amai2012
|
ece478979b
|
Merge pull request #821 from boos/cwe-mapping-11
CWE mapping of invalidLengthModifierError, leakUnsafeArgAlloc, nullPointerDefaultArg, nullPointerRedundantCheck, raceAfterInterlockedDecrement.
|
2016-08-24 20:44:06 +02:00 |
Roberto Martelloni
|
01ee9ee5e6
|
CWE mapping of invalidLengthModifierError, leakUnsafeArgAlloc, nullPointerDefaultArg, nullPointerRedundantCheck, raceAfterInterlockedDecrement.
|
2016-08-24 15:37:14 +01:00 |
Robert Reif
|
6043a27065
|
Fixed #7710 (%h and %hh printf type size specifiers not supported)
|
2016-08-24 12:47:11 +02:00 |
Roberto Martelloni
|
4c6f4f6708
|
CWE mapping of functionConst, functionStatic, initializerList, badBitmaskCheck, knownConditionTrueFalse, invalidTestForOverflow, unhandledExceptionSpecification, coutCerrMisusage,
invalidPrintfArgType_int
|
2016-08-23 16:48:36 +01:00 |
Daniel Marjamäki
|
789aef7fde
|
Fixed #4920 (Microsoft ATL/MFC CString::Format argument checking)
|
2016-08-19 17:36:27 +02:00 |
Daniel Marjamäki
|
f2e49b4db4
|
Fixed #7178 (Defect: False positive due to mistake in return type of function pointer.)
|
2016-08-14 17:19:14 +02:00 |
PKEuS
|
da34883770
|
Improved message invalidscanf: Removed misleading example from verbose message
|
2016-08-01 18:42:27 +02:00 |
Daniel Marjamäki
|
1c51fbce7a
|
astyle formatting
[ci skip]
|
2016-08-01 13:01:01 +02:00 |
Daniel Marjamäki
|
8d89eefff9
|
Merge pull request #815 from boos/cwe-mapping-8
CWE mapping of invalidscanf, invalidScanfArgType_s, invalidScanfArgType_int, invalidScanfArgType_float, invalidPrintfArgType_s, invalidPrintfArgType_n, invalidPrintfArgType_p, invalidPrintfArgType_int, invalidPrintfArgType_uint, invalidPrintfArgType_sint, invalidPrintfArgType_float, wrongPrintfScanfParameterPositionError
|
2016-07-31 14:14:48 +02:00 |
Roberto Martelloni
|
9ab4057ddc
|
CWE mapping of invalidscanf, invalidScanfArgType_s, invalidScanfArgType_int, invalidScanfArgType_float, invalidPrintfArgType_s, invalidPrintfArgType_n, invalidPrintfArgType_p, invalidPrintfArgType_int, invalidPrintfArgType_uint, invalidPrintfArgType_sint, invalidPrintfArgType_float, wrongPrintfScanfParameterPositionError
|
2016-07-31 10:49:36 +01:00 |
Robert Reif
|
768c26805c
|
Fixed false positive: %Ld in format string (no. 1) requires 'long long' but the argument type is 'long long' (#7601).
|
2016-07-16 10:33:46 +02:00 |
Simon Martin
|
12a298b9cd
|
Ticket #7445: Properly represent integer types smaller than int in CheckIO::ArgumentInfo.
|
2016-05-28 15:36:13 +02:00 |
PKEuS
|
373ac52480
|
Mention exact function name in invalidscanf message (#5649)
|
2016-05-26 21:11:33 +02:00 |
PKEuS
|
851c6e0ed5
|
Improved buffer overflow checking for scanf: %c with a width (#3494)
|
2016-05-22 14:00:26 +02:00 |
Daniel Marjamäki
|
dc2a92263a
|
Fixed #7426 (RFC: time to replace simplifyEnum?)
|
2016-04-22 06:02:54 +02:00 |
Daniel Marjamäki
|
00a584d8d1
|
astyle formatting
|
2016-04-22 06:01:34 +02:00 |
Roberto Martelloni
|
e89cd1b8a4
|
CWE mapping of unsafeClassCanLeak, zerodivcond, invalidPointerCast, redundantCopy, redundantAssignment, comparisonFunctionIsAlwaysTrueOrFalse, checkCastIntToCharAndBack, cstyleCast, passedByValue, clarifyCondition, exceptThrowInDestructor, exceptDeallocThrow, exceptRethrowCopy, catchExceptionByValue, fflushOnInputStream, seekOnAppendedFile, publicAllocationError
CWE mapping of unsafeClassCanLeak, zerodivcond, invalidPointerCast, redundantCopy, redundantAssignment, comparisonFunctionIsAlwaysTrueOrFalse, checkCastIntToCharAndBack, cstyleCast, passedByValue, clarifyCondition, exceptThrowInDestructor, exceptDeallocThrow, exceptRethrowCopy, catchExceptionByValue, fflushOnInputStream, seekOnAppendedFile, publicAllocationError
|
2016-04-12 19:29:40 +02:00 |
PKEuS
|
6d0c2f7253
|
Fixed false positive useClosedFile when noreturn function is called (#7359)
|
2016-01-31 10:39:35 +01:00 |
Daniel Marjamäki
|
5e10e680da
|
CWE: refactoring. use constants instead of magic numbers.
|
2016-01-25 20:01:48 +01:00 |
Roberto Martelloni
|
5ce69da02d
|
Mapped 26 errors to their CWEs ID.
|
2016-01-24 20:53:05 +00:00 |
Robert Reif
|
966d078dcc
|
CheckIO: Fix FN when using '%x' as format specifier for a 'signed int' variable
|
2016-01-15 09:29:29 +01:00 |
Lauri Nurmi
|
996c9244d8
|
Update copyright year to 2007-2016.
|
2016-01-01 15:34:45 +02:00 |
PKEuS
|
940d569980
|
Refactorization: Removed redundant %any% patterns.
|
2015-12-24 14:40:48 +01:00 |
PKEuS
|
8f22e4924c
|
Updated AStyle to version 2.05.1
Tweaked runastyle.bat a little bit.
|
2015-12-17 15:53:13 +01:00 |
Alexander Mai
|
f762affea0
|
Small refactoring: replace NULL by nullptr, remove redundant static keyword, Tokenizer::setVarId() uses const variable 'notstart'
|
2015-11-30 22:13:49 +01:00 |
PKEuS
|
e8522c7883
|
Small refactorizations:
- #include cleanup
- Use std::array instead of std::vector
- Do not create a stringstream to concatenate 4 strings
- Use std::cout instead of printf
|
2015-11-29 10:56:44 +01:00 |
Daniel Marjamäki
|
0f9d90d2be
|
Changed Copyrights. Removed my name.
|
2015-11-18 20:04:50 +01:00 |
PKEuS
|
eefea507b9
|
Use ValueFlow in CheckIO::checkWrongPrintfScanfArguments() (#6563)
|
2015-11-06 09:52:22 +01:00 |
PKEuS
|
3971f8625f
|
Fixed false positive seekOnAppendedFile if FILE* is reused (#6566)
|
2015-10-13 15:32:13 +02:00 |
Daniel Marjamäki
|
2c7c6b3e38
|
CheckIO: Try to use ValueType more
|
2015-10-11 17:35:54 +02:00 |
Daniel Marjamäki
|
37d9a95ef1
|
CheckIO: Refactoring. Split out CheckIO::checkFormatString() from CheckIO::checkWrongPrintfScanfArguments().
|
2015-10-10 20:08:15 +02:00 |
Daniel Marjamäki
|
6d256b01b6
|
CheckIO: Use ValueType::Type::LONGDOUBLE type also
|
2015-10-08 19:52:24 +02:00 |
Daniel Marjamäki
|
a500f6f703
|
Improved handling of 'long double' and address-of in ValueType. Removed Tokenizer::simplifyFloatCasts() to handle float casts better.
|
2015-10-08 19:50:10 +02:00 |
Daniel Marjamäki
|
be72b7413a
|
ValueType: Handling of originalTypeName
|
2015-10-07 20:24:17 +02:00 |
Daniel Marjamäki
|
604a9acb48
|
ValueType: Handling constness
|
2015-10-07 19:08:26 +02:00 |
Daniel Marjamäki
|
b77203a277
|
CheckIO: Handle AST pointer type better
|
2015-10-05 19:59:15 +02:00 |
Daniel Marjamäki
|
b9036c2ca8
|
AST types: Fix for 'long long' handling
|
2015-10-05 19:20:42 +02:00 |
Daniel Marjamäki
|
bc8f1b972e
|
CheckIO: Early return
|
2015-10-05 19:04:29 +02:00 |
Daniel Marjamäki
|
8f6bd7fd0d
|
Fixed #7014 (False positive for printf("%c", "hello"[0]))
|
2015-10-05 10:12:30 +02:00 |
Dmitry-Me
|
aa60358458
|
Temp variables, better names
|
2015-09-15 15:34:12 +03:00 |
PKEuS
|
ee4a5843bb
|
Some small refactorizations
|
2015-08-15 19:46:31 +02:00 |
PKEuS
|
4d80df2f4a
|
Added pointer to Type to Token (similar to Token::Variable() and Token::function()):
- Accessible via Token::type()
- Renamed former Token::type() to Token::tokType()
- Removed SymbolDatabase::isClassOrStruct()
|
2015-08-15 11:19:21 +02:00 |
PKEuS
|
b0bf69bae7
|
Fixed false positive #6763 and reordered conditions
Ran AStyle
|
2015-08-14 12:50:45 +02:00 |
Daniel Marjamäki
|
e578988832
|
invalidScanf: removed the checking for 'scanf crash with huge input data for old glibc'. new systems are not vulnerable to this bug anymore.
|
2015-08-14 08:03:46 +02:00 |
Dmitry-Me
|
d81776b8c8
|
Avoid deep copying std::string
|
2015-08-07 17:16:41 +03:00 |
PKEuS
|
a0890ecd2c
|
Fixed false positive: Do not print useClosedFile on arrays (#6823)
|
2015-07-20 22:40:19 +02:00 |
Alexander Mai
|
b3c7a3f798
|
Fix more (potential) multi-threading issues
|
2015-06-20 22:26:51 +02:00 |
Alexander Mai
|
eebb5b8c77
|
Fix some compiler warnings in checkio.cpp. Fix some (potential) multi-threading issues in checkinternal.cpp
|
2015-06-17 21:25:15 +02:00 |
orbitcowboy
|
06e818f89d
|
Running astyle, no functional change.
|
2015-06-17 09:09:23 +02:00 |
amai2012
|
33d7631ee3
|
Fix another Borlad-specific test by setting Windows platform type
Refactoring: make CheckIO::ArgumentInfo aware of language (C vs. C++) to perform some optimizations
|
2015-06-16 23:11:34 +02:00 |