PKEuS
141d2ac215
Refactorization: Improved internal implementation of severity and certainty levels
...
Backported from LCppC.
2021-02-24 22:00:06 +01:00
Daniel Marjamäki
853c271f22
Fix gcc warning; variable vidx is assigned but not read
2021-01-16 18:13:06 +01:00
Daniel Marjamäki
1858465bca
astyle formatting
...
[ci skip]
2021-01-12 21:28:56 +01:00
Paul Fultz II
fc4238829f
Fix issue 10092: false positive: (warning) The address of local variable 'data' might be accessed at non-zero index. ( #3041 )
2021-01-12 10:24:28 +01:00
Daniel Marjamäki
f493ce16b3
astyle formatting
...
[ci skip]
2021-01-10 14:46:19 +01:00
Oliver Stöneberg
ac7647fcd8
some self-check suppression cleanups ( #3032 )
2021-01-09 20:32:38 +01:00
Rikard Falkeborn
50cdb6cbfc
Astyle: sync windows and linux folders ( #3016 )
2021-01-06 17:13:44 +01:00
Paul Fultz II
e004731f1c
Fix issue 8650: ValueFlow: Track if pointer is created by '&' operator ( #3011 )
2021-01-05 16:56:38 +01:00
Daniel Marjamäki
c6452adc88
Fixed Cppcheck warning; Remove unused private method CheckBufferOverrun::bufferNotZeroTerminatedError
2020-12-04 18:58:10 +01:00
Oliver Stöneberg
37bc0483a4
made check.h less heavy ( #2633 )
2020-05-23 07:16:49 +02:00
Daniel Marjamäki
08ddd84780
Update copyright year
2020-05-10 11:16:32 +02:00
Daniel Marjamäki
3e0218299b
Revert "Update copyright year"
...
This reverts commit 6eec6c4bd5
.
2020-05-10 11:13:05 +02:00
Daniel Marjamäki
6eec6c4bd5
Update copyright year
2020-05-10 11:11:34 +02:00
Oliver Stöneberg
1af959af2c
fixed -Wextra-semi-stmt Clang warnings ( #2553 )
...
* fixed -Wextra-semi-stmt Clang warnings
* adjusted REDIRECT macro to require a semicolon
* testmathlib.cpp: rolled back accidental change
2020-04-21 17:27:51 +02:00
Oliver Stöneberg
2c1e36e63e
cleaned up includes based on include-what-you-use ( #2600 )
...
* cleaned up includes based on include-what-you-use
* check.h: trying to work around Visual Studio 2012 bug
* fixed Visual Studio compilation
2020-04-13 13:44:48 +02:00
Paul Fultz II
3b20684aca
Fix issue 9360: False positive: arrayIndexOutOfBounds when function is called with different array sizes ( #2541 )
2020-02-17 10:31:08 +01:00
Daniel Marjamäki
84bb024662
Refactoring; Reuse variable typeSize
2020-01-19 09:17:38 +01:00
Daniel Marjamäki
cefd7fb33f
Fix testrunner
2020-01-18 12:29:03 +01:00
Daniel Marjamäki
9ffb657c1a
Fixed #8597 (False positive - Array index is used before limits check.)
2019-12-20 09:46:01 +01:00
Daniel Marjamäki
fcc5fad3ed
Fixed #9113 (false positive: (error) Buffer is accessed out of bounds)
2019-11-10 16:42:48 +01:00
Rikard Falkeborn
73a569be97
TestBufferOverRun: Handle string literals ( #2287 )
2019-10-21 07:11:22 +02:00
Rikard Falkeborn
5c061c1c12
Set correct type and size of string and char literals ( #2275 )
...
* Set correct type and size of string and char literals
Use that string and char literal tokens store the prefix. This makes
it possible to distinghuish between different type of string literals
(i.e., utf8 encoded strings, utf16, wide strings, etc) which have
different type.
When the tokens holding the string and character values have the correct
type, it is possible to improve Token::getStrSize() to give the correct
result for all string types. Previously, it would return the number of
characters in the string, i.e., it would give the wrong size unless
the type of the string was char*.
Since strings now can have different size (in number of bytes) and
length (in number of elements), add a new helper function that returns
the number of characters. Checkers have been updated to use the correct
functions.
Having the size makes it possible to find more problems with prefixed
strings, and to reduce false positives, for example in the buffer
overflow checker.
Also, improve the stringLiteralWrite error message to also print the
prefix of the string (if there is one).
* Add comment and update string length
2019-10-20 07:11:57 +02:00
Paul Fultz II
6b6553e320
Dont warn for arrays that are containers ( #2240 )
2019-10-05 16:14:30 +02:00
Oliver Stöneberg
de9f489b08
use range loops / constness ( #2181 )
...
* use range loops / constness
* platform.cpp: avoid shadowed variable
2019-09-19 20:29:33 +02:00
Daniel Marjamäki
32eda27391
Refactoring: Use enum class
2019-07-16 10:51:26 +02:00
Daniel Marjamäki
1888b39314
Use 'nonneg' instead of 'unsigned' in checkbufferoverrun
2019-07-16 07:59:35 +02:00
Paul Fultz II
f75c15af56
Fix issue 6821: New check: access heap/stack data using address of variable
...
This fixes errors with:
```cpp
int f() {
int i;
return (&i)[1];
}
```
It uses the lifetime analysis to detect the issues.
2019-05-31 12:24:31 +02:00
Daniel Marjamäki
6da42a3d63
Fixed #9112 (false positive: (error) Array index out of bounds; buffer 'x' is accessed at offset n.)
2019-05-01 13:00:14 +02:00
Daniel Marjamäki
74fad6ce05
Modernizing; Use std::accumulate instead of for loop
2019-04-28 11:25:43 +02:00
Daniel Marjamäki
9c5d24c551
Modernizing: Use std::accumulate instead of for loop
2019-04-28 11:17:11 +02:00
Daniel Marjamäki
9d72e24edb
Refactoring; Use stl algorithm instead of for loop
2019-04-28 10:30:20 +02:00
Daniel Marjamäki
f503386666
Refactoring; replace for loop with std::find_if
2019-04-28 10:07:11 +02:00
Rikard Falkeborn
d23e987941
Fix CheckInternal warnings ( #1790 )
2019-04-06 06:55:46 +02:00
Daniel Marjamäki
de4f57ec0f
Buffer overflow: Add CTU checking for pointer arithmetic overflows
2019-04-03 06:43:56 +02:00
Daniel Marjamäki
c5807459f9
CheckBufferOverrun: Add check for pointer arithmetics
2019-03-31 09:00:52 +02:00
Daniel Marjamäki
b5a285319c
Fixed #9073 (Segmentation fault in Token::isUnaryOp() with ode)
2019-03-29 19:37:23 +01:00
Daniel Marjamäki
18aa968a7a
Astyle formatting
2019-03-23 19:03:57 +01:00
Daniel Marjamäki
5126e4b1af
Try to fix Visual Studio compiler error
2019-03-23 19:02:05 +01:00
Daniel Marjamäki
d27a4ad82e
CheckBufferOverrun: Fix ctu checking
2019-03-23 15:26:13 +01:00
Daniel Marjamäki
a135683d2f
Refactoring; Renamed CWE786 and CWE788
2019-03-23 08:41:20 +01:00
Daniel Marjamäki
15fc9a622d
CheckBufferOverrun: Add CTU analysis
2019-03-23 08:36:10 +01:00
Daniel Marjamäki
031362ae01
CheckBufferOverrun: Fix false positive
2019-03-19 21:07:08 +01:00
Daniel Marjamäki
6cbe818f1a
Fix uninitialized variable usage
2019-03-19 13:17:27 +01:00
Daniel Marjamäki
a0e58f0039
Revert "Revert "CheckBufferOverrun: Handle multidimensional arrays""
...
This reverts commit 9d1755f449
.
2019-03-19 13:16:22 +01:00
Daniel Marjamäki
9d1755f449
Revert "CheckBufferOverrun: Handle multidimensional arrays"
...
This reverts commit e98a4a6f14
.
2019-03-19 13:13:29 +01:00
Daniel Marjamäki
e98a4a6f14
CheckBufferOverrun: Handle multidimensional arrays
2019-03-19 09:29:32 +01:00
Daniel Marjamäki
b53a2e5dc4
CheckBufferOverrun: restore minsize code
2019-03-17 20:34:49 +01:00
Daniel Marjamäki
03f8535c71
Better multiline warning when there is buffer overflow
2019-03-17 20:12:02 +01:00
Daniel Marjamäki
3c85d8a8ac
ValueFlow: Better info for buffer size values
2019-03-17 19:02:36 +01:00
Sebastian
19e9e42dd7
Library: Enhance minsize configuration and allow simple values. ( #1736 )
...
Some POSIX and Windows functions require buffers of at least some
specific size. This is now possible to configure via for example this
minsize configuration: `<minsize type="value" value="26"/>`.
The range for valid buffer size values is 1 to LLONG_MAX
(9223372036854775807)
2019-03-17 14:22:26 +01:00