Commit Graph

394 Commits

Author SHA1 Message Date
Daniel Marjamäki 87daf5783e buffer overflow: clean up old checking for negative index 2014-03-25 20:37:32 +01:00
Daniel Marjamäki c8004a8d31 Buffer overruns: Use ValueFlow to detect negative index 2014-03-25 18:22:22 +01:00
Daniel Marjamäki aa05bf0f16 ValueFlow: Improved abstract interpretation 2014-03-24 06:48:06 +01:00
Daniel Marjamäki dbc8273cb7 ValueFlow: improved abstract interpretation of for loops 2014-03-24 00:16:02 +01:00
Daniel Marjamäki b6276058da Value Flow: Improved abstract interpretation of arithmetical expressions 2014-03-22 19:02:33 +01:00
PKEuS 49b25b05d9 Fixed crash in CheckBufferOverrun on garbage code (#5595) 2014-03-21 13:20:44 +01:00
Daniel Marjamäki e240282443 Value Flow: Another try with the abstract interpretation of for loops 2014-03-17 18:43:47 +01:00
Daniel Marjamäki 8c3f2c2ad9 Revert 894a65b0. abstract interpretation of for loops. there was some crashes and performance problems. I will fix those problems when I have time and recommit. 2014-03-16 08:38:52 +01:00
Daniel Marjamäki 894a65b0b1 ValueFlow: Refactor the for-loop handling. Use abstract interpretation. 2014-03-15 11:29:33 +01:00
Daniel Marjamäki 7fa73c0d64 Merge pull request #256 from xypron/5505
5505: FP: Array accessed out of bounds
2014-03-09 08:47:18 +01:00
Heinrich Schuchardt bd67db96f1 5505: FP: Array accessed out of bounds
CheckBufferOverrun::checkFunctionParameter alreacy considered usage of a
function parameter inside an if block as a special case.

With the patch the same is done for switch statements.

A test is added.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2014-03-07 19:51:13 +01:00
Daniel Marjamäki fd3a8a2a18 Update copyright 2014-02-15 07:45:39 +01:00
Martin Ettl 6ca7daec10 Fixed #389: Providing negative value to memory allocation function. 2014-02-01 22:38:29 +01:00
Daniel Marjamäki 9aa9530e0d Fixed #5426 (crash: btrfs-progs cmds-inspect.c) 2014-01-31 06:19:36 +01:00
Daniel Marjamäki abe8439917 Fixed #5416 (False positive: Array accessed at index, which is out of bounds.) 2014-01-28 16:55:10 +01:00
Daniel Marjamäki 0dbb86f0cb Cleanup ExecutionPath from CheckBufferOverrun 2014-01-22 21:25:37 +01:00
Daniel Marjamäki b91f42453b value flow: improved handling of cast 2014-01-20 22:26:55 +01:00
Daniel Marjamäki 3e23e243f6 BufferOverflow: Updated message for out of bounds array index or redundant condition 2014-01-17 19:44:45 +01:00
Daniel Marjamäki 18d6285ad2 BufferOverrun: Improved error message when array index is used before checking that its in limits 2014-01-17 18:56:46 +01:00
Daniel Marjamäki 30cae358d8 Removed the --value-flow flag. ValueFlow analysis will always be enabled from now on. 2014-01-17 18:07:05 +01:00
Daniel Marjamäki 0b4de97e2b value flow: Use ValueFlow in CheckBufferOverrun 2014-01-16 19:23:14 +01:00
Daniel Marjamäki a1b0d190df Fixed #3688 (false positive: (inconclusive, posix) (warning) The buffer 'cBuffer' is not zero-terminated after the call to readlink().) 2014-01-02 10:46:19 +01:00
Daniel Marjamäki 32be4094e7 Symbol database: only put variables in variable list 2013-12-31 17:51:56 +01:00
PKEuS 4f0121ee2f Splitted simplification out of tokenize() 2013-12-30 17:45:28 +01:00
Simon Martin fe75686595 Ticket #5203: Don't crash when checking buffer overrun for invalid code. 2013-11-30 07:40:32 +01:00
Daniel Marjamäki 946722faf0 Fixed #4968 (False positive: Structure with 'read' member is confused with read() function.) 2013-10-05 18:25:44 +02:00
Alexander Mai 450442287c Fixed #4974 (CheckBufferOverrun::writeOutsideBufferSize() too strict) 2013-08-25 18:46:07 +02:00
Daniel Marjamäki 5ce7189bc0 Merge pull request #166 from last5bits/ticket4213
Fixing #4213 arrayIndexThenCheck and adding tests
2013-08-23 22:36:30 -07:00
Alexey Zhikhartsev d24a321ba2 Fixing #4213 arrayIndexThenCheck and adding tests 2013-08-23 19:04:01 +04:00
Daniel Marjamäki 64733d9e63 astyle formatting 2013-08-10 12:32:59 +02:00
Simon Martin ad33d95ec1 Ticket #4764: properly handle template instantiations with only default parameters. 2013-08-10 12:00:16 +02:00
PKEuS a9a5dc0354 Updated to AStyle 2.03, require this version 2013-08-07 16:27:37 +02:00
Lucas Manuel Rodriguez d6be4559cd Fixed #4840 (false negative: buffer access out of bounds) 2013-06-25 06:37:51 +02:00
Daniel Marjamäki a861817a01 Fixed #4751 (CheckBufferOverrun: better handling when struct member instance doesn't have same varid as struct member declaration) 2013-05-28 16:52:23 +02:00
Daniel Marjamäki ea60c5b14b CheckBufferOverrun: Code cleanup 2013-05-05 08:14:19 +02:00
Daniel Marjamäki 4e65800adf TestRunner: Updated warning message when there is unsimplified code 2013-04-16 16:54:19 +02:00
Daniel Marjamäki 393c75af70 Simplified remaining TestBufferOverrun test cases 2013-04-13 15:49:15 +02:00
Daniel Marjamäki cbe2cdafcf Simplify TestBufferOverrun test cases (casts, pointer addition, calculation) 2013-04-13 13:58:21 +02:00
Daniel Marjamäki fe911f92e1 Simplify TestBufferOverrun test cases (known variable value) 2013-04-13 13:13:13 +02:00
Daniel Marjamäki 78d3aef40e Simplified TestBufferOverrun test cases (sizeof, known variable value) 2013-04-13 11:01:19 +02:00
Daniel Marjamäki 3b880f9e2e Simplified TestBufferOverrun test cases (sizeof, known variables, casts, etc) 2013-04-13 08:19:14 +02:00
Daniel Marjamäki 7871f16e9d Simplified TestBufferOverrun::readlink test cases (sizeof) 2013-04-13 07:31:15 +02:00
Daniel Marjamäki 6afdd1b7c0 Simplified TestBufferOverrun::readlinkat test cases (sizeof, known variables) 2013-04-13 07:22:01 +02:00
PKEuS cdce755471 Removed duplicate unit tests in testbufferoverrun.cpp 2013-04-12 12:17:08 -07:00
PKEuS c487ea843d Better fix for #4706: Use Token::nextArgument() properly. Removed redundant ' in message 2013-04-09 08:30:53 -07:00
Ettl Martin ba8cca8fa9 #4706 fix crash when a struct member is used as first argument. Replaced Token::nexArgument with %any% in Token::Match call. Added unittests in testing Token::nexArgument. 2013-04-04 15:12:18 +02:00
Ettl Martin 54d398c7dd unittests: removed not needed '\n' at the end of testcases. 2013-03-19 09:18:58 +01:00
Ettl Martin ff826d7c62 #4664: new check: (POSIX) write outside buffer size. 2013-03-19 08:22:48 +01:00
PKEuS 096fa2f771 Fixed #4380 2013-03-14 10:18:48 -07:00
Thomas Jarosch 61d9424631 astyle formatting 2013-03-14 11:10:12 +01:00