Commit Graph

1330 Commits

Author SHA1 Message Date
Paul Fultz II 4fb43a3f56
Fix 10643: FP: (error) Array 'buf[64]' accessed at index -1, which is out of bounds. (#3639)
* Fix 10643: FP: (error) Array 'buf[64]' accessed at index -1, which is out of bounds.

* Format
2021-12-17 10:05:57 +01:00
Paul Fultz II 398fa28021
Fix 10657: False positive; ValueFlow - invalid iterator (#3636) 2021-12-16 22:34:51 +01:00
Oliver Stöneberg ba402f3e50
cleaned up includes based on include-what-you-use (#3627) 2021-12-15 19:47:27 +01:00
Paul Fultz II 5414814238
Fix 10649: False positive: wrong known value after reassignment (#3631) 2021-12-15 19:37:25 +01:00
Paul Fultz II 6681576707
Fix 10642: False positive: Possible dereference of an invalid iterator: v.begin()+v.size()-1 (#3630) 2021-12-15 19:31:28 +01:00
chrchr-github 532477cdb2
Fix #9549 FP knownConditionTrueFalse (bitshift) (#3616) 2021-12-14 07:30:57 +01:00
Paul Fultz II 3874c546cc
Fix 10641: FP invalidLifetime with compiler-generated constructor (#3609) 2021-12-07 07:43:25 +01:00
Paul Fultz II d2926bfa96
ValueFlow: Propagate const variables more aggressively (#3606)
* ValueFlow: Propagate const variables more aggressively

* Format

* Fix incorrect addition
2021-12-06 09:16:42 +01:00
Paul Fultz II f64bcac004
Fix 10429: Regression: invalidIterator (#3603) 2021-12-05 15:46:52 +01:00
Paul Fultz II a03e731930
Track lifetimes of lambdas that capture the 'this' variable (#3594) 2021-12-04 17:00:55 +01:00
Paul Fultz II c14920218c
Fix 10624: FP knownConditionTrueFalse with pointer member and dynamic cast (#3598) 2021-12-04 08:54:24 +01:00
Paul Fultz II a0d633945e
Fix 10621: FP arrayIndexOutOfBoundsCond with multiple index checks (#3597)
* Fix 10621: FP arrayIndexOutOfBoundsCond with multiple index checks

* Format
2021-12-04 08:54:04 +01:00
Paul Fultz II 57f5b19b34
Fix 7812: False negative: return pointer of local variable (#3583)
* Fix 7812: False negative: return pointer of local variable

* Format

* Add test case for 3029

* Format
2021-11-28 15:25:21 +01:00
Paul Fultz II 143ddf2758
Fix 10595: FN: std::vector() reserve() (#3581)
* Fix 10595: FN: std::vector() reserve()

* Format
2021-11-26 09:50:02 +01:00
Paul Fultz II 12e731ad49
Fix 10605: FP containerOutOfBounds with empty() check (#3572) 2021-11-25 22:34:00 +01:00
Paul Fultz II 33ad30f4da
Fix 10617, 9824: conditions in expanded macro (#3578) 2021-11-25 18:40:15 +01:00
Paul Fultz II a0d3c2c719
Handle for loop conditions in afterCondition (#3561) 2021-11-14 18:30:36 +01:00
Paul Fultz II 112363c9d1
Fix 10590: container access out of bounds not found (#3560)
* Refactor container bounds check

* Use symbolic values

* Add test case

* Format
2021-11-13 07:45:29 +01:00
Paul Fultz II c057dcce0f
Fix 10592: False positive: returnDanglingLifetime (#3557) 2021-11-11 08:00:05 +01:00
Paul Fultz II 035c70c441
Fix 10578: Value not impossible after check (#3549) 2021-11-07 18:19:56 +01:00
Paul Fultz II 1791457227
Fix 9953: false positive: uninitvar (#3548) 2021-11-07 06:51:19 +01:00
Paul Fultz II 6338c2396c
Fix 10589: False positive: danglingLifetime for moved unique ptr (#3547) 2021-11-06 19:08:19 +01:00
Paul Fultz II ffc2a9d8e2
Fix 9735 for valueFlowUninit (#3538) 2021-11-06 19:06:07 +01:00
Daniel Marjamäki 0f259a5dc6 Fixed #10222 (regression: arrayIndexOutOfBounds) 2021-11-03 20:16:44 +01:00
Paul Fultz II d3f0aa5b34
Fix 10033: false negative: danglingTemporaryLifetime with usage of reference from nested object not detected (#3542) 2021-11-01 19:23:15 +01:00
Paul Fultz II be14866095
Run valueFlowSubfunction in reverse order of functions (#3540) 2021-11-01 19:21:03 +01:00
Paul Fultz II 04ecf53a07
Use static array to store iterator infer models instead of constructing a vector everytime (#3539) 2021-11-01 19:18:18 +01:00
Paul Fultz II df59b07ba1
Fix 10226: FN: knownConditionTrueFalse (#3537) 2021-10-31 14:51:07 +01:00
Paul Fultz II 8c9c46835a
Fix for 6597: false negative: uninitialized variable usage not detected (ValueFlow , multi variables) (#3535) 2021-10-30 22:13:58 +02:00
Paul Fultz II e20ddd55d6
Propagate partially uninit variables in ValueFlow (#3533) 2021-10-30 07:43:37 +02:00
Paul Fultz II 48fc70b810
Dont stop analysis when an unrelated class variable is changed (#3518) 2021-10-23 14:47:10 +02:00
Paul Fultz II ca83222bae
Add subexpression analyzer to set values for uninitialized members of struct (#3517)
* Add subexpression analyzer

* Fix errors

* Add tests

* Format

* Add more tests

* Run members first

* Format

* Uncomment todo assert

* Formatting

* Use simpleMatch
2021-10-21 14:44:48 +02:00
chrchr-github c88dceff95
Partial fix for #10358: set value for int s{ 4 }; (#3506) 2021-10-15 20:05:42 +02:00
Paul Fultz II 89515600e4
Fix 10538: FN: nullPointer (std::swap pointers) (#3504) 2021-10-15 10:58:16 +02:00
Paul Fultz II 130d1abbce
Fix 10210: FN: nullPointerRedundantCheck regression in member function (#3512) 2021-10-15 10:57:40 +02:00
Paul Fultz II f1f86db0da
Fix 10544: FP knownConditionTrueFalse with loop after check (#3508) 2021-10-14 16:47:15 +02:00
Paul Fultz II 6b9ef1fc58
Propagate symbolic values for identity operators (#3497) 2021-10-14 16:46:36 +02:00
Oliver Stöneberg 99db1f3f22
fixed some compiler warnings (#3502) 2021-10-13 12:10:26 +02:00
Paul Fultz II 52e4bec50a
Fix 10537: FN: knownConditionTrueFalse (std::string::c_str() never returns nullptr) (#3498) 2021-10-11 19:16:12 +02:00
Paul Fultz II 5e9bc48d26
Evaluate symbolic values (#3495) 2021-10-11 19:10:37 +02:00
Daniel Marjamäki 6bd5f79451 Revert "Fix 8629: false negative: (style) Condition '...' is always true (#3492)"
This reverts commit b9be38aaec.
2021-10-10 21:21:21 +02:00
Paul Fultz II b9be38aaec
Fix 8629: false negative: (style) Condition '...' is always true (#3492) 2021-10-09 16:20:38 +02:00
Paul Fultz II bc90ae889d
Fix 10543: FP knownConditionTrueFalse with static variable (#3491) 2021-10-09 16:20:04 +02:00
Paul Fultz II a1e0ef9b38
Refactor: Use interval analysis for symbolic values for inferCondtion (#3488) 2021-10-09 16:19:06 +02:00
Paul Fultz II 25eb0ab5bc
Find dangling pointers to unique_ptr (#3486) 2021-10-06 08:46:25 +02:00
Paul Fultz II 3cb252bd99
Fix 9873: False negative: null pointer when checking raw pointer (#3485) 2021-10-06 08:39:58 +02:00
chrchr-github f3e1f0d41b
Fix #10238: char* confused with char (#3484) 2021-10-05 18:04:48 +02:00
Paul Fultz II 8668d445c7
Add support for string_view (#3480) 2021-10-05 08:28:19 +02:00
Paul Fultz II c7e13d0e0b
Forward container size values in subfunctions (#3483) 2021-10-05 08:22:19 +02:00
KenPatrickLehrmann 61cddabe74
Fix FP due to namespace scope (#3475) 2021-10-04 23:16:16 +02:00
chrchr-github 428144c53c
Fix #10513: vector constructed from pointers (#3473) 2021-10-04 07:55:17 +02:00
Paul Fultz II 7621fee3d4
Refactor: Use ValueFlow::Value for ProgramMemory execute instead of integers (#3477) 2021-10-04 07:53:58 +02:00
chrchr-github 609e20d9d8
ValueFlow: string can be constructed from init list (#3459) 2021-10-02 23:09:49 +02:00
Paul Fultz II 255dc0484a
Fix 10331: wrong conditional value after assignment+return (#3461) 2021-09-21 19:25:41 +02:00
Paul Fultz II 9e9a982c6c
Fix 10468: False positive; uninitialized variable. Loop is always executed at least once (#3462) 2021-09-18 22:23:05 +02:00
Paul Fultz II 9ece849d80
Fix 10467: FP mismatchingContainers with array of vectors (#3453) 2021-09-09 20:43:46 +02:00
Paul Fultz II b0b3f7ec2d
Fix 10464: FP: knownConditionTrueFalse (#3452) 2021-09-09 07:49:56 +02:00
Paul Fultz II 98e22f6162
Fix 10413: FP arrayIndexOutOfBoundsCond after check (#3446) 2021-09-06 07:15:24 +02:00
Paul Fultz II 0335671b35
Fix 10450: regression, FP : Iterator 'iter' from different container 'l' are used together (#3436) 2021-09-05 07:35:33 +02:00
Paul Fultz II ccb31d8510
Fix 10460: FP knownConditionTrueFalse 'fabs(x)<1/(double)16' is always false (#3445) 2021-09-05 07:10:58 +02:00
Paul Fultz II 928efe77fc
Fix 9765: FP: knownConditionTrueFalse handling of template function with ternary operator (#3443) 2021-09-04 19:55:36 +02:00
Paul Fultz II 28bc717cbe
Fix 10163: false positive: lifetime for r is not same as for seq 'for (auto& r: seq)' (#3442) 2021-09-04 19:53:14 +02:00
Paul Fultz II 9eb5eadd35
Fix 9777: False Positive: Condition is always true with reset/release on unique_ptr (#3440) 2021-09-04 19:06:13 +02:00
Paul Fultz II 8a708e556c
Fix 10456: FP identicalConditionAfterEarlyExit with variable captured by reference (#3439) 2021-09-04 19:05:41 +02:00
Paul Fultz II 7ce17f076a
Fix 10318: iterator converted to type, wrong scope check (#3433) 2021-08-31 09:48:23 +02:00
Paul Fultz II 4566e0e439
Fix 10148: False positive: knownConditionTrueFalse in for loop due to &= (#3425) 2021-08-28 09:28:29 +02:00
Paul Fultz II 740becbddf
Fix 10348: FP knownConditionTrueFalse with condition variable in do ... while loop (#3422) 2021-08-27 05:46:57 +02:00
Paul Fultz II 712ff1c073
Fix 10436: hang: valueFlowSubFunction 'ispunct(c)..' (#3423) 2021-08-27 05:46:33 +02:00
Paul Fultz II 1cd9d0479d
Fix 10433: assertion failure in ValueFlow (Interval::fromValues) (#3419) 2021-08-26 07:46:40 +02:00
Daniel Marjamäki 11916171fe Fix crash in programmemory, crash found in daca@home package system-root 2021-08-25 06:56:19 +02:00
Paul Fultz II f7ddd7a35d
Fix 10430: FP knownConditionTrueFalse with bool from unsigned char (#3416) 2021-08-25 04:51:54 +02:00
Paul Fultz II 8ddc5764f8
Fix 10425: False positive: returnDanglingLifetime when taking address of captured variable (#3415) 2021-08-25 04:06:03 +02:00
Daniel Marjamäki 37ef29889b Fix 10424: ExpressionAnalyzer assertion failure in librevisa 2021-08-24 16:06:51 +02:00
Paul Fultz II 524db1c756
Fix 10420: assertion error when analysing juce (#3413) 2021-08-23 11:12:42 +02:00
Paul Fultz II 865163b2ba
Add library configurations for free functions like std::size, std::empty, etc (#3410) 2021-08-23 09:03:48 +02:00
Daniel Marjamäki 165d48c846 fix gcc compiler warnings 2021-08-22 18:06:54 +02:00
Paul Fultz II a0c37ceba2
Fix FP: Set correct bounds for interval (#3411) 2021-08-21 21:17:05 +02:00
Paul Fultz II d30f42e0da
Fix FP when calling a function in a condition (#3412) 2021-08-21 18:52:11 +02:00
Paul Fultz II e62cdbb664
Deduce symbolic values from conditions (#3406) 2021-08-19 22:01:55 +02:00
Paul Fultz II e0de48bb1d
Fix 7524: ValueFlow: false path for 'x<3' (#3393) 2021-08-16 09:19:07 +02:00
Daniel Marjamäki 6a565f9e2f cleanup unused function 2021-08-15 11:01:14 +02:00
Paul Fultz II be978b35cf
Add more ValueFlow info in the xml dumps (#3402) 2021-08-15 08:02:31 +02:00
Paul Fultz II f81ddd2daa
Fix 10408: FP nullPointer on 'return x.release()' (#3404) 2021-08-15 07:43:50 +02:00
Paul Fultz II c92dab1329
Fix 10406: FP danglingLifetime with pointer-to-pointer (#3401) 2021-08-14 21:37:17 +02:00
Paul Fultz II b9ac48c90a
Fix 10409: FP 'Condition 's.size()<3' is always false' (#3396) 2021-08-14 06:48:38 +02:00
Paul Fultz II 69eaa9dfd9
Refactor: ConditionHandler cleanup (#3394) 2021-08-11 08:37:37 +02:00
Paul Fultz II 0f897acecd
Fix FP in solveExpr when using symbolic values (#3391) 2021-08-09 20:41:10 +02:00
Paul Fultz II a218ea3b23
Fix 10404: FP knownConditionTrueFalse after subtraction (#3390) 2021-08-09 07:45:41 +02:00
Daniel Marjamäki 5f81b03df1 valueflow; Remove unused function, fixing gcc warning 2021-08-08 21:25:47 +02:00
Daniel Marjamäki fa398a6ba1 valueflow: remove not needed INDENT-OFF and INDENT-ON 2021-08-08 21:22:42 +02:00
Paul Fultz II 7f358b2bed
Format with uncrustify (#3388) 2021-08-07 20:51:18 +02:00
Paul Fultz II 735f716603
Fix 10394 and 10395: FP knownConditionTrueFalse: loop variable (#3381) 2021-08-04 21:07:55 +02:00
Paul Fultz II 8b8ae55490
Fix 10129: false negative: knownConditionTrueFalse (#3382)
* Add symbolic matching

* Check for truncated values

* Dont propagate uninit values

* Update errorpath test

* Add test case for 10129

* Add test case for FP

* Remove symbolic values that are the same as the token

* Fix test messages

* Fix cppcheck issue

* Format
2021-08-04 21:07:31 +02:00
Paul Fultz II 4626f9ed76
Fix FP when returning a pointer to a container (#3379) 2021-08-04 08:16:31 +02:00
Paul Fultz II 6736ac7e3a
Revert "Formatted the code [ci skip]" (#3380)
This reverts commit 7a6d7f7c2d.
2021-08-03 17:53:30 +02:00
orbitcowboy 7a6d7f7c2d Formatted the code [ci skip] 2021-08-03 06:33:54 +02:00
Paul Fultz II 08041e3a0b
Refactor: Assert an expression has an id and fix assertion failures (#3377)
* Fix 10390: FP: knownConditionTrueFalse

* Assert expression has an ID

* Fix assertion errors

* Format
2021-08-03 06:31:52 +02:00
Paul Fultz II 7be9b217e6
Fix 7843 and 7844: ValueFlow for abs (#3373)
* Refactor: Use valueFlowForward to forward values in condition expression

* Formattting

* Make known when using bools as well

* Set abs function as always positive

* Add test

* Add valueFlowSymbolicAbs

* Set impossible values

* Fix test case

* Fix error messages

* Merge
2021-08-03 06:31:28 +02:00
Paul Fultz II 3d19b33c3e
Fix 9948 and 10234: false negative: knownConditionTrueFalse and stlOutOfBounds (#3372) 2021-08-02 10:51:34 +02:00
Paul Fultz II 61ceff39f5
Fix 10390: FP: knownConditionTrueFalse (#3374) 2021-08-02 10:49:39 +02:00
Daniel Marjamäki 1ec7397c21 astyle formatting
[ci skip]
2021-08-01 14:05:30 +02:00
Paul Fultz II 2f6a6e4b45
Refactor: Use valueFlowForward to forward values in condition expression (#3369) 2021-08-01 10:13:14 +02:00
Paul Fultz II 7d9fdf582b
Fix 10121: False positive: Condition 'ab->a!=123' is always false when modifying an alias (#3293) 2021-08-01 10:10:11 +02:00
Paul Fultz II 6767b57d4c
Fix FP for symbolic values when the expression is not const (#3370) 2021-07-31 14:19:37 +02:00
Paul Fultz II 3a7ba3cd29
Add symbolic values to ValueFlow (#3367) 2021-07-30 21:29:35 +02:00
Paul Fultz II 6a81b4c17c
Fix 10264: FP invalidContainer when address of container is passed inside struct (#3368) 2021-07-30 15:52:00 +02:00
Paul Fultz II 737b6199ba
Refactor: Allow parse to return multiple values for a condition (#3361) 2021-07-26 22:23:19 +02:00
Paul Fultz II c34691ff56
Fix 10354: FP knownConditionTrueFalse after bitwise and/xor (#3360) 2021-07-26 22:22:50 +02:00
Paul Fultz II 84ea0a2295
Refactor: Remove extra analysis of container sizes in conditions (#3357) 2021-07-25 18:14:51 +02:00
Paul Fultz II 5be3f700bb
Fix 10373: ValueFlow: container in struct assumed empty (#3355) 2021-07-25 18:13:55 +02:00
Paul Fultz II 8e416a7255
Fix issue 10379: FP knownConditionTrueFalse with mod operator (#3354) 2021-07-25 18:13:14 +02:00
Paul Fultz II 00eb71fd49
Remove constexpr -> const simplification (#3346) 2021-07-22 07:22:26 +02:00
Paul Fultz II 8efe1d4ab4
Find reference to dangling unique ptr (#3344) 2021-07-20 21:30:27 +02:00
Daniel Marjamäki dd34d1c123 CI; Fix Cppcheck self-check, pointer can be const 2021-07-20 11:21:47 +02:00
orbitcowboy 1be5bb8bbc Running astyle [ci skip] 2021-07-18 10:01:22 +02:00
Paul Fultz II 59a1c1a9d8
Refactor: Remove variable analyzer (#3339) 2021-07-18 07:46:31 +02:00
orbitcowboy 3f1e937ea1 Running astyle [ci skip] 2021-07-17 08:19:04 +02:00
chrchr-github 8cd8b9c64e
Fix MSVC build and some warnings (#3334) 2021-07-16 21:55:12 +02:00
Paul Fultz II 942202aede
Evaluate container sizes in forward analysis (#3338) 2021-07-16 18:49:07 +02:00
Daniel Marjamäki 56924643be Fixed #10347 (ValueFlow: No known value set for sizeof(a[0])) 2021-07-08 18:18:44 +02:00
Armin Müller fc90598077
Typos found by running "codespell" (#3324) 2021-07-02 17:41:51 +02:00
Daniel Marjamäki 1a5449cbeb Fixed #10327 (ValueFlow; Wrong Uninit value in called function) 2021-07-01 22:08:00 +02:00
Daniel Marjamäki 2a2e071a85 Tokenizer::simplifyAttribute; Set function attribute for function pointer 2021-06-26 14:23:39 +02:00
Paul Fultz II 66956ed959
Fix 10323: Wrong known value. x!=0 does not mean that x==1 (#3308) 2021-06-26 09:16:45 +02:00
Paul Fultz II 508188df2b
Fix 10297: Regression; ValueFlow known value, sign conversion (#3307) 2021-06-26 09:16:04 +02:00
Daniel Marjamäki 769b20b426 ValueFlow: Clarify note when impossible value is assigned (#10297) 2021-06-24 17:10:06 +02:00
Daniel Marjamäki 2d08564c8a astyle formatting 2021-06-19 14:47:35 +02:00
Paul Fultz II dd178c3ad9
Fix 10314: Possible nullPointerRedundantCheck false positive (#3298) 2021-06-19 13:59:48 +02:00
Paul Fultz II f55a4563f9
Fix 10308: danglingTemporaryLifetime confused by function parameter (#3292) 2021-06-09 09:21:03 +02:00
Paul Fultz II f3a33ea330
Fix 10294: ValueFlow: Wrong <Uninit> value below loop (#3291) 2021-06-09 09:20:43 +02:00
orbitcowboy 195d413986 Running astyle [ci skip] 2021-06-05 08:53:15 +02:00
Paul Fultz II f90b05ea7c
Show lifetime kind in output (#3285) 2021-06-04 21:41:30 +02:00
Paul Fultz II 668b88d7c0
Fix 10284: False positive; valueFlowBeforeCondition does not seem to care about increment (#3287) 2021-06-04 21:40:57 +02:00
Paul Fultz II a14922ed85
Fix 10238: FP knownConditionTrueFalse std::string from const char* assumed non-empty (#3288) 2021-06-04 17:22:05 +02:00
Paul Fultz II 537fb5bcd9
Fix 10264: FP invalidContainer when address of container is passed inside struct (#3286) 2021-06-04 17:20:47 +02:00
Paul Fultz II 486e440c4a
Fix 10298: ValueFlow: Wrong known value, 'x == -1' implicit unsigned cast for rhs (#3277) 2021-06-04 17:17:41 +02:00
Paul Fultz II 95c872b1ec
Fix todo test for returning a dangling reference (#3284) 2021-06-04 17:15:39 +02:00
Paul Fultz II 548ec10824
Fix issue 10306: FP knownConditionTrueFalse with modulo result converted to bool (#3282) 2021-06-03 07:26:36 +02:00
Paul Fultz II ab50a75d8a
Fix 10289: ValueFlow; Wrong known value 'size_t - uint16_t > 0' (#3273) 2021-05-24 08:28:21 +02:00
Paul Fultz II 47a4144b47
Fix 10288: ValueFlow; False positives because of wrong known value when there is sign cast (#3268) 2021-05-23 10:20:29 +02:00
Paul Fultz II 8541e0503e
Fix 10290: false negative: container out of bounds (#3269) 2021-05-22 23:33:13 +02:00
Paul Fultz II c63aa2f2cc
Fix 10263: FP containerOutOfBounds when container is accessed via pointer (#3265) 2021-05-22 08:36:51 +02:00
Paul Fultz II 1e3ab460a3
Fix 10254: false positive: arrayIndexOutOfBounds in inline function (#3266) 2021-05-22 08:20:09 +02:00
Armin Müller c70b8793a3
Typos found by running "codespell" (#3251) 2021-05-19 11:49:19 +02:00
Paul Fultz II 4b11bb4ad3
10278: ValueFlow: Wrong known value, sign conversion (#3260) 2021-05-18 07:28:45 +02:00
Paul Fultz II eb96e4980e
Fix issue 10268: ValueFlow; Wrong value in for loop (#3257) 2021-05-15 08:39:20 +02:00
Daniel Marjamäki abb4200316 Fixed #10196 ("Unhandled char constant 'x'" with non-standard escape character) 2021-05-08 12:54:18 +02:00
Daniel Marjamäki 07c1f28035 astyle formatting 2021-05-01 07:35:03 +02:00
Paul Fultz II 31e3e4d87b
Fix issue 10086: false positive: (style) constVariable: Variable 'x' can be declared with const (#3219) 2021-04-30 17:47:08 +02:00
Daniel Marjamäki 04e9c13bc6 TemplateSimplifier; Better handling of c++17 fold expressions and c++20 concepts.
c++17 fold expressions are simplified to a __cppcheck_uninstantiated_fold__ if they are not instantiated.

c++20 concepts are skipped/removed by Cppcheck and these will be enforced by the compiler.
2021-04-20 15:40:25 +02:00
Paul Fultz II db5f00a16a
Fix issue 10214: FP: danglingTempReference doesn't account for reference lifetime extension (#3220)
* Fix issue 10214: FP: danglingTempReference doesn't account for reference lifetime extension
2021-04-19 14:20:29 +02:00
Paul Fultz II 563c9dd9cc
Fix issue 10208: FP: knownConditionTrueFalse in for loop with function that assigns by ref (#3198) 2021-04-18 21:42:27 +02:00
Paul Fultz II a772d652d8
Fix issue 9932: FP: containerOutOfBounds (#3217)
* Fix issue 9932: FP: containerOutOfBounds
2021-04-18 10:43:38 +02:00
Oliver Stöneberg 5a7e361442
run self-checks with standard set to C++11 (#3206) 2021-04-12 18:29:13 +02:00
Paul Fultz II 255f273c46
Fix issue 10088: ValueFlow: Array size, wrong known value (#3204) 2021-04-09 07:43:54 +02:00
Paul Fultz II e0f9627201
Fix issue 10226: FP: redundant condition or invalid iterator (#3195) 2021-04-06 11:04:37 +02:00
Paul Fultz II f605f71e49
Fix issue 10225: false positive: knownConditionTrueFalse (#3196) 2021-04-05 10:20:14 +02:00
Daniel Marjamäki 44f914eaee astyle formatting
ci skip
2021-04-04 18:20:32 +02:00
Paul Fultz II 182ae75290
Fix issue 10216: FP containerOutOfBounds with std::array initialized with = {} (#3190) 2021-03-31 22:07:54 +02:00
Oliver Stöneberg 9b974f1b8e
fixed Visual Studio warnings about shadowed members (#3191) 2021-03-31 22:07:20 +02:00
Paul Fultz II 5077663684
Fix issue 9979: false positive: containerOutOfBounds with conditional resize (#3136) 2021-03-30 14:02:28 +02:00
Paul Fultz II 9de976b243
Fix issue 10194: hang with followAllReferences() (#3189)
* Decrease depth faster when there is multiple returns
2021-03-30 11:22:56 +02:00
Daniel Marjamäki 42437277dc Update Copyright year 2021-03-21 20:58:32 +01:00
PKEuS 141d2ac215 Refactorization: Improved internal implementation of severity and certainty levels
Backported from LCppC.
2021-02-24 22:00:06 +01:00
PKEuS 6a811eec1c Refactorization: Removed unused functions 2021-02-17 22:44:03 +01:00
Daniel Marjamäki 0a71b52a87 Remove unused function 2021-02-11 19:27:36 +01:00
Daniel Marjamäki fbf63b932e astyle formatting
[ci skip]
2021-02-10 11:42:00 +01:00
Oliver Stöneberg 39c5274742
valueflow.cpp: optimized SingleValueFlowAnaylzer::isAlias() by avoidi… (#3051) 2021-02-10 08:18:21 +01:00
Paul Fultz II 0e871c178f
Fix issue 10141: Errors with ref assignment (duplicateValueTenary and knownEmptyContainer) (#3093) 2021-02-09 15:27:46 +01:00
Paul Fultz II cf8a5d9a22
Fix issue 10111: FP knownConditionTrueFalse (#3110) 2021-02-03 10:21:47 +01:00
Paul Fultz II 913dbeb8d8
Fix FP when inserting a range into a container (#3108) 2021-02-02 14:57:48 +01:00
Paul Fultz II e17d22eb87
Fix issue 10134: False positive: value is not known. Early return. (#3086) 2021-01-28 12:37:56 +01:00
IOBYTE 4e1ff86bb2
use nonneg int for varid and exprid (#3085) 2021-01-27 19:49:13 +01:00
Daniel Marjamäki 987c8a854e astyle formatting
[ci skip]
2021-01-25 22:51:50 +01:00
Paul Fultz II 0f8f207719
Remove valueFlowFwdAnalysis and update valueFlowAfterAssign to handle expressions (#3074) 2021-01-25 17:24:36 +01:00
Daniel Marjamäki 772b44d11a Fixed compiler warnings 2021-01-23 18:04:28 +01:00
Paul Fultz II c860de8565
Fix issue 8143: valueFlowCondition: before and inside while (#3045) 2021-01-23 17:52:01 +01:00
Paul Fultz II d80f2fb46f
Reapply f1cc3ad and fix performance regression (#3076) 2021-01-23 08:47:39 +01:00
orbitcowboy bb451ca289 Running astlye [ci skip] 2021-01-22 21:47:24 +01:00
Daniel Marjamäki 0fa89ff2ba Revert 14365ffc7 and f1cc3ada8, there was a performance regression 2021-01-22 10:51:46 +01:00
Daniel Marjamäki 14365ffc7c make a function static 2021-01-21 20:27:28 +01:00
Paul Fultz II f1cc3ada86
Refactor valueFlowTerminatingCondition to handle inner conditions and complex conditions (#3060) 2021-01-21 20:18:53 +01:00
Paul Fultz II d05acf3c41
Fix issue 10120: FP: containerOutOfBounds, regression (#3064) 2021-01-21 19:50:57 +01:00
Paul Fultz II 8b26ecbcdd
Extend ProgramMemory to handle expressions (#3069) 2021-01-21 19:49:37 +01:00
Paul Fultz II 25ada657da
Fix issue 9030: ValueFlow: Possible value after conditional assignment in for loop (#3059) 2021-01-18 10:12:07 +01:00
Paul Fultz II b571e9fe0b
Fix issue 10106: FP: nullPointerRedundantCheck (#3044) 2021-01-13 12:36:26 +01:00
Daniel Marjamäki 1858465bca astyle formatting
[ci skip]
2021-01-12 21:28:56 +01:00
Armin Müller 0de0a954d2
Typos found by running "codespell" (#3042) 2021-01-12 20:48:25 +01:00
Paul Fultz II b1c56d33ac
Fix issue 9133: Invalid iterator; vector::push_back, functions (#3008) 2021-01-11 18:47:38 +01:00
Paul Fultz II 678ee00fe9
Infer variables from conditions in valueFlowSubfunction (#3037) 2021-01-11 08:00:13 +01:00
Paul Fultz II a3617fe573
Fix issue 10102: False positive: knownConditionTrueFalse in for loop (#3038) 2021-01-11 07:56:16 +01:00
Daniel Marjamäki 707f1f2fbe ValueFlow: Fixed isEqual 2021-01-10 16:52:11 +01:00
Daniel Marjamäki 98c7c0af96 Fixed GCC compiler warnings 2021-01-10 15:27:42 +01:00
Daniel Marjamäki f493ce16b3 astyle formatting
[ci skip]
2021-01-10 14:46:19 +01:00
Paul Fultz II bc3f5554a4
Fix issue 8871: improve check: mismatching container size conditions (#2988) 2021-01-10 13:30:00 +01:00
Paul Fultz II c267d85640
Add generic valueflowBeforeCondition (#3001) 2021-01-08 22:55:04 +01:00
Oliver Stöneberg 96704c9971
fixed and enabled some more clang-tidy warnings (#3007) 2021-01-05 17:51:32 +01:00
Paul Fultz II e004731f1c
Fix issue 8650: ValueFlow: Track if pointer is created by '&' operator (#3011) 2021-01-05 16:56:38 +01:00
Paul Fultz II f0b5668436
Fix issue 9890: ValueFlow: known value not found (variable is changed in path that returns) (#3010) 2021-01-05 16:49:08 +01:00
Oliver Stöneberg d59abfd977
fixed clang-tidy warnings (#3006)
* clang_tidy.cmake: added clang-tidy-11 to list of executables to look for

* .clang-tidy: disabled warnings we are (currently) not interested in

* fixed clang-tidy warnings
2021-01-02 23:10:27 +01:00
Rikard Falkeborn d19454b935
Refactoring: Convert ValueType to enum class (#3005) 2021-01-02 09:30:00 +01:00
shaneasd 53734a3da1
Test for return address of reference (#2991) 2020-12-28 10:50:42 +01:00
orbitcowboy 38fc6f209d Running astye [ci skip] 2020-12-26 14:02:03 +01:00
Oliver Stöneberg 00071d09f6
split "valueFlowBailoutIncompleteVar" from more generic "valueFlowBailout" (#2976) 2020-12-26 13:48:22 +01:00
Daniel Marjamäki 8fcef7ad0d astyle formatting
ci skip
2020-12-25 08:58:12 +01:00
Paul Fultz II 7861aa00cf
Refactor afterCondition handlers into to seperate classes (#2975) 2020-12-24 20:07:46 +01:00
Paul Fultz II a770342593
Fix crash in getInitListSize (#2960) 2020-12-19 12:23:19 +01:00
Daniel Marjamäki 1744cbaf66 astyle formatting
[ci skip]
2020-12-19 08:56:46 +01:00
Paul Fultz II 626dcd0eba
Fix issue 10037: False positive when passing variables to functions by address (#2957) 2020-12-19 08:29:37 +01:00
Paul Fultz II b044f9ba96
Fix issue 9996: false negative: containerOutOfBounds with std::vector::front() and c++11 braced initializer (#2958) 2020-12-18 07:14:11 +01:00
Paul Fultz II 904d52acac
Fix issue 10004: ValueFlow: pointer value, wrongly set known value (#2931) 2020-12-03 07:15:31 +01:00
IOBYTE 43ce1607c7
fix a large number of valgrind warnings in testrunner (#2920)
Co-authored-by: Robert Reif <reif@FX6840>
2020-11-24 18:21:07 +01:00
Daniel Marjamäki 5e69def679 Code cleanup; Remove unused functions 2020-11-18 20:27:51 +01:00
Paul Fultz II e8c1c792a5
Fix issue 9987: false positive: danglingTempReference with && variable and assignment (#2907) 2020-11-17 06:52:12 +01:00
Rikard Falkeborn 324e267559
getSizeOf: Handle long double (#2888) 2020-11-11 22:51:17 +01:00
Daniel Marjamäki 7182da5c8e astyle formatting 2020-11-11 09:17:54 +01:00
Paul Fultz II bd7e915c20
Add generic reverse valueflow (#2878) 2020-11-10 16:00:55 +01:00
Daniel Marjamäki 88a35d2253 Fix CodeQL warning, Multiplication result converted to larger type 2020-11-06 19:50:05 +01:00
Rikard Falkeborn d7a8e25d92
Fix #9647: Set correct enum value (#2856)
* Tokenize: Set varId for variables in enum

Set varIds in enum values. It was previously disabled in 5119ae84b8
to avoid issues with enums named the same as global variables. Take care
to only set varids to variables used to set the value of an enumerator,
not the enumerator itself. This is somewhat complicated by the fact that
at the time this happens, astOperand1(), astOperand2(), astParent() etc
are not set. The current implementation is not perfect, for example in
the code below, y will not have a varid set, but x and z will. This is
deemed sufficient for now.

            int x, y, z;
            enum E { a = f(x, y, z); };

* Fix #9647: Value of enums with variables as init values

C++ allows enum values to be set using constexprs, which cppcheck did
not handle before. To solve this, add a new pass to valueflow to update
enum values after global consts have been processed. In order to do so,
I moved all settings of enum values to valueflow. After setting the enum
values, we need another call to valueFlowNumber() to actually set users
of the enums.

There is still room for improvements, since each pass of
valueFlowGlobalConstVar() and valueFlowEnumValue() only sets variables
that are possible to set directly, and not if setting the value of a
variable allows us to set the value of another. For example

	constexpr int a = 5;
	constexpr int b = a + 5;
	enum E { X = a };
	constexpr E e = X;

Here both b and e will not have their values set, even though cppcheck
should be possible to figure out their values. That's for another PR
though.

This was tested by running test-my-pr.py with 500 packages. The only
difference was one error message in fairy-stockfish_11.1, where cppcheck
now printed the correct size of an array instead of 2147483648 which I
assume is some kind of default value. In that package, using a constexpr
when setting enum values is common, but as mentioned, there was no
change in the number of warnings.
2020-10-22 07:45:04 +02:00
Paul Fultz II 64638d82bb
Fix issue 9945: FP: containerOutOfBounds (#2845) 2020-10-22 07:41:52 +02:00
Armin Müller 08cef9e815
Typos found by running "codespell" (#2846) 2020-10-15 19:24:13 +02:00
Paul Fultz II 047c3ed6ba
Fix issue 9935: FP: knownConditionTrueFalse value flow doesn't account for virtual functions (#2839) 2020-10-09 17:21:27 +02:00
Paul Fultz II 372161c89b
Fix issue 9939: False positive: Reference to temporary returned (static variable) (#2840) 2020-10-06 09:16:54 +02:00
Daniel Marjamäki 17e562a87f astyle formatting
[ci skip]
2020-10-03 11:02:11 +02:00
Paul 828a5e2326 Fix issue 9930: valueFlowLifetime hang 2020-10-03 11:01:53 +02:00
Paul Fultz II d9eacaecbb
Fix issue 9842: ValueFlow: wrong handling of ?, seems to think that the whole expression is a condition (#2821) 2020-09-23 07:45:03 +02:00
Oliver Stöneberg 7189b303ae
fixed some modernize-loop-convert clang-tidy warnings (#2815) 2020-09-21 19:30:47 +02:00
Paul Fultz II 857722f859
Fix issue 9711: FP knownConditionTrueFalse for variable modified via pointer (#2813) 2020-09-20 14:27:09 +02:00
Paul Fultz II c2e8051196
Fix issue 9904: False positive: duplicateCondition when modifying variable in lambda (#2811) 2020-09-18 07:44:26 +02:00
Paul Fultz II e5d0ffdbe7
Fix issue 9900: False positive: Returning lambda that captures local variable 'x' that will be invalid when returning. (#2809) 2020-09-17 08:33:52 +02:00
Paul Fultz II 11c99d7387
Fix issue 9880: False positive: danglingLifetime (#2810) 2020-09-17 07:23:38 +02:00
Paul Fultz II ebbff08932
Fix issue 9899: False positive: Non-local variable will use object that points to local variable (#2808) 2020-09-15 07:11:52 +02:00
Paul Fultz II bb7164171c
Fix issue 9894: ValueFlow: wrong known value below while with assignment (#2804)
* Fix issue 9894: ValueFlow: wrong known value below while with assignment
2020-09-14 08:03:25 +02:00
Daniel Marjamäki 600538a325
Merge pull request #2793 from Ken-Patrick/mixedoperators
Fix false positives with condition with || and &&
2020-09-11 10:11:31 +02:00
Daniel Marjamäki 92d65a1824 astyle formatting 2020-09-11 08:51:12 +02:00
Ken-Patrick Lehrmann a114bf0293 Fix false positives with condition with || and &&
The value of something in the middle of a condition with mixed || and &&
gives no information on which branch will be taken.
For instance with:
```
int f(int a, int b, bool x) {\n"
  if (a == 1 && (!(b == 2 && x))) {
  } else {
    if (x) {
    }
  }

  return 0;
}
```
We can enter the if part whether x is true or false, and similarly,
enter the else part whether x is true or false. Same thing with the
value of b.

This fixes the following false positive with above code:
```
:4:13: style: Condition 'x' is always true [knownConditionTrueFalse]
        if (x) {
            ^
:2:33: note: Assuming that condition 'x' is not redundant
    if (a == 6 && (!(b == 21 && x))) {
                                ^

```
2020-09-10 23:27:39 +02:00
Paul bb9dbaa8f5 Format 2020-09-09 21:32:07 -05:00
Paul 75b955b9c6 Fix issue 9833: False positive: Division by zero when using pointer to struct 2020-09-09 21:29:26 -05:00
Paul Fultz II 34d65e25d6
Merge branch 'main' into lifetime-subfunction 2020-09-09 12:02:02 -05:00
Daniel Marjamäki 687b44dbb7 Token: add flag for splitted variable declaration with initialization 2020-09-09 16:22:47 +02:00
Daniel Marjamäki b1401c6536
Merge pull request #2789 from pfultz2/smart-ptr-constructor
Fix issue 9496: False negative: Dereferencing returned smart null-pointer
2020-09-09 08:16:30 +02:00
Paul 965fea370f Formatting 2020-09-08 21:55:53 -05:00
Paul 382408f59e Fix issue 9496: False negative: Dereferencing returned smart null-pointer 2020-09-08 21:54:38 -05:00
Paul 8d7088aa24 Fix issue 9835: False negative: Return reference to temporary with const reference 2020-09-08 18:30:45 -05:00
Paul 8c425790f4 Merge branch 'main' into lifetime-subfunction 2020-09-08 13:18:01 -05:00
Daniel Marjamäki 18e99176e5
Fix issue 9883: endless recursion in getLifetimeTokens (#2786) 2020-09-08 20:14:54 +02:00
Paul Fultz II 5099ca3c8b
Fix issue 9882: segfault in ForwardTraversal (#2785) 2020-09-08 20:14:10 +02:00
Paul d5489fd1f0 Fix issue 9883: endless recursion in getLifetimeTokens 2020-09-08 11:33:29 -05:00
Paul 1be67ea008 Merge 2020-09-08 11:00:57 -05:00
Daniel Marjamäki 0c6dc84cbb astyle formatting
[ci skip]
2020-09-07 10:56:02 +02:00
Paul Fultz II 362ab44c40
Fix issue 9646: False negative: Return reference to temporary with const reference (#2782) 2020-09-07 10:52:54 +02:00
Daniel Marjamäki c7aed8bd0e astyle formatting 2020-09-06 07:47:17 +02:00
Daniel Marjamäki b0b31feadd fix ubsan errors 2020-09-05 21:09:11 +02:00
Daniel Marjamäki a102574e3f astyle formatting 2020-09-05 08:00:51 +02:00
Paul Fultz II cc2bc74084
Track lifetime for lambdas with explicit capture (#2776) 2020-09-05 07:56:01 +02:00
Paul bb37b07def Extend lifetimes to subfunctions 2020-09-04 11:56:34 -05:00
shaneasd 84dd0c961f
False positive dynamic_cast auto variable which has been checked against null (#2769) 2020-09-04 07:06:26 +02:00
Paul Fultz II 03cefd5d70
Fix issue 9853: False positive: returnReference when using a pointer to container (#2765) 2020-09-02 20:01:08 +02:00
Paul Fultz II 32df807b22
Fix issue 9783: wrong lifetime analysis temporary assigned to object (#2711) 2020-09-02 07:13:15 +02:00
Daniel Marjamäki 8e79b0c8bc astyle formatting
[ci skip]
2020-09-01 20:00:04 +02:00
Paul Fultz II ba84196dca
Fix issue 9865: false positive: knownConditionTrueFalse (#2764) 2020-09-01 11:22:38 +02:00
Paul Fultz II 1c5f496350
Fix issue 8373: false negative: invalid iterator (#2761) 2020-08-31 08:46:56 +02:00
Daniel Marjamäki 18c29544eb astyle formatting 2020-08-28 19:29:33 +02:00
Paul Fultz II 6ab3c93fb1
Fix issue 9756: false negative: invalid iterator from std::find_if (#2760) 2020-08-28 19:29:09 +02:00
Paul Fultz II 82bdbcd73b
Fix issue 9859: false positive: knownConditionTrueFalse (#2759) 2020-08-28 19:26:09 +02:00
Paul Fultz II 494fff65b7
Add outOfBounds check for iterators to containers (#2752) 2020-08-26 21:05:17 +02:00
Daniel Marjamäki bb5cad42cd astyle formatting
[ci skip]
2020-08-26 10:15:09 +02:00
Paul Fultz II ec89c57a90
Fix issue 9849: false positive: containerOutOfBounds (#2753) 2020-08-25 07:12:41 +02:00
Paul Fultz II 02287d9d34
Fix issue 7324: valueFlowForward : decrement (#2737) 2020-08-24 13:10:36 +02:00
Daniel Marjamäki 2bb73840fc astyle formatting 2020-08-23 17:17:33 +02:00
Paul Fultz II ac846b96d1
New check: Iterating a known empty container (#2740) 2020-08-22 09:16:26 +02:00
Daniel Marjamäki e0e70c2531 Fixed compiler warnings 2020-08-21 17:23:55 +02:00
Paul 7776fb82a2 Fix issue 737: new check: Dereference end iterator 2020-08-17 16:36:45 -05:00
Paul a509de4d70 Add moves 2020-08-11 11:50:27 -05:00
Paul 8c7e91c985 Remove old container forward 2020-08-10 22:09:33 -05:00
Paul 71c228a01a Check for containers that modify the size using square bracket 2020-08-10 22:07:22 -05:00
Paul a5b0a1c9e2 Evaluate container size in program memory 2020-08-10 20:08:49 -05:00
Paul fec2914700 Add tests for container changes 2020-08-09 22:52:03 -05:00
Paul 26693df788 Use forward analyzer for container forward 2020-08-08 00:10:03 -05:00
Daniel Marjamäki b263b93f73
Merge pull request #2732 from pfultz2/invalid-container-subobj
Fix issue 9780: FP: invalidContainer calling push_back after getting the address of the vector
2020-08-07 09:52:25 +02:00
Paul 56affc9080 Fix issue 9780: FP: invalidContainer calling push_back after getting the address of the vector 2020-08-06 21:08:30 -05:00
Paul 0cc1f69862 Fix issue 9770: FP returnDanglingLifetime for class method taking const char* and returning std::string 2020-08-05 23:17:35 -05:00
Daniel Marjamäki fa32624c93 ValueFlow: Avoid UB in shift when rhs is negative 2020-07-25 14:13:21 +02:00
Ken-Patrick LEHRMANN a923115710 Add missing operators <<= and >>=
This fixes issues (at least false positives) in code using them.
For instance:

```
unsigned compute(unsigned long long a) {
    unsigned num = 0;
    while (a > 0xFFFFFFFF) {
      a >>= 32;
      num += 32;
    }
    if (a > 0xFFFF) {
      a >>= 16;
      num += 16;
    }
    if (a > 0xFF) {
      num += 8;
    }
    return num;
}
```

would give false positive:
```
cppcheck --enable=style  sl3.cpp
Checking sl3.cpp ...
sl3.cpp:11:11: style: Condition 'a>0xFF' is always false [knownConditionTrueFalse]
    if (a > 0xFF) {
          ^
sl3.cpp:3:14: note: Assuming that condition 'a>0xFFFFFFFF' is not redundant
    while (a > 0xFFFFFFFF) {
             ^
sl3.cpp:11:11: note: Condition 'a>0xFF' is always false
    if (a > 0xFF) {
          ^
```
2020-07-23 14:36:34 +02:00
Daniel Marjamäki 25ad22c6af astyle formatting
[ci skip]
2020-07-23 10:09:06 +02:00
Daniel Marjamäki df99d8aa0a
Merge pull request #2719 from pfultz2/fp-unreachable-alias
Fix issue 9807: False positive: ValueFlow in unreachable code, || lhs is true
2020-07-23 09:52:54 +02:00
Daniel Marjamäki 2fd44fa464
Merge pull request #2710 from pfultz2/fp-invalid-container-pointer
Fix issue 9796: False positive: lifetime, pointer item is not deallocated by pop_back
2020-07-22 09:24:54 +02:00
Paul 0def5d7a9a Reduce variable scope 2020-07-21 19:09:58 -05:00
Paul dbb410cdae Merge branch 'main' into condition-in-expr 2020-07-21 13:28:59 -05:00
Paul 38e1b57bc9 Use refs 2020-07-21 13:18:45 -05:00
Paul e2a81a382f Track reading aliases during valueflow forward 2020-07-19 23:25:35 -05:00
Paul 831690f89b Use parseDecl instead 2020-07-16 14:33:39 -05:00
Paul 423dcfd005 Fix issue 9796: False positive: lifetime, pointer item is not deallocated by pop_back 2020-07-15 12:22:36 -05:00
Daniel Marjamäki 1567ccf97b
Merge pull request #2700 from pfultz2/afterConditionFunction
Extend scope of afterCondition until end of function
2020-06-30 08:28:08 +02:00
Paul 67e06c18a9 Use the already available function scope 2020-06-29 15:36:01 -05:00
Daniel Marjamäki f34ff9325a Fixed testrunner 2020-06-29 21:53:14 +02:00
Daniel Marjamäki a0770f05e1 Reuse 'extractForLoopValues' in ValueFlow 2020-06-29 21:01:43 +02:00
Paul 07d8cb4f01 Extend scope of afterCondition until end of function 2020-06-29 11:55:59 -05:00
Paul d5b6d49d96 Fix issue 9578: false negative: (style) Condition '...' is always false 2020-06-28 15:28:08 -05:00
Ken-Patrick Lehrmann 5a3789a23f 9769: Improve value flow for ternary operator
In some cases, the condition of the ternary operator is assigned a known
value after the two possible results, and in such cases, we would not
take the opportunity to assign a value to the ternary operator (and to
the other parents in the ast).
This patch adds this capability.
2020-06-20 10:29:28 +02:00