de4f57ec0f
Buffer overflow: Add CTU checking for pointer arithmetic overflows
2019-04-03 06:43:56 +02:00
c5807459f9
CheckBufferOverrun: Add check for pointer arithmetics
2019-03-31 09:00:52 +02:00
4107671549
TestBufferOverrun: Uncommented and moved CTU tests
2019-03-30 15:10:00 +01:00
b5a285319c
Fixed #9073 (Segmentation fault in Token::isUnaryOp() with ode)
2019-03-29 19:37:23 +01:00
d6b806c592
CheckBufferOverrun: Better CTU checking when variable address is passed
2019-03-23 15:57:17 +01:00
9653760547
CheckBufferOverrun: Improved CTU analysis for array
2019-03-23 11:20:35 +01:00
15fc9a622d
CheckBufferOverrun: Add CTU analysis
2019-03-23 08:36:10 +01:00
031362ae01
CheckBufferOverrun: Fix false positive
2019-03-19 21:07:08 +01:00
a0e58f0039
Revert "Revert "CheckBufferOverrun: Handle multidimensional arrays""
...
This reverts commit 9d1755f449
2019-03-19 13:16:22 +01:00
9d1755f449
Revert "CheckBufferOverrun: Handle multidimensional arrays"
...
This reverts commit e98a4a6f14
2019-03-19 13:13:29 +01:00
e98a4a6f14
CheckBufferOverrun: Handle multidimensional arrays
2019-03-19 09:29:32 +01:00
03f8535c71
Better multiline warning when there is buffer overflow
2019-03-17 20:12:02 +01:00
3c85d8a8ac
ValueFlow: Better info for buffer size values
2019-03-17 19:02:36 +01:00
0771929518
Buffer overflow: Handling of dynamically allocated buffer
2019-03-17 13:40:56 +01:00
92f4113b59
Array index: Checking array index out of bounds for dynamic buffers
2019-03-17 13:09:15 +01:00
ebef16b8a3
Travis: Try to remove temporary fix
2019-03-16 18:29:02 +01:00
e9d29e826f
Travis: Temporarily comment out failing test
2019-03-16 09:48:32 +01:00
fb2198fd6b
Travis: Try to fix test
2019-03-16 09:28:00 +01:00
f40a80c349
Use 'normal' checking instead of 'simplified'
2019-03-16 07:19:48 +01:00
81a1d744c6
CheckBufferOverrun: fix FP for array definition of static class member
2019-03-13 06:39:09 +01:00
67e8b99c2c
CheckBufferOverrun: Readd a check for strncpy/memcpy/etc
2019-03-12 21:15:26 +01:00
0c08f6db6c
CheckBufferOverrun: Use AST to lookup array
2019-03-12 06:46:38 +01:00
ea23033a65
Array index out of bounds: Fix false positive
2019-03-11 20:33:08 +01:00
bd048085bd
Add CheckBufferOverrun::arrayIndexThenCheck
2019-03-11 19:20:06 +01:00
729f57d8f1
Start a major rewrite of CheckBufferOverrun. For now only the 'array index' and 'buffer overflow' checks are rewritten.
...
There are important TODOs still; for instance adding CTU support using our CTU infrastructure, add handling of pointers (maybe I'll use FwdAnalysis for this), add handling of multidimensional arrays, etc..
2019-03-11 12:34:33 +01:00
eb9edbc177
#9024 Crash caused by package "procserv" in lib/token.h:921 function Token::getKnownIntValue - Fix and test for alternative code example.
2019-03-08 11:07:33 +01:00
c32d015337
Fixed false positives from terminateStrncpy
2019-03-06 18:50:50 +01:00
bd7790fd8c
Update copyright year
2019-02-09 07:24:06 +01:00
4b37f276c2
ValueFlow: Set arrays to true when converting to a boolean
...
This sets it by checking the parent. It doesn't handle function parameters yet.
2019-01-21 20:05:35 +01:00
8dd641b8be
Use OVERRIDE in test
2019-01-12 15:45:25 +01:00
bc34f0239d
Disable the subfunction value flow analysis. It does not work well and needs to be rewritten. There are false positives.
2018-12-18 14:36:49 +01:00
0858488825
insecureCmdLineArgs: Fixed FN in case strdup() copies argv[]. ( #1438 )
...
* insecureCmdLineArgs: Fixed FN in case strdup() copies argv[].
* Formatted the code. There are no functional changes intended.
* Changes due to review comments from Daniel.
2018-10-19 11:04:15 +02:00
a6e8270474
insecureCmdLineArgs: Fixed false negatives in case arguments are const. ( #1419 )
...
* insecureCmdLineArgs: Fixed false negatives in case arguments are const.
* Formatted the code, there are functional changes.
* Simplified matching as suggested by Daniel.
2018-10-15 10:05:43 +02:00
20121b34d8
Fixed #7718 (False positive: out of bounds of already resized std::string)
2018-10-09 06:53:26 +02:00
f388c77042
Fixed #8721 (Regression: False positive array index out of bounds)
2018-08-31 18:25:43 +02:00
27aae8d032
Fixed #8644 (crash (CheckBufferOverrun::checkGlobalAndLocalVariable): local function)
2018-08-30 10:04:07 +02:00
acb0b9f07e
Ticket #8679 : Add support for C++11 thread_local and GCC's (among others) __thread extension. ( #1351 )
2018-08-26 19:46:36 +02:00
42a65c5160
Fix crash bug #8579 ( #1238 )
...
* Added declaration for deletePrevious function
* Added definition for deletePrevious function
* Fixed crash from deleteThis invalidating pointers
The crash was caused by deleteThis() invalidating the pointer to a constant variable usage. This happened when a usage followed an assignment. This fixes bug #8579 .
* Added tokensFront to match tokensBack
This means deletePrevious can set the list's front if necessary.
* Initialised tokensFront in appropriate places
* Switched to using default Token constructor
* Switched to using Token default constructor
* Switched to using default constructor for Token
* Added missing argument to Token constructor
* Changed to use default constructor for Tokens
* Switched to using default constructor for Tokens
* Switched to using default constructor for Token
* Added new test for deleting front Token
Also made sure to use the correct constructor for Token in other tests.
* Syntax error
* Replaced tokensFront and tokensBack with a struct
This decreases the size of the Token class for performance purposes.
* Replaced tokensFront and tokensBack with a struct
* Added tokensFrontBack to destructor
* Reworked to use TokensBackFront struct
Also ran astyle.
* Reworked to use TokenList's TokensFrontBack member
* Reworked to use TokensFrontBack struct
* Reworked to use TokensFrontBack struct
* Reworked to work with TokensFrontBack struct
* Removed unnecessary scope operator
* Added missing parentheses
* Fixed syntax error
* Removed unnecessary constructor
* Default constructor now 0-initialises everything
This is safer for not using a temporary TokensFrontBack object, and doesn't use delegating constructors which aren't supported yet.
* Fixed unsafe null check
* Added missing explicit keyword
* Fixing stylistic nits
Removed default constructor as it has been superseded by the single-argument constructor with a default argument value.
Renamed listEnds to tokensFrontBack.
Fixed if statement that was supposed to be adding safety but would actually cause a crash if tokensFrontBack was null.
* Fixing stylistic nits
Removed default constructor and replaced it with a single-argument constructor with a default value.
* Fixing stylistic nits
Renamed _listEnds to _tokensFrontBack.
* Fixing stylistic nits
Renamed _listEnds to _tokensFrontBack.
2018-05-25 07:15:05 +02:00
ce50df8047
Fix override warnings. ( #1234 )
2018-05-15 16:37:40 +02:00
8c2a5c9813
astyle formatting
...
[ci skip]
2018-05-06 09:50:53 +02:00
0561877182
Fix false positive with negative array index in issue 8536 ( #1202 )
...
* Fix FP with negative array index in valueflow
* Remove values when valueflow fails
* Add valueflow test
2018-05-06 08:35:29 +02:00
bbfcccf078
Refactorization: Replace several push_back-sequences by initializer lists
2018-04-09 09:41:24 +02:00
7e4dba6a7e
Updated copyright year
2018-03-31 20:59:09 +02:00
5bc039b7da
Fix #6367 and #8439 (improve sizeof value flow support) ( #1132 )
2018-03-23 08:28:12 +01:00
bc40f5041d
Fixed #6356 (Improve checking: pointer arithmetic "ab.a + 100" overrun)
2018-01-27 15:39:39 +01:00
c4caee6b18
Updated copyright year
2018-01-14 15:37:52 +01:00
7d2450e445
Fixed #1478 (false negative: buffer access out of bounds not detected after free and malloc)
2017-12-31 14:58:26 +01:00
28aa939d69
iwyu - include what you use
2017-05-27 04:33:47 +02:00
040d2f0012
Use simplecpp lexer in test cases
2017-05-18 21:52:31 +02:00
7fd04cd8d0
Updated Token::expressionString(), write '->' instead of '.'
2017-04-30 14:22:18 +02:00
b526fd7c49
Ticket #7964 : Don't crash on valid code using function pointers named strcpy or strcat in main().
2017-04-21 23:36:10 +02:00
b97779591e
Fixed unit test in testbufferoverrun.cpp
2017-04-11 23:00:33 +02:00
680828788b
Fixed false negative in CheckBufferOverrun::checkInsecureCmdLineArgs(), removed redundant tests
2017-03-27 11:30:07 +02:00
171e1b8244
Fixed false negatives in CheckBufferOverrun::arrayIndexThenCheck()
2017-03-27 11:07:49 +02:00
f0d91fb74b
Fixed #7869 (False positive: Array index out of bounds)
2016-12-20 22:01:19 +01:00
f5ad7482a8
CheckBufferOverrun: Skip warnings about array index out of bounds in unions. Theoretically, the array is at least as large as the biggest union member.
2016-12-18 22:10:30 +01:00
461e5cc5c9
CheckBufferOverrun: Moved check from simplified to normal. This fixes a FP in asterisk.
2016-12-18 11:14:05 +01:00
a61f4e9c94
Fixed #7831 (false-positive: terminateStrncpy)
2016-11-24 07:04:58 +01:00
5b377ea2e4
Fixed #7821 (segmentation fault, invalid last token)
2016-11-20 14:15:51 +01:00
3f4fe8f578
Refactorized CheckBufferOverrun:
...
- Removed redundant code
- Apply non-simplified checking in test suite
2016-07-27 17:28:43 +02:00
44a19b527e
Use ValueFlow and SymbolDatabase to detect buffer overflows with new and malloc, improving support for enums ( #7576 )
2016-07-08 20:53:08 +02:00
644a216394
Fixed two false positives related to char arrays initialized by a literal:
...
- Run check for writing to string literals on non-simplified token list (#7283 )
- Run buffer overrun checking for string literals on non-simplified token list (https://sourceforge.net/p/cppcheck/discussion/general/thread/2c33dfc5/ )
2016-07-07 19:38:15 +02:00
0f11007c19
Fixed #7083 (false positive: typedef and initialization with strings)
2016-06-21 22:42:46 +02:00
8c0eab3eb3
Optimization: Improved performance of CheckBufferOverrun::checkScope() when dealing with a large number of arrays ( #5975 )
...
-> checking time decreases from 1010s to 50s on the code snippet in #5975
-> Dropped a garbage code unit test
2016-05-25 14:42:00 +02:00
659cd96b03
Fixed #7209 (False positive: Array index used before limits check reported in sizeof)
2016-01-24 14:06:02 +01:00
996c9244d8
Update copyright year to 2007-2016.
2016-01-01 15:34:45 +02:00
9c3f25603e
CheckBufferOverrun: Remove old checking of strings and use new ValueFlow-based checking instead ( #6973 )
2015-11-30 16:36:52 +01:00
0f9d90d2be
Changed Copyrights. Removed my name.
2015-11-18 20:04:50 +01:00
5074c11b53
CheckBufferOverrun: Fixed FP when accessing string that contains '\0'. Refactoring address-of.
2015-11-09 10:30:39 +01:00
ef5be435c7
Fixed #7113 (False positive arrayIndexOutOfBounds - using pointer alias with cast)
2015-11-08 17:21:32 +01:00
7d6e1974eb
Fixed #7104 (False positive arrayIndexOutOfBounds)
2015-11-08 09:30:23 +01:00
9c7271a5e9
CheckBufferOverrun: The simplifyKnownVariables() has been reduced, use ValueFlow instead
2015-11-07 18:12:01 +01:00
0a34b206e8
Refactorization: Reduced code duplication in test suite
2015-10-08 11:35:51 +02:00
3a5cef8a7e
Refactorization: Improved usage of Settings instances in test suite
2015-10-07 18:40:03 +02:00
8d2c4453ad
Small optimizations for C code in Tokenizer. Add some regression tests for recently fixed results
2015-08-29 19:00:09 +02:00
66e4faa621
Add regression test for true negative argumentSize
2015-08-29 11:14:13 +02:00
128a926d9d
Collected some more garbage code tests in testgarbage.cpp; Avoid std::string creation in testgarbage.cpp
2015-08-16 19:12:12 +02:00
42a406ac5f
testbufferoverrun: Removed duplicate test case.
2015-07-30 22:42:45 +02:00
6790d91fbb
Improve error messages for conditional values. make valueFlowSwitchVariable values conditional that depend on the case. Partial fix for #6884 .
2015-07-29 19:54:57 +02:00
c5bbea2994
Fixed #6816 (FP: buffer overflow, checkminsizes of array with string value)
2015-07-27 16:39:41 +02:00
176b3925b3
Removed "verify" code in testrunner. Fixing its messages reduces the accuracy of the test suite.
2015-07-25 14:18:41 +02:00
fef251ac76
negative array size: fixed noise when array is not vla
2015-07-04 09:42:42 +02:00
0ca410a4d7
Fixed #6668 (False positive bufferAccessOutOfBounds on sprintf() - regression)
2015-06-07 14:01:20 +02:00
baa1ae079d
New check: negative size in array declaration. Ticket #1760
2015-05-03 15:00:47 +02:00
d735918a8a
Constructor parameter type need not be a number
2015-03-25 14:56:45 +03:00
bc5132e0ac
Refactorization: Moved declaration of errout, ... to testsuite.h, uniformized style
2015-03-11 22:54:43 +01:00
cc0f61376a
more cleanup of std.cfg testing in TestBufferOverrun
2015-02-14 18:55:54 +01:00
e510902d58
TestBufferOverrun cleanup some more std.cfg testing
2015-02-14 17:30:08 +01:00
360ec9d853
updated TestBufferOverrun test case. Since checker doesn't use library dont load std.cfg.
2015-02-14 16:44:08 +01:00
0c0d62171e
removed duplicate testcase. See testcase for #836
2015-02-14 16:41:51 +01:00
a57d5d7eda
moved testcases
2015-02-14 16:37:48 +01:00
e01b30345e
move testcases in TestBufferOverrun
2015-02-14 16:29:05 +01:00
166db40af2
Fix TestBufferOverrun test case, it was wrongly written.
2015-02-14 15:51:13 +01:00
c43d537726
renamed TestBufferOverrun test method to same name as CheckBufferOverrun method that is tested
2015-02-14 15:49:17 +01:00
2b7c7134e1
TestBufferOverrun: move memset test
2015-02-14 15:46:00 +01:00
e0d90c00be
TestBufferOverrun: Cleanup testcases for memory functions
2015-02-13 16:16:59 +01:00
2d21eb07ba
Cleaned up snprintf hardcoding in CheckBufferOverrun
2015-02-13 06:44:38 +01:00
a6cfd15bde
refactoring TestBufferOverrun
2015-02-12 17:36:22 +01:00
9aad4fa8ca
CheckBufferOverrun: Remove hardcoding for sprintf and rely on cfg configuration instead
2015-02-12 17:29:36 +01:00
d9deabe2ce
TestBufferOverrun: clean up
2015-02-10 17:29:36 +01:00
Daniel Marjamäki
amai2012
Paul Fultz II
orbitcowboy
Simon Martin
rebnridgway
IOBYTE
PKEuS
Ayaz Salikhov
Simon Martin
PKEuS
umanamente
Lauri Nurmi
Alexander Mai
Dmitry-Me
PKEuS