Commit Graph

21318 Commits

Author SHA1 Message Date
Paul Fultz II ba037837c9 Track lifetime across multiple returns
This will now warn when doing something like this:

```cpp
template <class T, class K, class V>
const V& get_default(const T& t, const K& k, const V& v) {
    auto it = t.find(k);
    if (it == t.end()) return v;
    return it->second;
}
const int& bar(const std::unordered_map<int, int>& m, int k) {
    auto x = 0;
    return get_default(m, k, x);
}
```

The lifetime warning is considered inconclusive in this case.

I also updated valueflow to no tinject inconclusive values unless `--inconclusive` flag is passed. This creates some false negatives because library functions are not configured to not modify their input parameters, and there are some checks that do not check if the value is inconclusive or not.
2019-09-11 19:25:09 +02:00
warmsocks a56bc006b7 Fixed a typo in lib/checkother.cpp. Corrected spelling errors found by codespell. (#2170) 2019-09-11 19:21:38 +02:00
orbitcowboy 55e8691bee wxwidgets.cfg: Added support for wxDC::CopyAttributes(). 2019-09-11 09:22:21 +02:00
Daniel Marjamäki bee30b0ca2 astyle formatting
[ci skip]
2019-09-10 19:42:17 +02:00
Paul Fultz II dc0b3527ad Fix issue 9311: False positive duplicateCondition "same if condition" with pointer inside array of struct (#2166)
* Check for typeOf through an array

* Handle array constructors

* Format

* Fix compile error on gcc 4.8
2019-09-10 19:41:35 +02:00
Paul Fultz II 2595b82634 Fix issue 9348: FP uninitvar for pointer passed to memcpy (#2167) 2019-09-10 19:40:08 +02:00
Paul Fultz II ddb1f1b5ce Try to fix issue 9341: daca crash: isContainerSizeChangedByFunction (#2168) 2019-09-10 19:39:44 +02:00
orbitcowboy da29a1f56b gnu/bsd.cfg: Cleanup redundant configuration for timercmp() and add more tests. 2019-09-10 11:51:47 +02:00
Rikard Falkeborn afe05d019c dmake: Improve dependency detection of external and cli includes (#2163)
Previously, external files were not searched at all, and dependencies
on header files in cli was not taken into account for test files.

To add dependency of headers in externals, we also need to search for
includes with angular brackets.
2019-09-10 10:32:36 +02:00
Sebastian 5a05e8d242
donate-cpu-server.py: Get rid of hard-coded paths (#2159) 2019-09-10 07:58:37 +02:00
Paul Fultz II b2ae835b4b cmake: Add dependency on cppcheck (#2165)
This adds a dependency on cppcheck so it will be built when calling `make check`
2019-09-10 06:21:59 +02:00
IOBYTE 639c29eb5c Fix #9338 (Regression: Syntax error on valid C++) (#2156)
* Fix #9338 (Regression: Syntax error on valid C++)

* fix cppcheck warning
2019-09-09 21:46:21 +02:00
Paul Fultz II d20b1b2525 Add cfg tests to cmake (#2154)
* Add cfg tests to cmake

* Fix test
2019-09-09 21:44:30 +02:00
Richard A. Smith 2b44fb57bc Loosen restrictions on MISRA rules text structure (#2157)
Version 1.88 changed the parsing of the MISRA rules file adding a
severity setting.  This caused a regression in rule parsing.

In particular the following format used to parse cleanly and produce
rule output that would show the severity as part of the rule text.

    Rule 1.2

    Advisory

    Rule text goes here.

    Rule 1.3

    Required

    More rule text goes here.

As of 1.88 a file structured like above would parse as having no rules.

The problem is the use of blank lines as a rule delimiter.   The
modified rule parser wants to see a rules formatted like below:

    Rule 3.1 Required
    R3.1 text.
    Rule 4.1 Required
    R4.1 text.

or:

    Rule 1.1
    Add this rule and parse to next, skipping empty lines.

    Rule 1.2
    Rule text.

Any rule text that did not fall into one of the above formats would
result in incomplete rule text parsing.

Change the parsing of the rule text file so that blank lines are ignored
instead of treating them as a delimiter between rules. Instead use the
start of the next rule as a delimiter for the end of the previous rule.
This allows both of the newer formats but also supports the behavior of
pre-1.88 versions.

Change units tests that were specifically forbidding the use of blank
lines to ones that allow blank lines.
2019-09-09 21:43:44 +02:00
Paul Fultz II 9753e18ebd Fix issue 9340: AST broken: endless recursion from '{' (#2161) 2019-09-09 21:35:49 +02:00
Paul Fultz II e7ff983fe0 Run cmake tests on travis (#2155)
* Run cmake tests on travis

* Build with tests

* Use correct variable
2019-09-09 21:35:07 +02:00
Sebastian e9231d2eee
.travis.yml: Remove already fixed TODO comment
y2038 addon has been fixed and moved directly to the addons directory. So this comment is no longer necessary.
2019-09-09 21:19:03 +02:00
Sebastian 4a119640c5 #8755: Add regression test (#2160)
* #8755: Add regression test

https://trac.cppcheck.net/ticket/8755
False negative: uninitvar not detected

* Fixed formatting (runastyle)
2019-09-09 17:20:03 +02:00
versat 7737a448cf Fix #9345 FP wrongPrintfScanfArgNum for vasprintf
Configuration "<formatstr/>" for function is wrong, for the argument it
is fine.
2019-09-09 15:02:55 +02:00
Rikard Falkeborn 32eb6e1b19 donate-cpu: Only check libraries once (#2158)
There is no point in checking which libraries to use for each cppcheck
version since there is no change. Refactor the checking to a separate
function and run that once instead. This halves the time it takes to
check for libraries.
2019-09-09 13:42:57 +02:00
orbitcowboy aed5e17867 #9323, #9331: Moved configuration and tests to gnu and bsd. 2019-09-08 19:17:15 +02:00
orbitcowboy bb54e455ce wxwidgets.cfg: Fixed typo from previous commit. 2019-09-07 12:16:54 +02:00
orbitcowboy 74907ade18 wxwidgets.cfg: Added support for more wxImage members 2019-09-07 12:10:38 +02:00
orbitcowboy e21dca293a wxwidgets.cfg: Added support for wxImage::Rotate(). 2019-09-07 12:06:09 +02:00
orbitcowboy 9890df11df posix.cfg: Added support for some functions from <sys/time.h>. 2019-09-07 10:52:30 +02:00
orbitcowboy 12c851d9a8 posix.cfg: Fixed #9323, #9331 by adding timercmp() configuration. 2019-09-07 10:42:09 +02:00
IOBYTE 59fdbd8435 Fix #9337 (Syntax error on valid C++) (#2152) 2019-09-07 09:09:04 +02:00
Daniel Marjamäki 92ab7c6b92 donate-cpu: switch to new server 2019-09-06 22:28:34 +02:00
Paul Fultz II 27ebff7ae4 Add deeper analysis of when a function changes a containers size (#2149)
* Add deeper analysis of when a function changes a containers size

* Fix issues

* Track addressOf
2019-09-06 21:18:45 +02:00
Sebastian 4531b31a4a
Test for issue 9334: FP resourceLeak for dlopen/dlclose with library posix (#2151)
Add test to avoid further FP for valid code.
Tests for true positives are already present.
https://trac.cppcheck.net/ticket/9334
2019-09-06 16:37:51 +02:00
orbitcowboy d774359f68 posix.cfg: Improved configuration for dlopen() and dlclose(). Ensure the return value is taken into account for dlopen() and leak-ignore flag is not present for dlopen() and dlclose(). 2019-09-06 15:25:54 +02:00
Sebastian 32dad3f44a
posix.cfg: Fix vsyslog() configuration (#2150)
Add tests to make sure no false positives are reported.
Found the issue via daca@home
2019-09-06 10:16:11 +02:00
Sebastian 1c77661b7e donate-cpu.py: Improve detection of Ruby library usage (#2148)
I looked into many packages where the detection failed and they all use
`#include "ruby.h"`. Some of these packages seem to be Ruby modules,
others seem to be "normal" software.
2019-09-05 20:33:12 +02:00
Paul Fultz II 70cad280ea Fix issue 9319: FP knownConditionTrueFalse related to aggregate initialization of struct (#2147) 2019-09-05 19:36:45 +02:00
Paul Fultz II 9e140831eb Fix issue 9329: FP knownConditionTrueFalse - vector modified by function calls (#2145) 2019-09-05 16:42:26 +02:00
Paul Fultz II e657cf4073 Fix issue 9320: False positive knownConditionTrueFalse related to truncation (#2144) 2019-09-05 15:15:58 +02:00
versat e7ea748805 lua.cfg: Add more lua_push*() function configurations 2019-09-05 14:43:35 +02:00
versat 9b9e9a4cf4 qt.cfg: Add configurations for functions of class QSettings
Reference: https://doc.qt.io/qt-5/qsettings.html
2019-09-05 13:49:18 +02:00
versat 8b5191416e dmake.cpp: Fix typo in warning message 2019-09-05 11:43:13 +02:00
Rikard Falkeborn 02fd1ac7f7 donate-cpu: Show cppcheck head git hash and commit time (#2096)
This adds one line in the package report to show the git hash and commit
date. This makes it possible to see exactely which revision the result
was obtained with.

The cppcheck head info line is now shown as

	head-info: 1a25d3f9e (2019-08-30 18:34:14 +0200)
2019-09-05 09:08:45 +02:00
Daniel Marjamäki 04295802f9 fix run-coverity.sh script. It will run in the cppcheck-devinfo folder from now on. 2019-09-04 17:12:03 +02:00
Daniel Marjamäki 068b0ef648 Make Travis happy 2019-09-04 13:38:19 +02:00
Daniel Marjamäki a9fda3f488 Clarify redundantVarAssignment warnings 2019-09-04 10:55:41 +02:00
IOBYTE e5220bdf0c make ellipsis ... a single token (#2143)
* make ellipsis ... a single token

Using cppcheck -E to preprocess code with ellipsis produces output that
can't be compiled because ... is split into 3 tokens.

* try to fix addon
2019-09-04 08:07:30 +02:00
Daniel Marjamäki 6e00db379f Update run-coverity.sh script 2019-09-03 21:28:57 +02:00
Paul Fultz II 1afd56e964 Fix issue 8785: ValueFlow: Track pointer alias
This fixes the issue by making `ProgramMemory` keep track of values based on the conditions.

It also removes the `deadpointer` check since it duplicates the `invalidLifetime` check.
2019-09-03 17:16:15 +02:00
versat 1faf932206 qt.cfg: Add configurations for functions of class QDateTime
Reference: https://doc.qt.io/qt-5/qdatetime.html
2019-09-03 12:50:29 +02:00
Paul Fultz II 55a78f482b Fix issue 9293: false negative: uninitvar 2019-09-03 06:46:34 +02:00
Paul Fultz II dc201d110d Fix issue 9274: false negative: (error) Buffer is accessed out of bounds (std::string, std::wstring) 2019-09-03 06:43:54 +02:00
Daniel Marjamäki af449779f0 astyle formatting
[ci skip]
2019-09-03 06:43:08 +02:00