Daniel Marjamäki
ce1d0099cf
TestBufferOverrun: Moved out cfg tests. Created minsize-argvalue testing in TestBufferOverrun
2015-02-10 06:35:41 +01:00
Daniel Marjamäki
631536980c
TestBufferOverrun: split up strncpy testing, keep checker testing in TestBufferOverrun and move cfg tests to cfg test
2015-02-09 16:20:28 +01:00
PKEuS
f78744ac30
Fixed AST generation if expression starts with ternary operator
2015-02-01 14:02:19 +01:00
PKEuS
21cb0cfd60
Take simplifyIfNotNull and simplifyIfNot out of simplifyTokenList1 (first step for #6072 )
2015-01-31 20:12:02 +01:00
Daniel Marjamäki
73113c67e7
Fixed #6480 (False positive unreachableCode - member function exit called instead of ::exit())
2015-01-31 16:55:55 +01:00
Daniel Marjamäki
57ec1aea91
Library: Don't rely on ast in isNotLibraryFunction since it's used in tokenizer
2015-01-31 10:24:10 +01:00
PKEuS
98e33a189f
Enhanced CheckBufferOverrun:
...
- Fixed bug in library: manual and existing libraries use "size", but library.cpp reads "sizeof" as podtype attribute
- Fixed a couple of bugs in handling unknown size in checkbufferoverrun.cpp, get size from library if available.
2015-01-30 20:27:48 +01:00
PKEuS
3274a00b82
Moved some more tests to testgarbage.cpp
2015-01-21 10:04:46 +01:00
Daniel Marjamäki
6a8293a8b7
Library: More strict matching of functions
2015-01-08 19:31:41 +01:00
Daniel Marjamäki
ff11ba9847
Updated copyright year to 2015
2015-01-03 12:14:58 +01:00
Daniel Marjamäki
6194a4eefd
Fixed #6357 (Improve check: pointer arithmetic 'p+x' overrun, conditional x)
2014-12-26 09:12:00 +01:00
Daniel Marjamäki
7ab12cea63
Improved pointer arithmetic message
2014-12-25 14:31:46 +01:00
Daniel Marjamäki
bc594d52c8
Fixed #6349 (Pointer arithmetic: clarify message)
2014-12-25 10:05:55 +01:00
Daniel Marjamäki
7cfa54f0e0
Fixed #6353 (False positive: CheckBufferOverrun checking reassigned array function parameter)
2014-12-24 14:03:52 +01:00
Daniel Marjamäki
1b2a23b3fe
Fixed #6350 (Tokenizer::simplifyCast: set Token::isCasted when cast is removed)
2014-12-23 16:16:14 +01:00
Daniel Marjamäki
10ae551fef
CheckBufferOverrun: Use portability warning for pointer arithmetic UB. It can be used by intention and usually works as intended.
2014-12-22 10:56:17 +01:00
Daniel Marjamäki
93ac5a41cd
Fixed #6346 (pointer calculation overflow)
2014-12-22 09:38:00 +01:00
Daniel Marjamäki
a95e5bff2b
Fixed #6344 (false positive: out of bounds access when array size is unknown)
2014-12-20 18:50:08 +01:00
Daniel Marjamäki
a1537e1a6e
Fixed #6339 (false negative: array index out of bounds on allocated buffer using valueflow)
2014-12-17 16:23:48 +01:00
Alexander Mai
c2584aa635
#6303 crash in CheckBufferOverrun. Add check on loop variable in CheckBufferOverrun::checkScope().
2014-12-04 20:49:58 +01:00
Daniel Marjamäki
051d42ae6b
astyle formatting
2014-11-20 14:20:09 +01:00
orbitcowboy
f5d804f71a
running astyle
2014-11-20 10:13:03 +01:00
Frank Zingsheim
71c5d4bd60
Ticket #6232 (cppOut of bounds array access)
...
--HG--
extra : rebase_source : 79ed3533a12a486ea3ed3f09f9bc55b1a4771161
2014-10-21 22:56:53 +02:00
PKEuS
6955e719cf
Collected garbage code tests and moved them to testgarbage.cpp
2014-10-16 10:59:46 +02:00
PKEuS
68b26f8faa
Fixed subsequent false negatives in CheckBufferOverrun::checkInsecureCmdLineArgs() ( #5835 )
2014-09-29 15:38:33 +02:00
Alexander Mai
ccd80e3407
#6141 FP: Unknown type is assumed to have size 0.
2014-09-27 21:51:11 +02:00
Dmitry-Me
1e298a31cf
Refactoring tests. Use utility function to warn about unsimplified code in tests.
2014-09-13 12:59:32 +02:00
PKEuS
4c18967329
Added unit test for #5849
2014-08-31 21:45:38 +02:00
Daniel Marjamäki
b6355b991f
Fixed #6070 (false positive: Array 'array[8192]' accessed at index 8192, which is out of bounds)
2014-08-19 07:03:00 +02:00
Daniel Marjamäki
47a2b35e98
BufferOverrun: Use ValueFlow string values more
2014-08-04 08:25:10 +02:00
Daniel Marjamäki
5de1e35350
CheckBufferOverrun: Fixed minsize checking of string literals. Check sizeof string instead of strlen.
2014-07-30 20:35:21 +02:00
Daniel Marjamäki
254b6438b9
CheckBufferOverrun::checkStringArgument: sizeof string is strlen+1
2014-07-08 16:04:09 +02:00
Daniel Marjamäki
9a4bd73a18
Fixed unit test
2014-07-08 08:02:02 +02:00
Daniel Marjamäki
0fd334911a
Fixed #5257 (Check memcpy size for string literals)
2014-07-06 08:41:39 +02:00
Daniel Marjamäki
53aa2f5982
astyle formatting
...
[ci skip]
2014-07-06 07:16:28 +02:00
amai2012
77095e2b05
Add some more functions to posix.cfg which allow to enable TestBufferOverrun::buffer_overrun_1_posix_functions
...
Fix some compiler warnings on MSVC
2014-07-05 22:47:10 +02:00
Daniel Marjamäki
a3acc3241e
Library: Added <minsize> element used for buffer overrun checking
2014-07-05 20:31:43 +02:00
Daniel Marjamäki
6c8558c112
CheckBufferOverrun: Removed old for-loop handling. This is handled through ValueFlow from now on.
2014-06-27 06:46:42 +02:00
Daniel Marjamäki
036b2f8ccf
CheckBufferOverrun: Added bufferOverrun2 that is based on ValueFlow/SymbolDatabase/Ast from the start. Replaced some old checking.
2014-06-26 17:36:20 +02:00
Simon Martin
966491d40b
Added a test for out-of-bounds character array access.
2014-05-27 16:21:13 +02:00
PKEuS
effa38c322
Fixed #5863 (False positive: array index is used before limits check)
2014-05-24 17:50:01 +02:00
PKEuS
04fbbdb5e8
Refactorized CheckBufferOverrun::arrayIndexThenCheck() and fixed false negative
2014-05-10 13:00:44 +02:00
Daniel Marjamäki
ed1d63ffc0
Fixed #5636 (FP: matrix out of bounds)
2014-05-03 18:12:06 +02:00
Alexander Mai
89dc652af9
#5631 Typo and misleading error message in negativeMemoryAllocationSize
2014-04-08 20:23:00 +02:00
Daniel Marjamäki
e5301b2b7a
ValueFlow: Improved valueflow of for loop 'for (i=a; i<10; i++)' => unknown start value but end value is known
2014-03-29 20:20:22 +01:00
PKEuS
1c58628223
Handle pointer/reference to array in setVarId ( #2645 )
2014-03-28 16:10:27 +01:00
PKEuS
63254b33f9
Fixed uncaught exception in testbufferoverrun.cpp
2014-03-27 19:55:11 +01:00
Daniel Marjamäki
6da9cca4ab
fixed unit test that I broke by mistake
2014-03-25 21:45:25 +01:00
Daniel Marjamäki
87daf5783e
buffer overflow: clean up old checking for negative index
2014-03-25 20:37:32 +01:00
Daniel Marjamäki
c8004a8d31
Buffer overruns: Use ValueFlow to detect negative index
2014-03-25 18:22:22 +01:00
Daniel Marjamäki
aa05bf0f16
ValueFlow: Improved abstract interpretation
2014-03-24 06:48:06 +01:00
Daniel Marjamäki
dbc8273cb7
ValueFlow: improved abstract interpretation of for loops
2014-03-24 00:16:02 +01:00
Daniel Marjamäki
b6276058da
Value Flow: Improved abstract interpretation of arithmetical expressions
2014-03-22 19:02:33 +01:00
PKEuS
49b25b05d9
Fixed crash in CheckBufferOverrun on garbage code ( #5595 )
2014-03-21 13:20:44 +01:00
Daniel Marjamäki
e240282443
Value Flow: Another try with the abstract interpretation of for loops
2014-03-17 18:43:47 +01:00
Daniel Marjamäki
8c3f2c2ad9
Revert 894a65b0
. abstract interpretation of for loops. there was some crashes and performance problems. I will fix those problems when I have time and recommit.
2014-03-16 08:38:52 +01:00
Daniel Marjamäki
894a65b0b1
ValueFlow: Refactor the for-loop handling. Use abstract interpretation.
2014-03-15 11:29:33 +01:00
Daniel Marjamäki
7fa73c0d64
Merge pull request #256 from xypron/5505
...
5505: FP: Array accessed out of bounds
2014-03-09 08:47:18 +01:00
Heinrich Schuchardt
bd67db96f1
5505: FP: Array accessed out of bounds
...
CheckBufferOverrun::checkFunctionParameter alreacy considered usage of a
function parameter inside an if block as a special case.
With the patch the same is done for switch statements.
A test is added.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2014-03-07 19:51:13 +01:00
Daniel Marjamäki
fd3a8a2a18
Update copyright
2014-02-15 07:45:39 +01:00
Martin Ettl
6ca7daec10
Fixed #389 : Providing negative value to memory allocation function.
2014-02-01 22:38:29 +01:00
Daniel Marjamäki
9aa9530e0d
Fixed #5426 (crash: btrfs-progs cmds-inspect.c)
2014-01-31 06:19:36 +01:00
Daniel Marjamäki
abe8439917
Fixed #5416 (False positive: Array accessed at index, which is out of bounds.)
2014-01-28 16:55:10 +01:00
Daniel Marjamäki
0dbb86f0cb
Cleanup ExecutionPath from CheckBufferOverrun
2014-01-22 21:25:37 +01:00
Daniel Marjamäki
b91f42453b
value flow: improved handling of cast
2014-01-20 22:26:55 +01:00
Daniel Marjamäki
3e23e243f6
BufferOverflow: Updated message for out of bounds array index or redundant condition
2014-01-17 19:44:45 +01:00
Daniel Marjamäki
18d6285ad2
BufferOverrun: Improved error message when array index is used before checking that its in limits
2014-01-17 18:56:46 +01:00
Daniel Marjamäki
30cae358d8
Removed the --value-flow flag. ValueFlow analysis will always be enabled from now on.
2014-01-17 18:07:05 +01:00
Daniel Marjamäki
0b4de97e2b
value flow: Use ValueFlow in CheckBufferOverrun
2014-01-16 19:23:14 +01:00
Daniel Marjamäki
a1b0d190df
Fixed #3688 (false positive: (inconclusive, posix) (warning) The buffer 'cBuffer' is not zero-terminated after the call to readlink().)
2014-01-02 10:46:19 +01:00
Daniel Marjamäki
32be4094e7
Symbol database: only put variables in variable list
2013-12-31 17:51:56 +01:00
PKEuS
4f0121ee2f
Splitted simplification out of tokenize()
2013-12-30 17:45:28 +01:00
Simon Martin
fe75686595
Ticket #5203 : Don't crash when checking buffer overrun for invalid code.
2013-11-30 07:40:32 +01:00
Daniel Marjamäki
946722faf0
Fixed #4968 (False positive: Structure with 'read' member is confused with read() function.)
2013-10-05 18:25:44 +02:00
Alexander Mai
450442287c
Fixed #4974 (CheckBufferOverrun::writeOutsideBufferSize() too strict)
2013-08-25 18:46:07 +02:00
Daniel Marjamäki
5ce7189bc0
Merge pull request #166 from last5bits/ticket4213
...
Fixing #4213 arrayIndexThenCheck and adding tests
2013-08-23 22:36:30 -07:00
Alexey Zhikhartsev
d24a321ba2
Fixing #4213 arrayIndexThenCheck and adding tests
2013-08-23 19:04:01 +04:00
Daniel Marjamäki
64733d9e63
astyle formatting
2013-08-10 12:32:59 +02:00
Simon Martin
ad33d95ec1
Ticket #4764 : properly handle template instantiations with only default parameters.
2013-08-10 12:00:16 +02:00
PKEuS
a9a5dc0354
Updated to AStyle 2.03, require this version
2013-08-07 16:27:37 +02:00
Lucas Manuel Rodriguez
d6be4559cd
Fixed #4840 (false negative: buffer access out of bounds)
2013-06-25 06:37:51 +02:00
Daniel Marjamäki
a861817a01
Fixed #4751 (CheckBufferOverrun: better handling when struct member instance doesn't have same varid as struct member declaration)
2013-05-28 16:52:23 +02:00
Daniel Marjamäki
ea60c5b14b
CheckBufferOverrun: Code cleanup
2013-05-05 08:14:19 +02:00
Daniel Marjamäki
4e65800adf
TestRunner: Updated warning message when there is unsimplified code
2013-04-16 16:54:19 +02:00
Daniel Marjamäki
393c75af70
Simplified remaining TestBufferOverrun test cases
2013-04-13 15:49:15 +02:00
Daniel Marjamäki
cbe2cdafcf
Simplify TestBufferOverrun test cases (casts, pointer addition, calculation)
2013-04-13 13:58:21 +02:00
Daniel Marjamäki
fe911f92e1
Simplify TestBufferOverrun test cases (known variable value)
2013-04-13 13:13:13 +02:00
Daniel Marjamäki
78d3aef40e
Simplified TestBufferOverrun test cases (sizeof, known variable value)
2013-04-13 11:01:19 +02:00
Daniel Marjamäki
3b880f9e2e
Simplified TestBufferOverrun test cases (sizeof, known variables, casts, etc)
2013-04-13 08:19:14 +02:00
Daniel Marjamäki
7871f16e9d
Simplified TestBufferOverrun::readlink test cases (sizeof)
2013-04-13 07:31:15 +02:00
Daniel Marjamäki
6afdd1b7c0
Simplified TestBufferOverrun::readlinkat test cases (sizeof, known variables)
2013-04-13 07:22:01 +02:00
PKEuS
cdce755471
Removed duplicate unit tests in testbufferoverrun.cpp
2013-04-12 12:17:08 -07:00
PKEuS
c487ea843d
Better fix for #4706 : Use Token::nextArgument() properly. Removed redundant ' in message
2013-04-09 08:30:53 -07:00
Ettl Martin
ba8cca8fa9
#4706 fix crash when a struct member is used as first argument. Replaced Token::nexArgument with %any% in Token::Match call. Added unittests in testing Token::nexArgument.
2013-04-04 15:12:18 +02:00
Ettl Martin
54d398c7dd
unittests: removed not needed '\n' at the end of testcases.
2013-03-19 09:18:58 +01:00
Ettl Martin
ff826d7c62
#4664 : new check: (POSIX) write outside buffer size.
2013-03-19 08:22:48 +01:00
PKEuS
096fa2f771
Fixed #4380
2013-03-14 10:18:48 -07:00
Thomas Jarosch
61d9424631
astyle formatting
2013-03-14 11:10:12 +01:00
Ettl Martin
cd1392749c
Removed not needed '\n' at the end of testcases in testbufferoverrun.cpp. No functional changes.
2013-03-14 09:45:47 +01:00
Ettl Martin
c8798b2207
#3838 added more testcases.
2013-03-14 09:36:38 +01:00