Daniel Marjamäki
5e10e680da
CWE: refactoring. use constants instead of magic numbers.
2016-01-25 20:01:48 +01:00
Roberto Martelloni
5ce69da02d
Mapped 26 errors to their CWEs ID.
2016-01-24 20:53:05 +00:00
Robert Reif
966d078dcc
CheckIO: Fix FN when using '%x' as format specifier for a 'signed int' variable
2016-01-15 09:29:29 +01:00
Lauri Nurmi
996c9244d8
Update copyright year to 2007-2016.
2016-01-01 15:34:45 +02:00
PKEuS
940d569980
Refactorization: Removed redundant %any% patterns.
2015-12-24 14:40:48 +01:00
PKEuS
8f22e4924c
Updated AStyle to version 2.05.1
...
Tweaked runastyle.bat a little bit.
2015-12-17 15:53:13 +01:00
Alexander Mai
f762affea0
Small refactoring: replace NULL by nullptr, remove redundant static keyword, Tokenizer::setVarId() uses const variable 'notstart'
2015-11-30 22:13:49 +01:00
PKEuS
e8522c7883
Small refactorizations:
...
- #include cleanup
- Use std::array instead of std::vector
- Do not create a stringstream to concatenate 4 strings
- Use std::cout instead of printf
2015-11-29 10:56:44 +01:00
Daniel Marjamäki
0f9d90d2be
Changed Copyrights. Removed my name.
2015-11-18 20:04:50 +01:00
PKEuS
eefea507b9
Use ValueFlow in CheckIO::checkWrongPrintfScanfArguments() ( #6563 )
2015-11-06 09:52:22 +01:00
PKEuS
3971f8625f
Fixed false positive seekOnAppendedFile if FILE* is reused ( #6566 )
2015-10-13 15:32:13 +02:00
Daniel Marjamäki
2c7c6b3e38
CheckIO: Try to use ValueType more
2015-10-11 17:35:54 +02:00
Daniel Marjamäki
37d9a95ef1
CheckIO: Refactoring. Split out CheckIO::checkFormatString() from CheckIO::checkWrongPrintfScanfArguments().
2015-10-10 20:08:15 +02:00
Daniel Marjamäki
6d256b01b6
CheckIO: Use ValueType::Type::LONGDOUBLE type also
2015-10-08 19:52:24 +02:00
Daniel Marjamäki
a500f6f703
Improved handling of 'long double' and address-of in ValueType. Removed Tokenizer::simplifyFloatCasts() to handle float casts better.
2015-10-08 19:50:10 +02:00
Daniel Marjamäki
be72b7413a
ValueType: Handling of originalTypeName
2015-10-07 20:24:17 +02:00
Daniel Marjamäki
604a9acb48
ValueType: Handling constness
2015-10-07 19:08:26 +02:00
Daniel Marjamäki
b77203a277
CheckIO: Handle AST pointer type better
2015-10-05 19:59:15 +02:00
Daniel Marjamäki
b9036c2ca8
AST types: Fix for 'long long' handling
2015-10-05 19:20:42 +02:00
Daniel Marjamäki
bc8f1b972e
CheckIO: Early return
2015-10-05 19:04:29 +02:00
Daniel Marjamäki
8f6bd7fd0d
Fixed #7014 (False positive for printf("%c", "hello"[0]))
2015-10-05 10:12:30 +02:00
Dmitry-Me
aa60358458
Temp variables, better names
2015-09-15 15:34:12 +03:00
PKEuS
ee4a5843bb
Some small refactorizations
2015-08-15 19:46:31 +02:00
PKEuS
4d80df2f4a
Added pointer to Type to Token (similar to Token::Variable() and Token::function()):
...
- Accessible via Token::type()
- Renamed former Token::type() to Token::tokType()
- Removed SymbolDatabase::isClassOrStruct()
2015-08-15 11:19:21 +02:00
PKEuS
b0bf69bae7
Fixed false positive #6763 and reordered conditions
...
Ran AStyle
2015-08-14 12:50:45 +02:00
Daniel Marjamäki
e578988832
invalidScanf: removed the checking for 'scanf crash with huge input data for old glibc'. new systems are not vulnerable to this bug anymore.
2015-08-14 08:03:46 +02:00
Dmitry-Me
d81776b8c8
Avoid deep copying std::string
2015-08-07 17:16:41 +03:00
PKEuS
a0890ecd2c
Fixed false positive: Do not print useClosedFile on arrays ( #6823 )
2015-07-20 22:40:19 +02:00
Alexander Mai
b3c7a3f798
Fix more (potential) multi-threading issues
2015-06-20 22:26:51 +02:00
Alexander Mai
eebb5b8c77
Fix some compiler warnings in checkio.cpp. Fix some (potential) multi-threading issues in checkinternal.cpp
2015-06-17 21:25:15 +02:00
orbitcowboy
06e818f89d
Running astyle, no functional change.
2015-06-17 09:09:23 +02:00
amai2012
33d7631ee3
Fix another Borlad-specific test by setting Windows platform type
...
Refactoring: make CheckIO::ArgumentInfo aware of language (C vs. C++) to perform some optimizations
2015-06-16 23:11:34 +02:00
Alexander Mai
d704e97203
Fix (potential) multi-threading issues by moving static local vars (non-POD-type) to file scope
2015-06-10 21:14:17 +02:00
Alexander Mai
f0bc300198
#6510 False positive performance warning for std::list::size(). Fix this and other similar false positives. Refactoring of Variable::isStlType(), use fail-safe std::set instead of plain array. Run astyle
2015-05-17 20:02:41 +02:00
Daniel Marjamäki
88f59ad7e8
Partial fix for #6656 (Allow that CWE is mapped for error message)
2015-04-25 17:48:11 +02:00
Simon Martin
e5745d7d4a
Restore build with libc++ and revert PR#228 and PR#562.
2015-04-12 20:29:49 +02:00
Matthias Krüger
42f0955e3f
Move more setting checks out of loops and use const bools instead. Reorder a few related checks.
...
Follow up to eedcb6abcb
.
2015-04-10 14:31:19 +02:00
Matthias Krüger
eedcb6abcb
move setting flags checks out of for loops, make them const.
2015-04-07 07:23:28 +02:00
PKEuS
b2835051df
Refactorization: Renamed Token::Match pattern %var% to %name%, implement new pattern %var% which is true if varId > 0.
2015-01-31 12:32:04 +01:00
PKEuS
5c56e63996
Fixed false positive #6452 : Handle member functions in CheckIO::checkFileUsage()
2015-01-27 21:52:52 +01:00
Daniel Marjamäki
228f5960fc
CheckIO: only report warnings when --enable=warning has been used
2015-01-06 15:08:25 +01:00
Thomas Jarosch
1ef1143609
Make local functions static
2015-01-05 01:25:49 +01:00
Daniel Marjamäki
ff11ba9847
Updated copyright year to 2015
2015-01-03 12:14:58 +01:00
Daniel Marjamäki
051d42ae6b
astyle formatting
2014-11-20 14:20:09 +01:00
orbitcowboy
f5d804f71a
running astyle
2014-11-20 10:13:03 +01:00
Alexander Mai
5300ba2074
Make single-argument constructors explicit
2014-11-13 21:39:14 +01:00
Robert Reif
d5908f03b7
Fixed #6226 (false negative: printf format check for user defined array type)
2014-10-20 06:33:36 +02:00
PKEuS
1df1b9c2bd
Fixed #5836 : Make showing $ in stringified tokens optional
2014-09-29 14:50:00 +02:00
Robert Reif
1729ea6f0f
Fixed #6182 (Format specifier check confused by ternary operator)
2014-09-24 16:45:06 +02:00
PKEuS
6f92557478
Use information about pure/leak-ignore from library to improve accuracy of several bailouts
2014-09-11 20:27:07 +02:00
Martin Ettl
8a15486370
Fixed CID-1234716: Dereference after null check in lib/checkio.cpp
2014-09-01 09:00:05 +02:00
PKEuS
e8f7279039
Refactorization: Moved detection of STL strings to SymbolDatabase
2014-09-05 12:03:08 +02:00
PKEuS
a52401cf1b
Fixed some compiler warning about signed/unsigned conversions.
2014-09-02 11:44:51 +02:00
PKEuS
80df3dc642
Disabled several checks and simplifications for C code, if they are C++-only. Do not match arguments for C code, since there can't be overloads.
2014-09-01 18:43:24 +02:00
PKEuS
47764321f2
Several fixes to invalidScanfFormatWidthError():
...
- Different IDs for different messages (#5809 )
- severity is warning, not style, so check _settings->isEnabled() properly
- Removed never shown message text
2014-09-01 09:33:58 +02:00
PKEuS
288c94a47f
Extended Message "fflushOnInputStream" to files opened for reading.
2014-08-31 21:03:33 +02:00
PKEuS
b07f61170d
Changed severity of fflushOnInputStream to portability: The behaviour of fflush(stdin) is defined on Linux.
2014-08-31 20:56:05 +02:00
Dmitry-Me
443e846b2e
Remove duplicate return statements.
2014-08-18 16:02:35 +04:00
Moshe Kaplan
4894d3807d
Improved invalidScanf error message
2014-08-06 06:08:28 +02:00
PKEuS
de66ed4071
Added missing message to --errorlist output, changed Id to avoid duplicate
2014-08-02 20:55:59 +02:00
Robert Reif
90bc59e0fa
Fixed #6009 (Detect type mismatch in printf-like function when type is returned)
2014-07-28 09:16:35 +02:00
Dmitry-Me
07c120f1af
Cache option flags and check them first.
2014-07-23 17:06:27 +04:00
amai2012
9b38ae73c1
Attempt to fix 2 Coverity messages.
...
Replace a few unsigned int by std::size_t
2014-07-07 21:25:30 +02:00
Dmitry-Me
4f21b31004
Use temp variables to simplify code.
2014-07-04 10:56:43 +04:00
Daniel Marjamäki
86ef5f8ae7
CheckIO: Handle library types
2014-06-12 07:01:44 +02:00
Dmitry-Me
6e1568a6db
Simplify code - bail out early, vreak loops early, reorder checks and declarations.
2014-06-09 13:35:30 +04:00
Simon Martin
d2223ce419
Factorize type name equality checks in CheckIO.
2014-05-27 19:20:19 +02:00
PKEuS
8f79dc3ff8
Cleaned up includes and forward declarations in checkers:
...
- Removed definitely unnecessary forward declarations (e.g. "class Token"; token.h is already included by check.h, so a definition is unnecessary)
- Removed unused includes
2014-05-24 12:50:03 +02:00
PKEuS
f7a41057ad
Use AST in CheckIO::checkCoutCerrMisusage() - fixes #3254 .
2014-05-22 20:25:54 +02:00
Robert Reif
888fd44039
Fixed #5609 (Wrong warning: %zu requires 'size_t' - but type is 'std::size_t')
2014-05-04 07:55:23 +02:00
Robert Reif
b0af67f369
Fixed #5486 (false positive: (warning) %zd in format string (no. 1) requires 'ssize_t' but the argument type is 'ssize_t {aka long}'.)
2014-04-10 17:25:11 +02:00
PKEuS
4ad7ef69c6
Updated german translation
...
ran lupdate gui.pro
Reverted accidential change in checkio.cpp
2014-03-28 19:06:48 +01:00
PKEuS
a01bfcb62d
Fixed a few cppcheck messages
2014-03-28 18:55:16 +01:00
Robert Reif
5c88934431
CheckIo: Fixed FIXME
2014-03-19 20:57:33 +01:00
PKEuS
b564986d5d
Added missing casts causing assertion failures on Windows ( #5391 )
...
-> Changed much more occurences, especially in preprocessor.cpp.
2014-03-18 21:41:47 +01:00
PKEuS
3a4b7e5c07
Fixed false positive #5578
2014-03-18 13:44:27 +01:00
PKEuS
86e6bb430a
New check: Warning, if positioning operation (fseek) is performed on a file opened in "a" mode
2014-03-17 11:02:03 +01:00
Thomas Jarosch
93341f4449
Use simple match where possible
...
Fixes these warnings found by "--enable=internal":
[lib/checkclass.cpp:972]: (warning) Found simple pattern inside Token::Match() call: "* *"
[lib/checkbufferoverrun.cpp:635]: (warning) Found simple pattern inside Token::Match() call: "."
[lib/checkbufferoverrun.cpp:1397]: (warning) Found simple pattern inside Token::Match() call: ";"
[lib/checksizeof.cpp:299]: (warning) Found simple pattern inside Token::Match() call: "."
[lib/checksizeof.cpp:301]: (warning) Found simple pattern inside Token::Match() call: ")"
[lib/checksizeof.cpp:303]: (warning) Found simple pattern inside Token::Match() call: "]"
[lib/checksizeof.cpp:318]: (warning) Found simple pattern inside Token::Match() call: ")"
[lib/checknullpointer.cpp:413]: (warning) Found simple pattern inside Token::Match() call: "delete"
[lib/checkio.cpp:1336]: (warning) Found simple pattern inside Token::Match() call: "> ("
[lib/checkstl.cpp:1509]: (warning) Found simple pattern inside Token::findmatch() call: ";"
[lib/checkstl.cpp:1512]: (warning) Found simple pattern inside Token::findmatch() call: ";"
[lib/checkstl.cpp:1594]: (warning) Found simple pattern inside Token::Match() call: "="
[lib/checkstl.cpp:1598]: (warning) Found simple pattern inside Token::Match() call: "] ="
[lib/checkunusedvar.cpp:755]: (warning) Found simple pattern inside Token::Match() call: "goto"
[lib/checkunusedvar.cpp:793]: (warning) Found simple pattern inside Token::Match() call: "="
[lib/checkuninitvar.cpp:376]: (warning) Found simple pattern inside Token::Match() call: "> ("
[lib/checkother.cpp:86]: (warning) Found simple pattern inside Token::Match() call: "> ("
[lib/checkother.cpp:2181]: (warning) Found simple pattern inside Token::Match() call: "> {"
[lib/valueflow.cpp:54]: (warning) Found simple pattern inside Token::Match() call: "&"
[lib/valueflow.cpp:409]: (warning) Found simple pattern inside Token::Match() call: "do"
[lib/valueflow.cpp:425]: (warning) Found simple pattern inside Token::Match() call: ") {"
[lib/valueflow.cpp:487]: (warning) Found simple pattern inside Token::Match() call: ") {"
[lib/valueflow.cpp:511]: (warning) Found simple pattern inside Token::Match() call: "} else {"
[lib/valueflow.cpp:615]: (warning) Found simple pattern inside Token::Match() call: "for ("
[lib/symboldatabase.cpp:80]: (warning) Found simple pattern inside Token::Match() call: "= {"
[lib/symboldatabase.cpp:1069]: (warning) Found simple pattern inside Token::Match() call: "std ::"
[lib/tokenize.cpp:2207]: (warning) Found simple pattern inside Token::Match() call: "< >"
[lib/tokenize.cpp:2730]: (warning) Found simple pattern inside Token::Match() call: ";"
[lib/tokenize.cpp:4234]: (warning) Found simple pattern inside Token::Match() call: "try {"
[lib/tokenize.cpp:4235]: (warning) Found simple pattern inside Token::Match() call: "} catch ("
[lib/tokenize.cpp:5500]: (warning) Found simple pattern inside Token::Match() call: "INT8"
[lib/tokenize.cpp:5752]: (warning) Found simple pattern inside Token::Match() call: "}"
[lib/tokenize.cpp:5752]: (warning) Found simple pattern inside Token::Match() call: "do"
2014-03-14 16:27:47 +01:00
Robert Reif
cb1fc06a80
Fixed #5079 (CheckIO::checkFileUsage doesn't support wide char and microsoft functions)
2014-03-12 19:22:44 +01:00
Lauri Nurmi
70a67eaf85
Change some more 0 literals into nullptr.
2014-02-16 13:38:50 +02:00
Daniel Marjamäki
fd3a8a2a18
Update copyright
2014-02-15 07:45:39 +01:00
Simon Martin
8ff9696374
OSX's compiler supports C++11 but one needs to use GNU's STL to build cppcheck, that does not have cbegin/end.
2014-02-01 07:40:08 +01:00
Lucas Manuel Rodriguez
ad0269eeeb
Refactor checks using Variable::isStlType()
2014-01-30 01:26:48 -03:00
Robert Reif
d679a4c1f7
Fixed #5248 (False positive: Invalid argument in scanf for %zd)
2014-01-14 06:09:13 +01:00
PKEuS
b775714e3d
Moved several hardcoded function names in format string checking into libraries (std.cfg and windows.cfg).
...
Added support for loading a library in test suite.
2014-01-12 03:44:24 -08:00
Robert Reif
cbe3862599
Fixed #5264 (Size specifier in printf functions is wrong for some types)
2014-01-03 15:58:45 +01:00
Robert Reif
0afdbc73da
Fixed #5195 (Crash below CheckIO::checkWrongPrintfScanfArguments())
2013-11-23 08:40:35 +01:00
Martin Ettl
babbee4e73
Fixed typos in comments, no functional changes.
2013-11-09 16:07:28 +01:00
Robert Reif
a6ef3a224a
Fixed #5151 (false negative: improper formatstring - vector::at())
2013-11-08 12:44:05 +01:00
Martin Ettl
083af88801
Checkio: removed redundant NULL-pointer check, introduced by me.
2013-11-01 00:18:13 +01:00
Robert Reif
ac3b1c0611
Fixed #5134 (Memory leak below CheckIO::checkWrongPrintfScanfArguments())
2013-11-01 05:42:37 +01:00
Martin Ettl
897533ab93
Checkio: fixed potential NULL-pointer dereference (Coverity-ScanId: CID 1113428).
2013-10-31 20:03:05 +01:00
Robert Reif
94187c41c2
Fixed #5104 (False positive: Invalid argument in printf and scanf for vector template)
2013-10-27 10:48:49 +01:00
Robert Reif
41b3ed788d
CheckIO: fix crash
2013-10-08 05:33:37 +02:00
Robert Reif
7098fc6039
CheckIO: fixed handling of unknown types. Ticket #5051
2013-10-05 16:47:06 +02:00
Robert Reif
5dbc02250f
This patch adds pointer to format string support to printf. Ticket: #5051
2013-10-05 07:47:52 +02:00
Robert Reif
6c06cdd24d
CheckIO fixes. Ticket: #5051
2013-10-04 17:30:55 +02:00
Robert Reif
59de30823e
CheckIO: This patch adds support for fprintf_s, fscanf_s and %I. Ticket: #5051
2013-10-03 06:37:40 +02:00
Robert Reif
5aba841499
CheckIO: Handling of casts ( #4964 )
2013-10-02 04:12:46 +02:00
Robert Reif
cc6745fef6
CheckIO: Fixed false positives when using _snprintf_s and _snwprintf_s. Ticket: #5057
2013-10-01 05:49:44 +02:00