detected)
2011-01-01 20:56:21 +01:00
2da3fea1b8
Fixed #2386 (segmentation fault occurs in the checking when typedef has same name as an enum constant)
2010-12-31 20:55:28 +01:00
04eb9cf305
Fixed #2378 (Refactoring: create utility function that skips redundant if/for/while)
2010-12-31 18:07:46 +01:00
ed6c76ce04
Fixed #2385 (False positive: array index out of bounds)
2010-12-31 17:43:38 +01:00
38e7209d26
Fixed #2373 (Using XML2 in --errorlist output)
2010-12-29 12:43:29 +01:00
bdf0cb7115
Fixed #2370 (false negative: Buffer access out-of-bounds (for with if, no break))
2010-12-28 20:46:31 +01:00
6aa400fd80
Buffer overrun: UB when pointer arithmetic result points out of bounds. Ticket #1774
2010-12-26 21:23:28 +01:00
8247270f35
Fixed #2328 (false positive: buffer overrun (for loop with a break => the end value is not reached))
2010-12-19 10:39:43 +01:00
f6c00fc478
Fixed #2323 (false positive: Buffer access out of bounds)
2010-12-18 10:54:36 +01:00
eb0231b48f
astyle formatting
2010-12-16 20:15:22 +01:00
5ce63a1df0
Fixed #2292 (segmentation fault with cppcheck 1.46 with --errorlist)
2010-12-13 18:17:33 +01:00
f12c0c7ada
Tokenizer: add assert(_settings) to Tokenizer to insure the tokenizer always has settings. Ticket: #2219
2010-12-01 18:00:55 +01:00
ec6edaee6e
Buffer overflow: Added unit test that makes sure that array index out of bounds is detected inside loop. Ticket: #2199
2010-11-21 12:24:57 +01:00
66c2825b23
Fixed #2210 (False positive: buffer overrun (snprintf, unknown type))
2010-11-18 19:26:46 +01:00
586f4992d8
Tokenizer::simplifyKnownVariables: Fixed TODO test cases in TestBufferOverrun
2010-11-07 17:42:32 +01:00
fb068a4e71
Fixed #2170 (false positive: After a strncpy() the buffer should be zero-terminated)
2010-11-07 09:37:45 +01:00
dd41c74d7f
Fixed #2136 (false negative: array bounds)
2010-11-06 09:10:10 +01:00
52faadda89
Tokenizer: simplify calculations with zero better
2010-11-05 20:35:31 +01:00
b55f6458a2
Fixed #2120 (False positive: array index out of bounds (unknown type in struct, sub function))
2010-10-30 12:32:43 +02:00
79583ee45d
#2133 (cppcheck: floating point exception)
2010-10-26 20:05:34 +02:00
306587b1d0
Buffer overruns: Fixed TODO test case
2010-10-24 11:32:27 +02:00
f3c6c64e9a
Fixed #2121 (False positive: Buffer access out-of-bounds when using uint32_t)
2010-10-23 13:12:17 +02:00
5deb046ac5
Fixed #2120 (False positive: array index out of bounds (unknown type in struct, sub function))
2010-10-23 08:49:03 +02:00
9fdc03fc1d
Fixed #2117 (false positive: buffer access out of bounds)
2010-10-22 20:15:51 +02:00
2ca7dbc004
Fixed #2109 (false positive: buffer overrun)
2010-10-19 18:23:44 +02:00
92a1e9e76e
Severities: Added 'warning' and 'performance' severities. No changes to the command line options nor to the XML format. Ticket: #2106
2010-10-17 14:41:00 +02:00
ba2b986ece
Fixed #2097 (false positive: buffer access out of bounds)
2010-10-14 20:00:32 +02:00
b6c995ea47
Fixed #2096 (False positive: buffer overrun (extern array))
2010-10-13 20:57:59 +02:00
229604b3e3
Fixed #2093 (False positive: buffer access out of bounds (unknown type))
2010-10-13 18:06:50 +02:00
9e15c4ef38
Fixed #2088 ([test.c:12]: (error) Buffer access out-of-bounds: l)
2010-10-12 19:35:20 +02:00
74bf1821e6
Array index: detect array index out of bounds when datatype is unknown. Ticket: #2086
2010-10-11 20:52:14 +02:00
a73ada54d5
Fixed #1705 (false negative: access past end of buffer)
2010-10-10 09:15:18 +02:00
e7f7c77eab
Fixed #1948 (C++ class scoping not followed)
2010-08-24 22:04:14 +02:00
248bb3b6e8
Fixed #1935 (false negative: detect buffer overrun from network functions (recv, recvfrom..))
2010-08-14 20:19:23 +02:00
1b2f16f443
Buffer overflow: Fixed two TODO test cases
2010-08-05 11:01:47 +02:00
33bf8bf730
Fixed #1670 (False negative: Array index out of bounds in return statement)
2010-08-04 20:38:52 +02:00
bea714445a
Fixed #1850 (An access to a nested std::map via a negative integer key is reported as 'Array index out of bounds')
2010-07-14 12:24:07 +02:00
b02fc037ed
Buffer Overrun: Fixed false positive when variable is reassigned in called function
2010-07-05 22:19:27 +02:00
18bb7488b9
Fixed #1787 (false negative: out of bounds in derived class)
2010-06-13 07:17:50 +02:00
0d34416bce
added TODO_TESTCASE for ticket 1734: Array index out of bounds
2010-06-06 16:20:50 +02:00
5789eb116d
astyle formatting
2010-06-02 18:09:25 +02:00
33b4254d33
Fixed #568 (string functions with command line arguments may overflow buffer)
2010-06-01 22:41:07 -07:00
7601089bee
astyle formatting
2010-05-29 11:19:56 +02:00
59086fa599
Fixed #818 (Detect sprintf buffer overrun with struct members)
2010-05-28 22:51:28 -07:00
d23f63c805
astyle formatting
2010-05-26 19:21:34 +02:00
619cfbc56f
Fixed #168 (buffer overflow: not enough room for the null terminator)
2010-05-26 01:56:34 -07:00
c31accc52a
Fixed #1695 (Ticket #1614 is broken using latest from git)
2010-05-19 19:23:09 +02:00
f8442391af
astyle formatting
2010-05-17 19:51:35 +02:00
71e5c56bf9
Fixed #1418 (false negative: buffer access out of bounds)
2010-05-16 23:53:42 +02:00
01034cd48d
Refactoring: Removed 'possible error' message about cin
2010-05-16 19:09:36 +02:00
26fab24de4
Refactoring: Removed some inconclusive checking in CheckBufferOverrun
2010-05-16 15:30:39 +02:00
0415560912
refactoring: changed the severity for strncatUsage from possibleError to style
2010-05-02 09:54:08 +02:00
883d462553
refactoring: Use style severity instead of possible error for the 'The size argument is given as a char constant'
2010-05-02 09:16:45 +02:00
Daniel Marjamäki
Daniel Marjamäki
Ettl Martin
PKEuS
Edoardo Prezioso
Ettl Martin
Reijo Tomperi
Zachary Blair
Marek Zmysłowski
Thomas Jarosch
Robert Reif
Kimmo Varis
Raphael Geissert
Erik Lax
Pete Johns
Daniel Marjamäki
Martin Ettl
Monika Lukow