Commit Graph

116 Commits

Author SHA1 Message Date
Edoardo Prezioso eacf74be8d Changed the order of some structures in order to improve, even if for a bit, their padding. 2012-05-14 20:49:03 +02:00
PKEuS b37cf11d20 Refactorizations:
- Increased encapsulation by making some functions private
- Removed redundant function CheckBufferOverrun::ArrayInfo::declare
- Avoided copy of ArrayInfo object
- Removed unnecessary and suspicious "if(sizeof(int) == 4)"
2012-03-27 19:40:39 +02:00
PKEuS e3b3b7b62f Refactorizations on buffer overrun check:
- Replaced a few indendation counters by smaller and faster code
- Make use of safer nextArgument() function instead of some local implementations
- Replaced some simple patterns by direct function calls
- Made a strncpy/strncat search pattern more generic
- Replaced offset variable by incrementation of Token* to avoid subsequent calls to tokAt
- Increased data encapsulation in header
2012-03-17 21:55:08 +01:00
PKEuS b1ff900aaa Some refactorizations 2012-02-18 23:43:51 +01:00
Reijo Tomperi 8cae17fda8 Update year to 2012 2012-01-01 01:05:37 +02:00
Daniel Marjamäki 497c54a1a7 Fixed #3168 (false negative: buffer overflow in subfunction) 2011-12-11 08:16:58 +01:00
Daniel Marjamäki ee39f6402c reverted fix for #3168, I'll rewrite it 2011-12-10 20:46:10 +01:00
Daniel Marjamäki 897e8637b4 Fixed #3168 (false negative: buffer overflow in subfunction) 2011-12-10 19:26:12 +01:00
Daniel Marjamäki 2e08c8c5b1 DJGPP: Fixed a few compiler errors by using std::size_t instead of size_t 2011-11-22 21:14:14 +01:00
Thomas Jarosch 3413ffef3e Refactor readlink() buffer check to also handle readlinkat() 2011-10-24 21:23:18 +02:00
Thomas Jarosch 7ae39f13cc Fixed #3198 (Add check for readlink()) 2011-10-14 19:45:51 +02:00
Daniel Marjamäki 6f8e42a5af changed the astyle formatting flags 2011-10-13 20:53:06 +02:00
Thomas Jarosch abd2525339 Fixed #3161 (Show buffers size info for snprintf() buffer overruns) 2011-10-05 20:17:57 +02:00
Robert Reif 0d6592dd2e use correct checkScope function in CheckBufferOverrun for single dimension member arrays 2011-09-11 19:21:13 -04:00
Robert Reif e18fe56d56 refactor CheckBufferOverrun to only use multi-dimension array error messages and remove single dimension array message 2011-09-11 09:54:26 -04:00
Robert Reif a9b4e21f60 refactor CheckBufferOverrun::checkScope to take an ArrayInfo parameter 2011-09-10 11:21:52 -04:00
Robert Reif 547a79d4fe calculate array size for variable length structures with array at end in CheckBufferOverrun::checkStructVariable() when possible 2011-09-10 10:14:32 -04:00
Robert Reif 7451c5cece warn when buffer is not zero terminated after memmove 2011-09-05 15:59:41 -04:00
Robert Reif f5d71d1ac5 warn when buffer is not zero terminated after memcpy 2011-09-05 15:41:37 -04:00
Robert Reif 3c8988e7a5 warn when buffer is not zero terminated after strncpy 2011-09-05 15:19:38 -04:00
Robert Reif 8c093d0f8a refactor CheckBufferOverrun::checkScope strncpy check and change experimental to inconclusive 2011-08-27 21:18:39 -04:00
Robert Reif 6e78b51071 make all functions that call reportError names in checkbufferoverrun end in Error for consisentcy 2011-08-24 07:11:39 -04:00
Robert Reif 8c1efe9bb6 improve message for #3035 (false negative: strcpy(dst, src) where src is bigger than dst) 2011-08-21 15:18:41 -04:00
Robert Reif 67e8731a96 partial fix for #3035 (false negative: strcpy(dst, src) where src is bigger than dst) 2011-08-21 14:44:55 -04:00
Daniel Marjamäki ceb763f57a Fixed #2956 (False negative: read array and then immediately check the index 'str[i] && i<sizeof(str)') 2011-08-04 11:15:14 +02:00
Robert Reif 48e6ea271a start using symbol database array info for buffer overrun checks 2011-06-22 22:44:11 -04:00
Robert Reif dac826d0ac use a more conventional technique for accessing ArrayInfo private variables 2011-06-22 20:35:58 -04:00
Daniel Marjamäki 08811c8179 CheckBufferOverrun: Refactoring. Broke out checkScope code for parsing 'for' bodies 2011-02-10 21:56:06 +01:00
Greg Hewgill be195a72c9 initialise Check::_name in constructor rather than relying on virtual Check::name() 2011-02-02 22:58:25 +13:00
Daniel Marjamäki 9d3b242cd8 Fixed #1952 (false negative: buffer acces out of bounds with memcpy) 2011-01-22 21:31:26 +01:00
Reijo Tomperi 226b605774 Change year 2010 -> 2011 in license texts. 2011-01-09 21:33:36 +02:00
Daniel Marjamäki 4ec9d418ff Fixed #2215 (Improve check: Writing outside malloc bounds not detected) 2011-01-01 20:56:21 +01:00
Daniel Marjamäki fa3853803b gcc: fixed -Wconversion warnings 2010-12-31 09:30:56 +01:00
Daniel Marjamäki 38e7209d26 Fixed #2373 (Using XML2 in --errorlist output) 2010-12-29 12:43:29 +01:00
Daniel Marjamäki 6aa400fd80 Buffer overrun: UB when pointer arithmetic result points out of bounds. Ticket #1774 2010-12-26 21:23:28 +01:00
Daniel Marjamäki 9d9a5b0623 VS: Fixed compiler warnings. Ticket: #2200 2010-11-21 11:48:27 +01:00
Ettl Martin a56f6d276a fixed warning from cppcheck: [lib/checkbufferoverrun.h:129]: (style) 'operator=' should not return a const reference 2010-09-15 22:25:12 +02:00
Daniel Marjamäki adc47f1820 Fixed #1487 (fix gcc compiler warnings) 2010-08-06 21:02:43 +02:00
Daniel Marjamäki 1b2f16f443 Buffer overflow: Fixed two TODO test cases 2010-08-05 11:01:47 +02:00
Daniel Marjamäki 5789eb116d astyle formatting 2010-06-02 18:09:25 +02:00
Zachary Blair 33b4254d33 Fixed #568 (string functions with command line arguments may overflow buffer) 2010-06-01 22:41:07 -07:00
Zachary Blair 619cfbc56f Fixed #168 (buffer overflow: not enough room for the null terminator) 2010-05-26 01:56:34 -07:00
Daniel Marjamäki 01034cd48d Refactoring: Removed 'possible error' message about cin 2010-05-16 19:09:36 +02:00
Daniel Marjamäki 26fab24de4 Refactoring: Removed some inconclusive checking in CheckBufferOverrun 2010-05-16 15:30:39 +02:00
Daniel Marjamäki 8ccd95a643 Fixed #836 (buffer overrun: memmove) 2010-04-24 21:48:58 +02:00
Daniel Marjamäki a3b781a181 Fixed #819 (array index out of bounds not detected for multidimension arrays) 2010-04-23 16:26:40 +02:00
Daniel Marjamäki f9f6927e63 CheckBufferOverrun: Don't give false positives when reading from array with strncpy/strncat 2010-04-21 20:02:58 +02:00
Daniel Marjamäki f057e127a0 CheckBufferOverrun: Refactoring the checking of function calls 2010-04-21 19:27:28 +02:00
Daniel Marjamäki 798aa84151 Refactoring: CheckBufferOverrun refactorings. split up the checkScope into two separate functions. The ArrayInfo usage was improved. Also broke out for-loop handling into separate functions. 2010-04-21 18:33:21 +02:00
Daniel Marjamäki b6ab419a06 Buffer Overrun: Broke out the checking for negative array index 2010-04-18 20:51:39 +02:00
Daniel Marjamäki af3f2faa41 Refactoring: Renamed ArrayInfo::type_size to ArrayInfo::element_size 2010-04-18 20:18:25 +02:00
Daniel Marjamäki 814f706329 BufferOverflow: Refactoring ArrayInfo 2010-04-18 19:46:45 +02:00
Daniel Marjamäki a473345f18 Buffer overruns: First change to detect overruns in multidimensional arrays (#819) 2010-04-18 11:08:29 +02:00
Daniel Marjamäki c718a7c595 astyle: Update to astyle 1.24 2010-04-15 20:08:51 +02:00
Reijo Tomperi 35d2a27b9c Update copyright year in all source files 2010-04-13 22:23:17 +03:00
Daniel Marjamäki 5fed938f56 Fixed #1190 (array index out of bounds when index variable is assigned in a condition) 2010-04-10 21:12:00 +02:00
Daniel Marjamäki 0cad22314e Reverted 'astyle fix'. Those changes are not in sync with my astyle configuration/setup. 2010-04-02 07:30:58 +02:00
Martin Ettl 193aa7d1d3 astyle fix 2010-04-02 02:21:53 +02:00
Daniel Marjamäki e911d1f1df doxygen updates 2010-03-17 22:16:18 +01:00
Daniel Marjamäki 30d3418b11 doxygen: added more comments for CheckNullPointer and CheckUninitVar 2010-03-13 21:42:59 +01:00
Daniel Marjamäki 8f4edb5e45 Fixed #1409 (False positive: Buffer access out-of-bounds with strncpy and an array in typedef'ed struct) 2010-02-21 15:23:50 +01:00
Daniel Marjamäki 9394816fcf Refactoring: Use std::string instead of const char * 2010-02-14 19:58:17 +01:00
Daniel Marjamäki 5925b88b38 Robert Reif: improve check: array index out of bounds, show name of array, array size and array index 2009-12-25 15:25:58 +01:00
Daniel Marjamäki d4adab3e78 added error info about the strncpy check 2009-12-18 17:33:33 +01:00
Daniel Marjamäki 0da0b5ffed ericsesterhenn: Fixed #1106 (check if buffer is zero terminated after a strncpy) 2009-12-18 17:26:15 +01:00
Daniel Marjamäki 09859c1019 refactoring the folder structure 2009-10-25 12:49:06 +01:00