Daniel Marjamäki
ba8222de1c
ValueFlow: Put 'inconclusive' state in the ValueKind. A value can't be both known and inconclusive.
2017-09-20 22:41:36 +02:00
Ayaz Salikhov
f0b5327450
Fix codestyle ( #953 )
2017-09-07 13:00:46 +02:00
Dmitry-Me
0e444aa133
Cache and reuse values
2017-09-05 17:50:36 +03:00
Ayaz Salikhov
b8cd7dbb5c
Use nullptr instead of 0 or NULL ( #936 )
2017-08-09 20:00:26 +02:00
Matthias Krüger
9b6d371762
checkbufferoverrun: remove dead store
...
the variable was declared inside a loop and the dead store also took place inside the loop (guarded by a condition) without further access of the value after that store.
Found by clang analyzer.
Was:
lib/checkbufferoverrun.cpp:1223:17: warning: Value stored to 'tok' is never read
tok = tok->next();
^ ~~~~~~~~~~~
2017-08-01 16:53:00 +02:00
Daniel Marjamäki
058c439b2a
Coverity detected useless function call, cleanup code
2017-08-01 12:45:37 +02:00
Daniel Marjamäki
fec0c46af0
Refactoring, use continue in loop
2017-07-30 14:53:58 +02:00
Ayaz Salikhov
4bbc830a85
Fix warnings
2017-07-17 10:13:11 +03:00
uburuntu
f4ce49d883
ENH: perfomance: using clear() and empty() more faster for stl containers
2017-06-02 22:38:00 +04:00
Ayaz Salikhov
28aa939d69
iwyu - include what you use
2017-05-27 04:33:47 +02:00
Daniel Marjamäki
1dd42d9a9e
arrayIndexOutOfBounds: Make sure error message is clarified for daca2 --template format
2017-05-25 08:18:37 +02:00
Daniel Marjamäki
70c2de62b7
arrayIndexOutOfBounds: better note
2017-05-23 16:06:32 +02:00
Daniel Marjamäki
e73657b198
Clarify arrayIndexOutOfBounds
2017-05-23 14:58:43 +02:00
Daniel Marjamäki
f7cda81c0c
Refactoring: ValueFlow::Value::errorSeverity() will have the logic if value is 'error' or 'warning'
2017-05-23 11:43:56 +02:00
Daniel Marjamäki
55ae206ecc
ErrorPath: better output
2017-05-19 17:29:16 +02:00
Daniel Marjamäki
c617851567
ErrorLogger: Added ErrorPath where each item has token and info
2017-05-16 22:38:13 +02:00
Daniel Marjamäki
f92e7b3bfc
Emit better errorpath in CheckBufferOverrun::negativeIndexError
2017-05-16 19:08:47 +02:00
Simon Martin
b526fd7c49
Ticket #7964 : Don't crash on valid code using function pointers named strcpy or strcat in main().
2017-04-21 23:36:10 +02:00
PKEuS
b1f4bd7504
Refactorization: Reimplemented Settings::_enabled as a bitfeld instead of std::set ( #7995 )
2017-04-11 11:49:26 +02:00
Matthias Krüger
7d12e1f3a6
valueFlowGetArrayIndexes: convert Token::Match to Token::simpleMatch.
...
The pattern is a sole "[", but since "[" is also used for complexe patterns, the internal check that finds potential simple match patterns bailed out here.
2017-04-09 17:27:46 +02:00
Daniel Marjamäki
633ed23c0d
Fix Cppcheck warnings about mismatching function argument names
2017-04-01 09:31:27 +02:00
Daniel Marjamäki
cc3ef7bbe8
Fix so array access out of bounds for external arrays are detected again
2017-03-30 10:14:17 +02:00
PKEuS
3c8f5b85ae
Refactorization: Allocate Token::_values (ValueFlow information) dynamically, reducing size of each token by around 10%
2017-03-27 18:48:34 +02:00
PKEuS
2938278f00
Refactorization: Store minsizes in vector instead of list which has less overhead
2017-03-27 17:53:43 +02:00
PKEuS
63d39390b4
checkbufferoverrun.cpp: refactorizations
2017-03-27 16:09:51 +02:00
PKEuS
83b1e1c329
CheckBufferOverrun: Refactorizations
...
- Improved/Optimized conditions in checkBufferAllocatedWithStrlen()
- Avoid copying strings for checkScope()
2017-03-27 11:48:34 +02:00
PKEuS
680828788b
Fixed false negative in CheckBufferOverrun::checkInsecureCmdLineArgs(), removed redundant tests
2017-03-27 11:30:07 +02:00
PKEuS
171e1b8244
Fixed false negatives in CheckBufferOverrun::arrayIndexThenCheck()
2017-03-27 11:07:49 +02:00
orbitcowboy
6c71d74563
Cleanup: There is no need to clear a string directly after its creation.
2017-01-16 20:10:28 +01:00
Daniel Marjamäki
f0d91fb74b
Fixed #7869 (False positive: Array index out of bounds)
2016-12-20 22:01:19 +01:00
Daniel Marjamäki
f5ad7482a8
CheckBufferOverrun: Skip warnings about array index out of bounds in unions. Theoretically, the array is at least as large as the biggest union member.
2016-12-18 22:10:30 +01:00
PKEuS
cfac3b457d
Several small refactorizations
2016-12-06 22:12:02 +01:00
Stefan Weil
57b57428c2
Fix some typos in comments (found by codespell)
...
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2016-11-27 11:40:42 +01:00
Daniel Marjamäki
a61f4e9c94
Fixed #7831 (false-positive: terminateStrncpy)
2016-11-24 07:04:58 +01:00
Daniel Marjamäki
4732667488
ValueFlow: allow more value types
2016-11-13 22:33:39 +01:00
Daniel Marjamäki
9ff3e85899
Added --cppcheck-build-dir flag
2016-10-29 12:18:11 +02:00
Daniel Marjamäki
499e52c976
astyle formatting
...
[ci skip]
2016-08-15 18:04:55 +02:00
Roberto Martelloni
41dee04e90
CWE mapping of assignBoolToFloat, strncatUsage, sizeArgumentAsChar, terminateStrncpy, bufferNotZeroTerminated, negativeArraySize, noExplicitConstructor, virtualDestructor
2016-08-14 18:23:41 +01:00
Robert Reif
55b3f0bf38
Fixed #752 (SymbolDatabase: Does not match function if redundant keywords mismatch (C++))
2016-08-04 09:06:32 +02:00
PKEuS
3f4fe8f578
Refactorized CheckBufferOverrun:
...
- Removed redundant code
- Apply non-simplified checking in test suite
2016-07-27 17:28:43 +02:00
PKEuS
9a6569fde1
Always set ErrorMessage::file0 to ensure that the source file that cppcheck is checking when an error occurs can be identified
...
Removed unused function and unused includes from preprocessor.h/cpp
2016-07-26 16:28:40 +02:00
Simon Martin
bae81fba05
Silent clang -Wshadow warning. ( #812 )
...
Add an optional extended description…
2016-07-09 19:07:58 +02:00
PKEuS
44a19b527e
Use ValueFlow and SymbolDatabase to detect buffer overflows with new and malloc, improving support for enums ( #7576 )
2016-07-08 20:53:08 +02:00
PKEuS
644a216394
Fixed two false positives related to char arrays initialized by a literal:
...
- Run check for writing to string literals on non-simplified token list (#7283 )
- Run buffer overrun checking for string literals on non-simplified token list (https://sourceforge.net/p/cppcheck/discussion/general/thread/2c33dfc5/ )
2016-07-07 19:38:15 +02:00
umanamente
0f11007c19
Fixed #7083 (false positive: typedef and initialization with strings)
2016-06-21 22:42:46 +02:00
PKEuS
8c0eab3eb3
Optimization: Improved performance of CheckBufferOverrun::checkScope() when dealing with a large number of arrays ( #5975 )
...
-> checking time decreases from 1010s to 50s on the code snippet in #5975
-> Dropped a garbage code unit test
2016-05-25 14:42:00 +02:00
PKEuS
728d4242dc
Refactorizations in CheckBufferOverrun:
...
- Improved performance of CheckBufferOverrun::checkScope()
- Made some patterns less restrictive
2016-05-25 11:50:34 +02:00
Roberto Martelloni
d3645d874e
Mapped toomanyconfigs ,AssignmentAddressToInteger
...
,AssignmentIntegerToAddress ,CastIntegerToAddressAtReturn
,CastAddressToIntegerAtReturn ,assertWithSideEffect ,assignmentInAssert
,uselessAssignmentArg ,uselessAssignmentPtrArg
,comparisonOfFuncReturningBoolError
,comparisonOfTwoFuncsReturningBoolError ,comparisonOfBoolWithBoolError
,incrementboolean ,comparisonOfBoolWithInt ,compareBoolExpressionWithInt
,negativeIndex ,pointerOutOfBounds ,arrayIndexThenCheck
,possibleBufferAccessOutOfBounds ,argumentSize
,arrayIndexOutOfBoundsCond ,noConstructor ,copyCtorPointerCopying
,noCopyConstructor ,uninitMemberVar ,operatorEqVarError
,unusedPrivateFunction ,memsetClassFloat ,mallocOnClassWarning
,operatorEq ,thisSubtraction ,operatorEqRetRefThis ,operatorEqToSelf
,useInitializationList ,duplInheritedMember ,assignIfError
,comparisonError ,multiCondition ,mismatchingBitAnd
,oppositeInnerCondition ,incorrectLogicOperator ,redundantCondition
,moduloAlwaysTrueFalse to their CWEs ids.
2016-02-26 23:53:52 +00:00
Daniel Marjamäki
cef6b35bb8
Improve MAXTIME handling
2016-02-11 16:10:52 +01:00
Daniel Marjamäki
5e10e680da
CWE: refactoring. use constants instead of magic numbers.
2016-01-25 20:01:48 +01:00