Paul Fultz II
6b6553e320
Dont warn for arrays that are containers ( #2240 )
2019-10-05 16:14:30 +02:00
orbitcowboy
4b41f19c87
insecureCmdLineArgs: Added more test cases to ensure 'const'-qualifiers are handled correctly.
2019-08-15 08:45:31 +02:00
Daniel Marjamäki
602911cfca
Activate a TODO test case
2019-07-29 08:06:57 +02:00
Scott Furry
a195477470
Correct Zero/Null as pointer constant ( #1938 )
...
Building with enhanced clang warnings indicated a large number of
instances with the warning:
`warning: zero as null pointer constant`
Recommended practice in C++11 is to use `nullptr` as value for
a NULL or empty pointer value. All instances where this warning
was encountered were corrected in this commit.
Where warning was encountered in dependency code (i.e. external library)
no chnages were made. Patching will be offered upstream.
2019-06-30 21:39:22 +02:00
Paul Fultz II
f75c15af56
Fix issue 6821: New check: access heap/stack data using address of variable
...
This fixes errors with:
```cpp
int f() {
int i;
return (&i)[1];
}
```
It uses the lifetime analysis to detect the issues.
2019-05-31 12:24:31 +02:00
Daniel Marjamäki
6da42a3d63
Fixed #9112 (false positive: (error) Array index out of bounds; buffer 'x' is accessed at offset n.)
2019-05-01 13:00:14 +02:00
Daniel Marjamäki
de4f57ec0f
Buffer overflow: Add CTU checking for pointer arithmetic overflows
2019-04-03 06:43:56 +02:00
Daniel Marjamäki
c5807459f9
CheckBufferOverrun: Add check for pointer arithmetics
2019-03-31 09:00:52 +02:00
Daniel Marjamäki
4107671549
TestBufferOverrun: Uncommented and moved CTU tests
2019-03-30 15:10:00 +01:00
Daniel Marjamäki
b5a285319c
Fixed #9073 (Segmentation fault in Token::isUnaryOp() with ode)
2019-03-29 19:37:23 +01:00
Daniel Marjamäki
d6b806c592
CheckBufferOverrun: Better CTU checking when variable address is passed
2019-03-23 15:57:17 +01:00
Daniel Marjamäki
9653760547
CheckBufferOverrun: Improved CTU analysis for array
2019-03-23 11:20:35 +01:00
Daniel Marjamäki
15fc9a622d
CheckBufferOverrun: Add CTU analysis
2019-03-23 08:36:10 +01:00
Daniel Marjamäki
031362ae01
CheckBufferOverrun: Fix false positive
2019-03-19 21:07:08 +01:00
Daniel Marjamäki
a0e58f0039
Revert "Revert "CheckBufferOverrun: Handle multidimensional arrays""
...
This reverts commit 9d1755f449
.
2019-03-19 13:16:22 +01:00
Daniel Marjamäki
9d1755f449
Revert "CheckBufferOverrun: Handle multidimensional arrays"
...
This reverts commit e98a4a6f14
.
2019-03-19 13:13:29 +01:00
Daniel Marjamäki
e98a4a6f14
CheckBufferOverrun: Handle multidimensional arrays
2019-03-19 09:29:32 +01:00
Daniel Marjamäki
03f8535c71
Better multiline warning when there is buffer overflow
2019-03-17 20:12:02 +01:00
Daniel Marjamäki
3c85d8a8ac
ValueFlow: Better info for buffer size values
2019-03-17 19:02:36 +01:00
Daniel Marjamäki
0771929518
Buffer overflow: Handling of dynamically allocated buffer
2019-03-17 13:40:56 +01:00
Daniel Marjamäki
92f4113b59
Array index: Checking array index out of bounds for dynamic buffers
2019-03-17 13:09:15 +01:00
Daniel Marjamäki
ebef16b8a3
Travis: Try to remove temporary fix
2019-03-16 18:29:02 +01:00
Daniel Marjamäki
e9d29e826f
Travis: Temporarily comment out failing test
2019-03-16 09:48:32 +01:00
Daniel Marjamäki
fb2198fd6b
Travis: Try to fix test
2019-03-16 09:28:00 +01:00
Daniel Marjamäki
f40a80c349
Use 'normal' checking instead of 'simplified'
2019-03-16 07:19:48 +01:00
Daniel Marjamäki
81a1d744c6
CheckBufferOverrun: fix FP for array definition of static class member
2019-03-13 06:39:09 +01:00
Daniel Marjamäki
67e8b99c2c
CheckBufferOverrun: Readd a check for strncpy/memcpy/etc
2019-03-12 21:15:26 +01:00
Daniel Marjamäki
0c08f6db6c
CheckBufferOverrun: Use AST to lookup array
2019-03-12 06:46:38 +01:00
Daniel Marjamäki
ea23033a65
Array index out of bounds: Fix false positive
2019-03-11 20:33:08 +01:00
Daniel Marjamäki
bd048085bd
Add CheckBufferOverrun::arrayIndexThenCheck
2019-03-11 19:20:06 +01:00
Daniel Marjamäki
729f57d8f1
Start a major rewrite of CheckBufferOverrun. For now only the 'array index' and 'buffer overflow' checks are rewritten.
...
There are important TODOs still; for instance adding CTU support using our CTU infrastructure, add handling of pointers (maybe I'll use FwdAnalysis for this), add handling of multidimensional arrays, etc..
2019-03-11 12:34:33 +01:00
amai2012
eb9edbc177
#9024 Crash caused by package "procserv" in lib/token.h:921 function Token::getKnownIntValue - Fix and test for alternative code example.
2019-03-08 11:07:33 +01:00
Daniel Marjamäki
c32d015337
Fixed false positives from terminateStrncpy
2019-03-06 18:50:50 +01:00
Daniel Marjamäki
bd7790fd8c
Update copyright year
2019-02-09 07:24:06 +01:00
Paul Fultz II
4b37f276c2
ValueFlow: Set arrays to true when converting to a boolean
...
This sets it by checking the parent. It doesn't handle function parameters yet.
2019-01-21 20:05:35 +01:00
Daniel Marjamäki
8dd641b8be
Use OVERRIDE in test
2019-01-12 15:45:25 +01:00
Daniel Marjamäki
bc34f0239d
Disable the subfunction value flow analysis. It does not work well and needs to be rewritten. There are false positives.
2018-12-18 14:36:49 +01:00
orbitcowboy
0858488825
insecureCmdLineArgs: Fixed FN in case strdup() copies argv[]. ( #1438 )
...
* insecureCmdLineArgs: Fixed FN in case strdup() copies argv[].
* Formatted the code. There are no functional changes intended.
* Changes due to review comments from Daniel.
2018-10-19 11:04:15 +02:00
orbitcowboy
a6e8270474
insecureCmdLineArgs: Fixed false negatives in case arguments are const. ( #1419 )
...
* insecureCmdLineArgs: Fixed false negatives in case arguments are const.
* Formatted the code, there are functional changes.
* Simplified matching as suggested by Daniel.
2018-10-15 10:05:43 +02:00
Daniel Marjamäki
20121b34d8
Fixed #7718 (False positive: out of bounds of already resized std::string)
2018-10-09 06:53:26 +02:00
Daniel Marjamäki
f388c77042
Fixed #8721 (Regression: False positive array index out of bounds)
2018-08-31 18:25:43 +02:00
Daniel Marjamäki
27aae8d032
Fixed #8644 (crash (CheckBufferOverrun::checkGlobalAndLocalVariable): local function)
2018-08-30 10:04:07 +02:00
Simon Martin
acb0b9f07e
Ticket #8679 : Add support for C++11 thread_local and GCC's (among others) __thread extension. ( #1351 )
2018-08-26 19:46:36 +02:00
rebnridgway
42a65c5160
Fix crash bug #8579 ( #1238 )
...
* Added declaration for deletePrevious function
* Added definition for deletePrevious function
* Fixed crash from deleteThis invalidating pointers
The crash was caused by deleteThis() invalidating the pointer to a constant variable usage. This happened when a usage followed an assignment. This fixes bug #8579 .
* Added tokensFront to match tokensBack
This means deletePrevious can set the list's front if necessary.
* Initialised tokensFront in appropriate places
* Switched to using default Token constructor
* Switched to using Token default constructor
* Switched to using default constructor for Token
* Added missing argument to Token constructor
* Changed to use default constructor for Tokens
* Switched to using default constructor for Tokens
* Switched to using default constructor for Token
* Added new test for deleting front Token
Also made sure to use the correct constructor for Token in other tests.
* Syntax error
* Replaced tokensFront and tokensBack with a struct
This decreases the size of the Token class for performance purposes.
* Replaced tokensFront and tokensBack with a struct
* Added tokensFrontBack to destructor
* Reworked to use TokensBackFront struct
Also ran astyle.
* Reworked to use TokenList's TokensFrontBack member
* Reworked to use TokensFrontBack struct
* Reworked to use TokensFrontBack struct
* Reworked to work with TokensFrontBack struct
* Removed unnecessary scope operator
* Added missing parentheses
* Fixed syntax error
* Removed unnecessary constructor
* Default constructor now 0-initialises everything
This is safer for not using a temporary TokensFrontBack object, and doesn't use delegating constructors which aren't supported yet.
* Fixed unsafe null check
* Added missing explicit keyword
* Fixing stylistic nits
Removed default constructor as it has been superseded by the single-argument constructor with a default argument value.
Renamed listEnds to tokensFrontBack.
Fixed if statement that was supposed to be adding safety but would actually cause a crash if tokensFrontBack was null.
* Fixing stylistic nits
Removed default constructor and replaced it with a single-argument constructor with a default value.
* Fixing stylistic nits
Renamed _listEnds to _tokensFrontBack.
* Fixing stylistic nits
Renamed _listEnds to _tokensFrontBack.
2018-05-25 07:15:05 +02:00
IOBYTE
ce50df8047
Fix override warnings. ( #1234 )
2018-05-15 16:37:40 +02:00
Daniel Marjamäki
8c2a5c9813
astyle formatting
...
[ci skip]
2018-05-06 09:50:53 +02:00
Paul Fultz II
0561877182
Fix false positive with negative array index in issue 8536 ( #1202 )
...
* Fix FP with negative array index in valueflow
* Remove values when valueflow fails
* Add valueflow test
2018-05-06 08:35:29 +02:00
PKEuS
bbfcccf078
Refactorization: Replace several push_back-sequences by initializer lists
2018-04-09 09:41:24 +02:00
Daniel Marjamäki
7e4dba6a7e
Updated copyright year
2018-03-31 20:59:09 +02:00
IOBYTE
5bc039b7da
Fix #6367 and #8439 (improve sizeof value flow support) ( #1132 )
2018-03-23 08:28:12 +01:00
Daniel Marjamäki
bc40f5041d
Fixed #6356 (Improve checking: pointer arithmetic "ab.a + 100" overrun)
2018-01-27 15:39:39 +01:00
Daniel Marjamäki
c4caee6b18
Updated copyright year
2018-01-14 15:37:52 +01:00
Daniel Marjamäki
7d2450e445
Fixed #1478 (false negative: buffer access out of bounds not detected after free and malloc)
2017-12-31 14:58:26 +01:00
Ayaz Salikhov
28aa939d69
iwyu - include what you use
2017-05-27 04:33:47 +02:00
Daniel Marjamäki
040d2f0012
Use simplecpp lexer in test cases
2017-05-18 21:52:31 +02:00
Daniel Marjamäki
7fd04cd8d0
Updated Token::expressionString(), write '->' instead of '.'
2017-04-30 14:22:18 +02:00
Simon Martin
b526fd7c49
Ticket #7964 : Don't crash on valid code using function pointers named strcpy or strcat in main().
2017-04-21 23:36:10 +02:00
PKEuS
b97779591e
Fixed unit test in testbufferoverrun.cpp
2017-04-11 23:00:33 +02:00
PKEuS
680828788b
Fixed false negative in CheckBufferOverrun::checkInsecureCmdLineArgs(), removed redundant tests
2017-03-27 11:30:07 +02:00
PKEuS
171e1b8244
Fixed false negatives in CheckBufferOverrun::arrayIndexThenCheck()
2017-03-27 11:07:49 +02:00
Daniel Marjamäki
f0d91fb74b
Fixed #7869 (False positive: Array index out of bounds)
2016-12-20 22:01:19 +01:00
Daniel Marjamäki
f5ad7482a8
CheckBufferOverrun: Skip warnings about array index out of bounds in unions. Theoretically, the array is at least as large as the biggest union member.
2016-12-18 22:10:30 +01:00
Daniel Marjamäki
461e5cc5c9
CheckBufferOverrun: Moved check from simplified to normal. This fixes a FP in asterisk.
2016-12-18 11:14:05 +01:00
Daniel Marjamäki
a61f4e9c94
Fixed #7831 (false-positive: terminateStrncpy)
2016-11-24 07:04:58 +01:00
Daniel Marjamäki
5b377ea2e4
Fixed #7821 (segmentation fault, invalid last token)
2016-11-20 14:15:51 +01:00
PKEuS
3f4fe8f578
Refactorized CheckBufferOverrun:
...
- Removed redundant code
- Apply non-simplified checking in test suite
2016-07-27 17:28:43 +02:00
PKEuS
44a19b527e
Use ValueFlow and SymbolDatabase to detect buffer overflows with new and malloc, improving support for enums ( #7576 )
2016-07-08 20:53:08 +02:00
PKEuS
644a216394
Fixed two false positives related to char arrays initialized by a literal:
...
- Run check for writing to string literals on non-simplified token list (#7283 )
- Run buffer overrun checking for string literals on non-simplified token list (https://sourceforge.net/p/cppcheck/discussion/general/thread/2c33dfc5/ )
2016-07-07 19:38:15 +02:00
umanamente
0f11007c19
Fixed #7083 (false positive: typedef and initialization with strings)
2016-06-21 22:42:46 +02:00
PKEuS
8c0eab3eb3
Optimization: Improved performance of CheckBufferOverrun::checkScope() when dealing with a large number of arrays ( #5975 )
...
-> checking time decreases from 1010s to 50s on the code snippet in #5975
-> Dropped a garbage code unit test
2016-05-25 14:42:00 +02:00
Daniel Marjamäki
659cd96b03
Fixed #7209 (False positive: Array index used before limits check reported in sizeof)
2016-01-24 14:06:02 +01:00
Lauri Nurmi
996c9244d8
Update copyright year to 2007-2016.
2016-01-01 15:34:45 +02:00
Daniel Marjamäki
9c3f25603e
CheckBufferOverrun: Remove old checking of strings and use new ValueFlow-based checking instead ( #6973 )
2015-11-30 16:36:52 +01:00
Daniel Marjamäki
0f9d90d2be
Changed Copyrights. Removed my name.
2015-11-18 20:04:50 +01:00
Daniel Marjamäki
5074c11b53
CheckBufferOverrun: Fixed FP when accessing string that contains '\0'. Refactoring address-of.
2015-11-09 10:30:39 +01:00
Daniel Marjamäki
ef5be435c7
Fixed #7113 (False positive arrayIndexOutOfBounds - using pointer alias with cast)
2015-11-08 17:21:32 +01:00
Daniel Marjamäki
7d6e1974eb
Fixed #7104 (False positive arrayIndexOutOfBounds)
2015-11-08 09:30:23 +01:00
Daniel Marjamäki
9c7271a5e9
CheckBufferOverrun: The simplifyKnownVariables() has been reduced, use ValueFlow instead
2015-11-07 18:12:01 +01:00
PKEuS
0a34b206e8
Refactorization: Reduced code duplication in test suite
2015-10-08 11:35:51 +02:00
PKEuS
3a5cef8a7e
Refactorization: Improved usage of Settings instances in test suite
2015-10-07 18:40:03 +02:00
Alexander Mai
8d2c4453ad
Small optimizations for C code in Tokenizer. Add some regression tests for recently fixed results
2015-08-29 19:00:09 +02:00
Alexander Mai
66e4faa621
Add regression test for true negative argumentSize
2015-08-29 11:14:13 +02:00
PKEuS
128a926d9d
Collected some more garbage code tests in testgarbage.cpp; Avoid std::string creation in testgarbage.cpp
2015-08-16 19:12:12 +02:00
Martin Ettl
42a406ac5f
testbufferoverrun: Removed duplicate test case.
2015-07-30 22:42:45 +02:00
Daniel Marjamäki
6790d91fbb
Improve error messages for conditional values. make valueFlowSwitchVariable values conditional that depend on the case. Partial fix for #6884 .
2015-07-29 19:54:57 +02:00
Daniel Marjamäki
c5bbea2994
Fixed #6816 (FP: buffer overflow, checkminsizes of array with string value)
2015-07-27 16:39:41 +02:00
PKEuS
176b3925b3
Removed "verify" code in testrunner. Fixing its messages reduces the accuracy of the test suite.
2015-07-25 14:18:41 +02:00
Daniel Marjamäki
fef251ac76
negative array size: fixed noise when array is not vla
2015-07-04 09:42:42 +02:00
Daniel Marjamäki
0ca410a4d7
Fixed #6668 (False positive bufferAccessOutOfBounds on sprintf() - regression)
2015-06-07 14:01:20 +02:00
Daniel Marjamäki
baa1ae079d
New check: negative size in array declaration. Ticket #1760
2015-05-03 15:00:47 +02:00
Dmitry-Me
d735918a8a
Constructor parameter type need not be a number
2015-03-25 14:56:45 +03:00
PKEuS
bc5132e0ac
Refactorization: Moved declaration of errout, ... to testsuite.h, uniformized style
2015-03-11 22:54:43 +01:00
Daniel Marjamäki
cc0f61376a
more cleanup of std.cfg testing in TestBufferOverrun
2015-02-14 18:55:54 +01:00
Daniel Marjamäki
e510902d58
TestBufferOverrun cleanup some more std.cfg testing
2015-02-14 17:30:08 +01:00
Daniel Marjamäki
360ec9d853
updated TestBufferOverrun test case. Since checker doesn't use library dont load std.cfg.
2015-02-14 16:44:08 +01:00
Daniel Marjamäki
0c0d62171e
removed duplicate testcase. See testcase for #836
2015-02-14 16:41:51 +01:00
Daniel Marjamäki
a57d5d7eda
moved testcases
2015-02-14 16:37:48 +01:00
Daniel Marjamäki
e01b30345e
move testcases in TestBufferOverrun
2015-02-14 16:29:05 +01:00
Daniel Marjamäki
166db40af2
Fix TestBufferOverrun test case, it was wrongly written.
2015-02-14 15:51:13 +01:00
Daniel Marjamäki
c43d537726
renamed TestBufferOverrun test method to same name as CheckBufferOverrun method that is tested
2015-02-14 15:49:17 +01:00
Daniel Marjamäki
2b7c7134e1
TestBufferOverrun: move memset test
2015-02-14 15:46:00 +01:00
Daniel Marjamäki
e0d90c00be
TestBufferOverrun: Cleanup testcases for memory functions
2015-02-13 16:16:59 +01:00
Daniel Marjamäki
2d21eb07ba
Cleaned up snprintf hardcoding in CheckBufferOverrun
2015-02-13 06:44:38 +01:00
Daniel Marjamäki
a6cfd15bde
refactoring TestBufferOverrun
2015-02-12 17:36:22 +01:00
Daniel Marjamäki
9aad4fa8ca
CheckBufferOverrun: Remove hardcoding for sprintf and rely on cfg configuration instead
2015-02-12 17:29:36 +01:00
Daniel Marjamäki
d9deabe2ce
TestBufferOverrun: clean up
2015-02-10 17:29:36 +01:00
Daniel Marjamäki
53718047f1
refactoring TestBufferOverrun
2015-02-10 06:49:48 +01:00
Daniel Marjamäki
9aa0420472
TestBufferOverrun: Moved out cfg tests. Created minsize-mul testing in TestBufferOverrun
2015-02-10 06:44:19 +01:00
Daniel Marjamäki
ce1d0099cf
TestBufferOverrun: Moved out cfg tests. Created minsize-argvalue testing in TestBufferOverrun
2015-02-10 06:35:41 +01:00
Daniel Marjamäki
631536980c
TestBufferOverrun: split up strncpy testing, keep checker testing in TestBufferOverrun and move cfg tests to cfg test
2015-02-09 16:20:28 +01:00
PKEuS
f78744ac30
Fixed AST generation if expression starts with ternary operator
2015-02-01 14:02:19 +01:00
PKEuS
21cb0cfd60
Take simplifyIfNotNull and simplifyIfNot out of simplifyTokenList1 (first step for #6072 )
2015-01-31 20:12:02 +01:00
Daniel Marjamäki
73113c67e7
Fixed #6480 (False positive unreachableCode - member function exit called instead of ::exit())
2015-01-31 16:55:55 +01:00
Daniel Marjamäki
57ec1aea91
Library: Don't rely on ast in isNotLibraryFunction since it's used in tokenizer
2015-01-31 10:24:10 +01:00
PKEuS
98e33a189f
Enhanced CheckBufferOverrun:
...
- Fixed bug in library: manual and existing libraries use "size", but library.cpp reads "sizeof" as podtype attribute
- Fixed a couple of bugs in handling unknown size in checkbufferoverrun.cpp, get size from library if available.
2015-01-30 20:27:48 +01:00
PKEuS
3274a00b82
Moved some more tests to testgarbage.cpp
2015-01-21 10:04:46 +01:00
Daniel Marjamäki
6a8293a8b7
Library: More strict matching of functions
2015-01-08 19:31:41 +01:00
Daniel Marjamäki
ff11ba9847
Updated copyright year to 2015
2015-01-03 12:14:58 +01:00
Daniel Marjamäki
6194a4eefd
Fixed #6357 (Improve check: pointer arithmetic 'p+x' overrun, conditional x)
2014-12-26 09:12:00 +01:00
Daniel Marjamäki
7ab12cea63
Improved pointer arithmetic message
2014-12-25 14:31:46 +01:00
Daniel Marjamäki
bc594d52c8
Fixed #6349 (Pointer arithmetic: clarify message)
2014-12-25 10:05:55 +01:00
Daniel Marjamäki
7cfa54f0e0
Fixed #6353 (False positive: CheckBufferOverrun checking reassigned array function parameter)
2014-12-24 14:03:52 +01:00
Daniel Marjamäki
1b2a23b3fe
Fixed #6350 (Tokenizer::simplifyCast: set Token::isCasted when cast is removed)
2014-12-23 16:16:14 +01:00
Daniel Marjamäki
10ae551fef
CheckBufferOverrun: Use portability warning for pointer arithmetic UB. It can be used by intention and usually works as intended.
2014-12-22 10:56:17 +01:00
Daniel Marjamäki
93ac5a41cd
Fixed #6346 (pointer calculation overflow)
2014-12-22 09:38:00 +01:00
Daniel Marjamäki
a95e5bff2b
Fixed #6344 (false positive: out of bounds access when array size is unknown)
2014-12-20 18:50:08 +01:00
Daniel Marjamäki
a1537e1a6e
Fixed #6339 (false negative: array index out of bounds on allocated buffer using valueflow)
2014-12-17 16:23:48 +01:00
Alexander Mai
c2584aa635
#6303 crash in CheckBufferOverrun. Add check on loop variable in CheckBufferOverrun::checkScope().
2014-12-04 20:49:58 +01:00
Daniel Marjamäki
051d42ae6b
astyle formatting
2014-11-20 14:20:09 +01:00
orbitcowboy
f5d804f71a
running astyle
2014-11-20 10:13:03 +01:00
Frank Zingsheim
71c5d4bd60
Ticket #6232 (cppOut of bounds array access)
...
--HG--
extra : rebase_source : 79ed3533a12a486ea3ed3f09f9bc55b1a4771161
2014-10-21 22:56:53 +02:00
PKEuS
6955e719cf
Collected garbage code tests and moved them to testgarbage.cpp
2014-10-16 10:59:46 +02:00
PKEuS
68b26f8faa
Fixed subsequent false negatives in CheckBufferOverrun::checkInsecureCmdLineArgs() ( #5835 )
2014-09-29 15:38:33 +02:00
Alexander Mai
ccd80e3407
#6141 FP: Unknown type is assumed to have size 0.
2014-09-27 21:51:11 +02:00
Dmitry-Me
1e298a31cf
Refactoring tests. Use utility function to warn about unsimplified code in tests.
2014-09-13 12:59:32 +02:00
PKEuS
4c18967329
Added unit test for #5849
2014-08-31 21:45:38 +02:00
Daniel Marjamäki
b6355b991f
Fixed #6070 (false positive: Array 'array[8192]' accessed at index 8192, which is out of bounds)
2014-08-19 07:03:00 +02:00
Daniel Marjamäki
47a2b35e98
BufferOverrun: Use ValueFlow string values more
2014-08-04 08:25:10 +02:00
Daniel Marjamäki
5de1e35350
CheckBufferOverrun: Fixed minsize checking of string literals. Check sizeof string instead of strlen.
2014-07-30 20:35:21 +02:00
Daniel Marjamäki
254b6438b9
CheckBufferOverrun::checkStringArgument: sizeof string is strlen+1
2014-07-08 16:04:09 +02:00
Daniel Marjamäki
9a4bd73a18
Fixed unit test
2014-07-08 08:02:02 +02:00
Daniel Marjamäki
0fd334911a
Fixed #5257 (Check memcpy size for string literals)
2014-07-06 08:41:39 +02:00
Daniel Marjamäki
53aa2f5982
astyle formatting
...
[ci skip]
2014-07-06 07:16:28 +02:00
amai2012
77095e2b05
Add some more functions to posix.cfg which allow to enable TestBufferOverrun::buffer_overrun_1_posix_functions
...
Fix some compiler warnings on MSVC
2014-07-05 22:47:10 +02:00
Daniel Marjamäki
a3acc3241e
Library: Added <minsize> element used for buffer overrun checking
2014-07-05 20:31:43 +02:00
Daniel Marjamäki
6c8558c112
CheckBufferOverrun: Removed old for-loop handling. This is handled through ValueFlow from now on.
2014-06-27 06:46:42 +02:00
Daniel Marjamäki
036b2f8ccf
CheckBufferOverrun: Added bufferOverrun2 that is based on ValueFlow/SymbolDatabase/Ast from the start. Replaced some old checking.
2014-06-26 17:36:20 +02:00
Simon Martin
966491d40b
Added a test for out-of-bounds character array access.
2014-05-27 16:21:13 +02:00
PKEuS
effa38c322
Fixed #5863 (False positive: array index is used before limits check)
2014-05-24 17:50:01 +02:00
PKEuS
04fbbdb5e8
Refactorized CheckBufferOverrun::arrayIndexThenCheck() and fixed false negative
2014-05-10 13:00:44 +02:00
Daniel Marjamäki
ed1d63ffc0
Fixed #5636 (FP: matrix out of bounds)
2014-05-03 18:12:06 +02:00
Alexander Mai
89dc652af9
#5631 Typo and misleading error message in negativeMemoryAllocationSize
2014-04-08 20:23:00 +02:00
Daniel Marjamäki
e5301b2b7a
ValueFlow: Improved valueflow of for loop 'for (i=a; i<10; i++)' => unknown start value but end value is known
2014-03-29 20:20:22 +01:00
PKEuS
1c58628223
Handle pointer/reference to array in setVarId ( #2645 )
2014-03-28 16:10:27 +01:00
PKEuS
63254b33f9
Fixed uncaught exception in testbufferoverrun.cpp
2014-03-27 19:55:11 +01:00
Daniel Marjamäki
6da9cca4ab
fixed unit test that I broke by mistake
2014-03-25 21:45:25 +01:00
Daniel Marjamäki
87daf5783e
buffer overflow: clean up old checking for negative index
2014-03-25 20:37:32 +01:00
Daniel Marjamäki
c8004a8d31
Buffer overruns: Use ValueFlow to detect negative index
2014-03-25 18:22:22 +01:00
Daniel Marjamäki
aa05bf0f16
ValueFlow: Improved abstract interpretation
2014-03-24 06:48:06 +01:00
Daniel Marjamäki
dbc8273cb7
ValueFlow: improved abstract interpretation of for loops
2014-03-24 00:16:02 +01:00
Daniel Marjamäki
b6276058da
Value Flow: Improved abstract interpretation of arithmetical expressions
2014-03-22 19:02:33 +01:00
PKEuS
49b25b05d9
Fixed crash in CheckBufferOverrun on garbage code ( #5595 )
2014-03-21 13:20:44 +01:00
Daniel Marjamäki
e240282443
Value Flow: Another try with the abstract interpretation of for loops
2014-03-17 18:43:47 +01:00
Daniel Marjamäki
8c3f2c2ad9
Revert 894a65b0
. abstract interpretation of for loops. there was some crashes and performance problems. I will fix those problems when I have time and recommit.
2014-03-16 08:38:52 +01:00
Daniel Marjamäki
894a65b0b1
ValueFlow: Refactor the for-loop handling. Use abstract interpretation.
2014-03-15 11:29:33 +01:00
Daniel Marjamäki
7fa73c0d64
Merge pull request #256 from xypron/5505
...
5505: FP: Array accessed out of bounds
2014-03-09 08:47:18 +01:00
Heinrich Schuchardt
bd67db96f1
5505: FP: Array accessed out of bounds
...
CheckBufferOverrun::checkFunctionParameter alreacy considered usage of a
function parameter inside an if block as a special case.
With the patch the same is done for switch statements.
A test is added.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2014-03-07 19:51:13 +01:00
Daniel Marjamäki
fd3a8a2a18
Update copyright
2014-02-15 07:45:39 +01:00
Martin Ettl
6ca7daec10
Fixed #389 : Providing negative value to memory allocation function.
2014-02-01 22:38:29 +01:00
Daniel Marjamäki
9aa9530e0d
Fixed #5426 (crash: btrfs-progs cmds-inspect.c)
2014-01-31 06:19:36 +01:00
Daniel Marjamäki
abe8439917
Fixed #5416 (False positive: Array accessed at index, which is out of bounds.)
2014-01-28 16:55:10 +01:00
Daniel Marjamäki
0dbb86f0cb
Cleanup ExecutionPath from CheckBufferOverrun
2014-01-22 21:25:37 +01:00
Daniel Marjamäki
b91f42453b
value flow: improved handling of cast
2014-01-20 22:26:55 +01:00
Daniel Marjamäki
3e23e243f6
BufferOverflow: Updated message for out of bounds array index or redundant condition
2014-01-17 19:44:45 +01:00
Daniel Marjamäki
18d6285ad2
BufferOverrun: Improved error message when array index is used before checking that its in limits
2014-01-17 18:56:46 +01:00
Daniel Marjamäki
30cae358d8
Removed the --value-flow flag. ValueFlow analysis will always be enabled from now on.
2014-01-17 18:07:05 +01:00
Daniel Marjamäki
0b4de97e2b
value flow: Use ValueFlow in CheckBufferOverrun
2014-01-16 19:23:14 +01:00
Daniel Marjamäki
a1b0d190df
Fixed #3688 (false positive: (inconclusive, posix) (warning) The buffer 'cBuffer' is not zero-terminated after the call to readlink().)
2014-01-02 10:46:19 +01:00
Daniel Marjamäki
32be4094e7
Symbol database: only put variables in variable list
2013-12-31 17:51:56 +01:00
PKEuS
4f0121ee2f
Splitted simplification out of tokenize()
2013-12-30 17:45:28 +01:00
Simon Martin
fe75686595
Ticket #5203 : Don't crash when checking buffer overrun for invalid code.
2013-11-30 07:40:32 +01:00
Daniel Marjamäki
946722faf0
Fixed #4968 (False positive: Structure with 'read' member is confused with read() function.)
2013-10-05 18:25:44 +02:00
Alexander Mai
450442287c
Fixed #4974 (CheckBufferOverrun::writeOutsideBufferSize() too strict)
2013-08-25 18:46:07 +02:00
Daniel Marjamäki
5ce7189bc0
Merge pull request #166 from last5bits/ticket4213
...
Fixing #4213 arrayIndexThenCheck and adding tests
2013-08-23 22:36:30 -07:00
Alexey Zhikhartsev
d24a321ba2
Fixing #4213 arrayIndexThenCheck and adding tests
2013-08-23 19:04:01 +04:00
Daniel Marjamäki
64733d9e63
astyle formatting
2013-08-10 12:32:59 +02:00
Simon Martin
ad33d95ec1
Ticket #4764 : properly handle template instantiations with only default parameters.
2013-08-10 12:00:16 +02:00
PKEuS
a9a5dc0354
Updated to AStyle 2.03, require this version
2013-08-07 16:27:37 +02:00
Lucas Manuel Rodriguez
d6be4559cd
Fixed #4840 (false negative: buffer access out of bounds)
2013-06-25 06:37:51 +02:00
Daniel Marjamäki
a861817a01
Fixed #4751 (CheckBufferOverrun: better handling when struct member instance doesn't have same varid as struct member declaration)
2013-05-28 16:52:23 +02:00
Daniel Marjamäki
ea60c5b14b
CheckBufferOverrun: Code cleanup
2013-05-05 08:14:19 +02:00
Daniel Marjamäki
4e65800adf
TestRunner: Updated warning message when there is unsimplified code
2013-04-16 16:54:19 +02:00
Daniel Marjamäki
393c75af70
Simplified remaining TestBufferOverrun test cases
2013-04-13 15:49:15 +02:00
Daniel Marjamäki
cbe2cdafcf
Simplify TestBufferOverrun test cases (casts, pointer addition, calculation)
2013-04-13 13:58:21 +02:00
Daniel Marjamäki
fe911f92e1
Simplify TestBufferOverrun test cases (known variable value)
2013-04-13 13:13:13 +02:00
Daniel Marjamäki
78d3aef40e
Simplified TestBufferOverrun test cases (sizeof, known variable value)
2013-04-13 11:01:19 +02:00
Daniel Marjamäki
3b880f9e2e
Simplified TestBufferOverrun test cases (sizeof, known variables, casts, etc)
2013-04-13 08:19:14 +02:00
Daniel Marjamäki
7871f16e9d
Simplified TestBufferOverrun::readlink test cases (sizeof)
2013-04-13 07:31:15 +02:00
Daniel Marjamäki
6afdd1b7c0
Simplified TestBufferOverrun::readlinkat test cases (sizeof, known variables)
2013-04-13 07:22:01 +02:00
PKEuS
cdce755471
Removed duplicate unit tests in testbufferoverrun.cpp
2013-04-12 12:17:08 -07:00