temp.bufferSizeArg2 was not initialized when only bufferSizeArg1
was specified or the value was out of range. But in valueflow.cpp in
valueFlowDynamicBufferSize() it was used as if it is always initialized
and has a sane value (greater than 0).
Some POSIX and Windows functions require buffers of at least some
specific size. This is now possible to configure via for example this
minsize configuration: `<minsize type="value" value="26"/>`.
The range for valid buffer size values is 1 to LLONG_MAX
(9223372036854775807)
There are important TODOs still; for instance adding CTU support using our CTU infrastructure, add handling of pointers (maybe I'll use FwdAnalysis for this), add handling of multidimensional arrays, etc..
This enhances the library configuration so the direction of function
arguments can be specified (in, out, inout).
isVariableChangedByFunctionCall() uses this information now to avoid
guessing.
If no 'alternatives' argument was specified and the `<warn/>` element
did not contain any text Cppcheck crashed because of a null pointer
access.
If there is no 'reason' and no 'alternatives argument and also no text loadFunction() returns with an error.
In case the XML code of a library configuration is invalid Cppcheck now additionally prints out some helpful error description like this:
"Error=XML_ERROR_MISMATCHED_ELEMENT ErrorID=16 (0x10) Line number=304: XMLElement name=noreturn"
* Add tests for invalid ranges
* Refactor loadLibErrors
This reduces the amount of code slightly and will simplify adding
more tests.
* Handle empty valid field
Before this change, the sequence <valid></valid> in a config file would
result in a segmentation fault. Now an empty field results in the error
message:
cppcheck: Failed to load library configuration file 'mycfg.cfg'. Bad attribute value '""'
* Add support for valid for floating point arguments
Previously, it was not possible to add valid ranges to floating point
arguments since it only handled integers. This made ranges not work well
for floating point arguments since arguments were cast to integers
before the ranges were handled.
Fix this by using doubles instead of integers if the argument is a float.
Add some tests for this and make sure errors are printed with enough
precision (somewhat arbitrarily chosen).
Note that it is still only possible to add integer ranges (i.e. -1:1).
* Add support for floats in configuration valid range
Now that it is possible to handle decimal arguments, there is no reason
to not allow non-integer ranges. Take care to not allow broken
configurations.
* Move check to within if-clause
* Move asin{,f,l} and acos{,f,l} input checks to config file
* Check for double frees when using smart pointers
* Some updates from feedback
* Add test for mismatch allocation
* Constants
* Check smart pointer deleter
* Switch order
* Use next
* Add owned state
* Fix handling of leaks
* Use ast for checking addressof operator
* Remove stray character
* Add a test for mismatch allocator
* Add another test for deallocating with custom function
