ba00046732
Add test case for ticket #6884 ( #3375 )
...
* Add test case for ticket #9808
* Add test case for ticket #6884
2021-08-02 13:21:18 +02:00
fc90598077
Typos found by running "codespell" ( #3324 )
2021-07-02 17:41:51 +02:00
668b88d7c0
Fix 10284: False positive; valueFlowBeforeCondition does not seem to care about increment ( #3287 )
2021-06-04 21:40:57 +02:00
b23c5aa742
Fix 10023: ValueFlow; Wrong result of post-increment in reverse analysis ( #3289 )
2021-06-04 17:20:21 +02:00
3a498de306
extracttests; do not extract TestBufferOverrunterminateStrncpy tests
2021-05-24 13:17:29 +02:00
5f6b56ada2
buffer overrun; Fixed false negative for dynamically allocated float buffer
2021-05-22 15:39:20 +02:00
9a9f14bd8a
Buffer overflow; Fixed FPs when array size is 1
2021-05-22 12:13:39 +02:00
1e3ab460a3
Fix 10254: false positive: arrayIndexOutOfBounds in inline function ( #3266 )
2021-05-22 08:20:09 +02:00
2c155a7a78
Uninitialized variables; use AST
2021-05-16 11:58:51 +02:00
e73057eb44
Fixed #10275 (ValueFlow: condition 'x>=0 && x < 10')
2021-05-16 10:34:22 +02:00
2c10e0747a
extracttests: ensure error comment is written on proper line
2021-05-16 08:40:04 +02:00
a07ea7e9e9
testbufferoverrun: refactor TODO test cases. Use TODO_ASSERT_EQUALS.
2021-05-15 21:08:07 +02:00
a2ff7752b4
testbufferoverrun; refactor TODO test cases
2021-05-15 20:42:57 +02:00
a40b85ccc6
testbufferoverrun: refactor TODO test case for strcat
2021-05-15 20:37:16 +02:00
b8314289c6
testbufferoverrun; fixed TODO test cases for pointer arithmetic overflows
2021-05-15 20:32:46 +02:00
680a1ee1b9
testbufferoverrun; remove TODO strncat/strcat test cases
2021-05-15 20:12:36 +02:00
26e9525683
testbufferoverrun; test case cleanup, ensure there is not uninitialized reads etc
2021-05-15 15:35:14 +02:00
eb96e4980e
Fix issue 10268: ValueFlow; Wrong value in for loop ( #3257 )
2021-05-15 08:39:20 +02:00
d549770b5b
updated extracttests.py. fix syntax errors in test cases.
2021-05-13 20:21:02 +02:00
e869452240
#10244 : Fixed false negative: bufferAccessOutOfBounds
2021-04-13 16:40:38 +02:00
6397e29f84
cleaned up includes based on include-what-you-use ( #3141 )
2021-04-03 21:30:50 +02:00
e23a967215
#4750 Added a regression test
2021-03-28 09:29:46 +02:00
185a5e1ee6
#7682 Added regression test
2021-03-26 10:54:08 +01:00
6fd916a90f
#3763 Added regression test
2021-03-26 10:01:44 +01:00
42437277dc
Update Copyright year
2021-03-21 20:58:32 +01:00
141d2ac215
Refactorization: Improved internal implementation of severity and certainty levels
...
Backported from LCppC.
2021-02-24 22:00:06 +01:00
4b01d5bdc6
Re-enabled a bunch of disabled unit tests, some as TODO tests
...
Merged from LCppC.
2021-02-20 13:02:14 +01:00
cf1937294a
Refactorization: Removed unnecessary \n and spaces in strings
...
Merged from LCppC.
2021-02-20 12:58:42 +01:00
fc4238829f
Fix issue 10092: false positive: (warning) The address of local variable 'data' might be accessed at non-zero index. ( #3041 )
2021-01-12 10:24:28 +01:00
e004731f1c
Fix issue 8650: ValueFlow: Track if pointer is created by '&' operator ( #3011 )
2021-01-05 16:56:38 +01:00
8c2c81dbcd
Fix some false positive in loop forward analysis ( #2669 )
...
* Fix some false positive in loop forward analysis
In cases like:
```
bool b();
void f()
{
int val[50];
int i, sum=0;
for (i = 1; b() && i < 50; i++)
sum += val[i];
for (; i < 50; i++)
sum -= val[i];
}
```
The forward analysis assumed the second loop was entered, and we ended
up with false positive in it:
`Array 'val[50]' accessed at index 50, which is out of bounds`
* Fix style
2020-06-05 18:06:03 +02:00
08ddd84780
Update copyright year
2020-05-10 11:16:32 +02:00
3e0218299b
Revert "Update copyright year"
...
This reverts commit 6eec6c4bd5
2020-05-10 11:13:05 +02:00
6eec6c4bd5
Update copyright year
2020-05-10 11:11:34 +02:00
2c1e36e63e
cleaned up includes based on include-what-you-use ( #2600 )
...
* cleaned up includes based on include-what-you-use
* check.h: trying to work around Visual Studio 2012 bug
* fixed Visual Studio compilation
2020-04-13 13:44:48 +02:00
f05c504440
Running astyle [ci skip]
2020-03-03 20:38:30 +01:00
b61feff125
Improve test coverage for detecting invalid pointers
2020-03-02 19:01:27 +03:00
3b20684aca
Fix issue 9360: False positive: arrayIndexOutOfBounds when function is called with different array sizes ( #2541 )
2020-02-17 10:31:08 +01:00
e1a97c524d
Fix issue 9554: False positive: The address of local variable 'x' is accessed at non-zero index. ( #2470 )
...
* Fix issue 9554: False positive: The address of local variable 'x' is accessed at non-zero index.
* Format
* Remove unnecesary condition check
2020-01-04 11:39:52 +01:00
9ffb657c1a
Fixed #8597 (False positive - Array index is used before limits check.)
2019-12-20 09:46:01 +01:00
78b4485670
Regression for issue 8653: valueFlowAfterCondition: compound conditional ( #2416 )
2019-12-02 11:35:51 +01:00
c3c3d6770c
Fix #9478 : Valueflow: printf does not change value ( #2388 )
...
Format-string arguments are now marked to have `in` direction, except
for `scan`-functions (like `scanf`) where these arguments are explicitly
marked to have `out` direction.
2019-11-24 01:40:31 +01:00
fcc5fad3ed
Fixed #9113 (false positive: (error) Buffer is accessed out of bounds)
2019-11-10 16:42:48 +01:00
73a569be97
TestBufferOverRun: Handle string literals ( #2287 )
2019-10-21 07:11:22 +02:00
5c061c1c12
Set correct type and size of string and char literals ( #2275 )
...
* Set correct type and size of string and char literals
Use that string and char literal tokens store the prefix. This makes
it possible to distinghuish between different type of string literals
(i.e., utf8 encoded strings, utf16, wide strings, etc) which have
different type.
When the tokens holding the string and character values have the correct
type, it is possible to improve Token::getStrSize() to give the correct
result for all string types. Previously, it would return the number of
characters in the string, i.e., it would give the wrong size unless
the type of the string was char*.
Since strings now can have different size (in number of bytes) and
length (in number of elements), add a new helper function that returns
the number of characters. Checkers have been updated to use the correct
functions.
Having the size makes it possible to find more problems with prefixed
strings, and to reduce false positives, for example in the buffer
overflow checker.
Also, improve the stringLiteralWrite error message to also print the
prefix of the string (if there is one).
* Add comment and update string length
2019-10-20 07:11:57 +02:00
443fcd2ac4
TestBufferOverrun: Enable passing tests ( #2246 )
...
There are a number of tests and asserts in testbufferoverrun that pass.
Enable them to add test coverage.
2019-10-07 09:17:12 +02:00
6b6553e320
Dont warn for arrays that are containers ( #2240 )
2019-10-05 16:14:30 +02:00
4b41f19c87
insecureCmdLineArgs: Added more test cases to ensure 'const'-qualifiers are handled correctly.
2019-08-15 08:45:31 +02:00
602911cfca
Activate a TODO test case
2019-07-29 08:06:57 +02:00
a195477470
Correct Zero/Null as pointer constant ( #1938 )
...
Building with enhanced clang warnings indicated a large number of
instances with the warning:
`warning: zero as null pointer constant`
Recommended practice in C++11 is to use `nullptr` as value for
a NULL or empty pointer value. All instances where this warning
was encountered were corrected in this commit.
Where warning was encountered in dependency code (i.e. external library)
no chnages were made. Patching will be offered upstream.
2019-06-30 21:39:22 +02:00
f75c15af56
Fix issue 6821: New check: access heap/stack data using address of variable
...
This fixes errors with:
```cpp
int f() {
int i;
return (&i)[1];
}
```
It uses the lifetime analysis to detect the issues.
2019-05-31 12:24:31 +02:00
6da42a3d63
Fixed #9112 (false positive: (error) Array index out of bounds; buffer 'x' is accessed at offset n.)
2019-05-01 13:00:14 +02:00
de4f57ec0f
Buffer overflow: Add CTU checking for pointer arithmetic overflows
2019-04-03 06:43:56 +02:00
c5807459f9
CheckBufferOverrun: Add check for pointer arithmetics
2019-03-31 09:00:52 +02:00
4107671549
TestBufferOverrun: Uncommented and moved CTU tests
2019-03-30 15:10:00 +01:00
b5a285319c
Fixed #9073 (Segmentation fault in Token::isUnaryOp() with ode)
2019-03-29 19:37:23 +01:00
d6b806c592
CheckBufferOverrun: Better CTU checking when variable address is passed
2019-03-23 15:57:17 +01:00
9653760547
CheckBufferOverrun: Improved CTU analysis for array
2019-03-23 11:20:35 +01:00
15fc9a622d
CheckBufferOverrun: Add CTU analysis
2019-03-23 08:36:10 +01:00
031362ae01
CheckBufferOverrun: Fix false positive
2019-03-19 21:07:08 +01:00
a0e58f0039
Revert "Revert "CheckBufferOverrun: Handle multidimensional arrays""
...
This reverts commit 9d1755f449
2019-03-19 13:16:22 +01:00
9d1755f449
Revert "CheckBufferOverrun: Handle multidimensional arrays"
...
This reverts commit e98a4a6f14
2019-03-19 13:13:29 +01:00
e98a4a6f14
CheckBufferOverrun: Handle multidimensional arrays
2019-03-19 09:29:32 +01:00
03f8535c71
Better multiline warning when there is buffer overflow
2019-03-17 20:12:02 +01:00
3c85d8a8ac
ValueFlow: Better info for buffer size values
2019-03-17 19:02:36 +01:00
0771929518
Buffer overflow: Handling of dynamically allocated buffer
2019-03-17 13:40:56 +01:00
92f4113b59
Array index: Checking array index out of bounds for dynamic buffers
2019-03-17 13:09:15 +01:00
ebef16b8a3
Travis: Try to remove temporary fix
2019-03-16 18:29:02 +01:00
e9d29e826f
Travis: Temporarily comment out failing test
2019-03-16 09:48:32 +01:00
fb2198fd6b
Travis: Try to fix test
2019-03-16 09:28:00 +01:00
f40a80c349
Use 'normal' checking instead of 'simplified'
2019-03-16 07:19:48 +01:00
81a1d744c6
CheckBufferOverrun: fix FP for array definition of static class member
2019-03-13 06:39:09 +01:00
67e8b99c2c
CheckBufferOverrun: Readd a check for strncpy/memcpy/etc
2019-03-12 21:15:26 +01:00
0c08f6db6c
CheckBufferOverrun: Use AST to lookup array
2019-03-12 06:46:38 +01:00
ea23033a65
Array index out of bounds: Fix false positive
2019-03-11 20:33:08 +01:00
bd048085bd
Add CheckBufferOverrun::arrayIndexThenCheck
2019-03-11 19:20:06 +01:00
729f57d8f1
Start a major rewrite of CheckBufferOverrun. For now only the 'array index' and 'buffer overflow' checks are rewritten.
...
There are important TODOs still; for instance adding CTU support using our CTU infrastructure, add handling of pointers (maybe I'll use FwdAnalysis for this), add handling of multidimensional arrays, etc..
2019-03-11 12:34:33 +01:00
eb9edbc177
#9024 Crash caused by package "procserv" in lib/token.h:921 function Token::getKnownIntValue - Fix and test for alternative code example.
2019-03-08 11:07:33 +01:00
c32d015337
Fixed false positives from terminateStrncpy
2019-03-06 18:50:50 +01:00
bd7790fd8c
Update copyright year
2019-02-09 07:24:06 +01:00
4b37f276c2
ValueFlow: Set arrays to true when converting to a boolean
...
This sets it by checking the parent. It doesn't handle function parameters yet.
2019-01-21 20:05:35 +01:00
8dd641b8be
Use OVERRIDE in test
2019-01-12 15:45:25 +01:00
bc34f0239d
Disable the subfunction value flow analysis. It does not work well and needs to be rewritten. There are false positives.
2018-12-18 14:36:49 +01:00
0858488825
insecureCmdLineArgs: Fixed FN in case strdup() copies argv[]. ( #1438 )
...
* insecureCmdLineArgs: Fixed FN in case strdup() copies argv[].
* Formatted the code. There are no functional changes intended.
* Changes due to review comments from Daniel.
2018-10-19 11:04:15 +02:00
a6e8270474
insecureCmdLineArgs: Fixed false negatives in case arguments are const. ( #1419 )
...
* insecureCmdLineArgs: Fixed false negatives in case arguments are const.
* Formatted the code, there are functional changes.
* Simplified matching as suggested by Daniel.
2018-10-15 10:05:43 +02:00
20121b34d8
Fixed #7718 (False positive: out of bounds of already resized std::string)
2018-10-09 06:53:26 +02:00
f388c77042
Fixed #8721 (Regression: False positive array index out of bounds)
2018-08-31 18:25:43 +02:00
27aae8d032
Fixed #8644 (crash (CheckBufferOverrun::checkGlobalAndLocalVariable): local function)
2018-08-30 10:04:07 +02:00
acb0b9f07e
Ticket #8679 : Add support for C++11 thread_local and GCC's (among others) __thread extension. ( #1351 )
2018-08-26 19:46:36 +02:00
42a65c5160
Fix crash bug #8579 ( #1238 )
...
* Added declaration for deletePrevious function
* Added definition for deletePrevious function
* Fixed crash from deleteThis invalidating pointers
The crash was caused by deleteThis() invalidating the pointer to a constant variable usage. This happened when a usage followed an assignment. This fixes bug #8579 .
* Added tokensFront to match tokensBack
This means deletePrevious can set the list's front if necessary.
* Initialised tokensFront in appropriate places
* Switched to using default Token constructor
* Switched to using Token default constructor
* Switched to using default constructor for Token
* Added missing argument to Token constructor
* Changed to use default constructor for Tokens
* Switched to using default constructor for Tokens
* Switched to using default constructor for Token
* Added new test for deleting front Token
Also made sure to use the correct constructor for Token in other tests.
* Syntax error
* Replaced tokensFront and tokensBack with a struct
This decreases the size of the Token class for performance purposes.
* Replaced tokensFront and tokensBack with a struct
* Added tokensFrontBack to destructor
* Reworked to use TokensBackFront struct
Also ran astyle.
* Reworked to use TokenList's TokensFrontBack member
* Reworked to use TokensFrontBack struct
* Reworked to use TokensFrontBack struct
* Reworked to work with TokensFrontBack struct
* Removed unnecessary scope operator
* Added missing parentheses
* Fixed syntax error
* Removed unnecessary constructor
* Default constructor now 0-initialises everything
This is safer for not using a temporary TokensFrontBack object, and doesn't use delegating constructors which aren't supported yet.
* Fixed unsafe null check
* Added missing explicit keyword
* Fixing stylistic nits
Removed default constructor as it has been superseded by the single-argument constructor with a default argument value.
Renamed listEnds to tokensFrontBack.
Fixed if statement that was supposed to be adding safety but would actually cause a crash if tokensFrontBack was null.
* Fixing stylistic nits
Removed default constructor and replaced it with a single-argument constructor with a default value.
* Fixing stylistic nits
Renamed _listEnds to _tokensFrontBack.
* Fixing stylistic nits
Renamed _listEnds to _tokensFrontBack.
2018-05-25 07:15:05 +02:00
ce50df8047
Fix override warnings. ( #1234 )
2018-05-15 16:37:40 +02:00
8c2a5c9813
astyle formatting
...
[ci skip]
2018-05-06 09:50:53 +02:00
0561877182
Fix false positive with negative array index in issue 8536 ( #1202 )
...
* Fix FP with negative array index in valueflow
* Remove values when valueflow fails
* Add valueflow test
2018-05-06 08:35:29 +02:00
bbfcccf078
Refactorization: Replace several push_back-sequences by initializer lists
2018-04-09 09:41:24 +02:00
7e4dba6a7e
Updated copyright year
2018-03-31 20:59:09 +02:00
5bc039b7da
Fix #6367 and #8439 (improve sizeof value flow support) ( #1132 )
2018-03-23 08:28:12 +01:00
bc40f5041d
Fixed #6356 (Improve checking: pointer arithmetic "ab.a + 100" overrun)
2018-01-27 15:39:39 +01:00
c4caee6b18
Updated copyright year
2018-01-14 15:37:52 +01:00
7d2450e445
Fixed #1478 (false negative: buffer access out of bounds not detected after free and malloc)
2017-12-31 14:58:26 +01:00
28aa939d69
iwyu - include what you use
2017-05-27 04:33:47 +02:00
040d2f0012
Use simplecpp lexer in test cases
2017-05-18 21:52:31 +02:00
7fd04cd8d0
Updated Token::expressionString(), write '->' instead of '.'
2017-04-30 14:22:18 +02:00
b526fd7c49
Ticket #7964 : Don't crash on valid code using function pointers named strcpy or strcat in main().
2017-04-21 23:36:10 +02:00
b97779591e
Fixed unit test in testbufferoverrun.cpp
2017-04-11 23:00:33 +02:00
680828788b
Fixed false negative in CheckBufferOverrun::checkInsecureCmdLineArgs(), removed redundant tests
2017-03-27 11:30:07 +02:00
171e1b8244
Fixed false negatives in CheckBufferOverrun::arrayIndexThenCheck()
2017-03-27 11:07:49 +02:00
f0d91fb74b
Fixed #7869 (False positive: Array index out of bounds)
2016-12-20 22:01:19 +01:00
f5ad7482a8
CheckBufferOverrun: Skip warnings about array index out of bounds in unions. Theoretically, the array is at least as large as the biggest union member.
2016-12-18 22:10:30 +01:00
461e5cc5c9
CheckBufferOverrun: Moved check from simplified to normal. This fixes a FP in asterisk.
2016-12-18 11:14:05 +01:00
a61f4e9c94
Fixed #7831 (false-positive: terminateStrncpy)
2016-11-24 07:04:58 +01:00
5b377ea2e4
Fixed #7821 (segmentation fault, invalid last token)
2016-11-20 14:15:51 +01:00
3f4fe8f578
Refactorized CheckBufferOverrun:
...
- Removed redundant code
- Apply non-simplified checking in test suite
2016-07-27 17:28:43 +02:00
44a19b527e
Use ValueFlow and SymbolDatabase to detect buffer overflows with new and malloc, improving support for enums ( #7576 )
2016-07-08 20:53:08 +02:00
644a216394
Fixed two false positives related to char arrays initialized by a literal:
...
- Run check for writing to string literals on non-simplified token list (#7283 )
- Run buffer overrun checking for string literals on non-simplified token list (https://sourceforge.net/p/cppcheck/discussion/general/thread/2c33dfc5/ )
2016-07-07 19:38:15 +02:00
0f11007c19
Fixed #7083 (false positive: typedef and initialization with strings)
2016-06-21 22:42:46 +02:00
8c0eab3eb3
Optimization: Improved performance of CheckBufferOverrun::checkScope() when dealing with a large number of arrays ( #5975 )
...
-> checking time decreases from 1010s to 50s on the code snippet in #5975
-> Dropped a garbage code unit test
2016-05-25 14:42:00 +02:00
659cd96b03
Fixed #7209 (False positive: Array index used before limits check reported in sizeof)
2016-01-24 14:06:02 +01:00
996c9244d8
Update copyright year to 2007-2016.
2016-01-01 15:34:45 +02:00
9c3f25603e
CheckBufferOverrun: Remove old checking of strings and use new ValueFlow-based checking instead ( #6973 )
2015-11-30 16:36:52 +01:00
0f9d90d2be
Changed Copyrights. Removed my name.
2015-11-18 20:04:50 +01:00
5074c11b53
CheckBufferOverrun: Fixed FP when accessing string that contains '\0'. Refactoring address-of.
2015-11-09 10:30:39 +01:00
ef5be435c7
Fixed #7113 (False positive arrayIndexOutOfBounds - using pointer alias with cast)
2015-11-08 17:21:32 +01:00
7d6e1974eb
Fixed #7104 (False positive arrayIndexOutOfBounds)
2015-11-08 09:30:23 +01:00
9c7271a5e9
CheckBufferOverrun: The simplifyKnownVariables() has been reduced, use ValueFlow instead
2015-11-07 18:12:01 +01:00
0a34b206e8
Refactorization: Reduced code duplication in test suite
2015-10-08 11:35:51 +02:00
3a5cef8a7e
Refactorization: Improved usage of Settings instances in test suite
2015-10-07 18:40:03 +02:00
8d2c4453ad
Small optimizations for C code in Tokenizer. Add some regression tests for recently fixed results
2015-08-29 19:00:09 +02:00
66e4faa621
Add regression test for true negative argumentSize
2015-08-29 11:14:13 +02:00
128a926d9d
Collected some more garbage code tests in testgarbage.cpp; Avoid std::string creation in testgarbage.cpp
2015-08-16 19:12:12 +02:00
42a406ac5f
testbufferoverrun: Removed duplicate test case.
2015-07-30 22:42:45 +02:00
6790d91fbb
Improve error messages for conditional values. make valueFlowSwitchVariable values conditional that depend on the case. Partial fix for #6884 .
2015-07-29 19:54:57 +02:00
c5bbea2994
Fixed #6816 (FP: buffer overflow, checkminsizes of array with string value)
2015-07-27 16:39:41 +02:00
176b3925b3
Removed "verify" code in testrunner. Fixing its messages reduces the accuracy of the test suite.
2015-07-25 14:18:41 +02:00
fef251ac76
negative array size: fixed noise when array is not vla
2015-07-04 09:42:42 +02:00
0ca410a4d7
Fixed #6668 (False positive bufferAccessOutOfBounds on sprintf() - regression)
2015-06-07 14:01:20 +02:00
baa1ae079d
New check: negative size in array declaration. Ticket #1760
2015-05-03 15:00:47 +02:00
d735918a8a
Constructor parameter type need not be a number
2015-03-25 14:56:45 +03:00
bc5132e0ac
Refactorization: Moved declaration of errout, ... to testsuite.h, uniformized style
2015-03-11 22:54:43 +01:00
cc0f61376a
more cleanup of std.cfg testing in TestBufferOverrun
2015-02-14 18:55:54 +01:00
e510902d58
TestBufferOverrun cleanup some more std.cfg testing
2015-02-14 17:30:08 +01:00
360ec9d853
updated TestBufferOverrun test case. Since checker doesn't use library dont load std.cfg.
2015-02-14 16:44:08 +01:00
0c0d62171e
removed duplicate testcase. See testcase for #836
2015-02-14 16:41:51 +01:00
a57d5d7eda
moved testcases
2015-02-14 16:37:48 +01:00
e01b30345e
move testcases in TestBufferOverrun
2015-02-14 16:29:05 +01:00
166db40af2
Fix TestBufferOverrun test case, it was wrongly written.
2015-02-14 15:51:13 +01:00
c43d537726
renamed TestBufferOverrun test method to same name as CheckBufferOverrun method that is tested
2015-02-14 15:49:17 +01:00
2b7c7134e1
TestBufferOverrun: move memset test
2015-02-14 15:46:00 +01:00
e0d90c00be
TestBufferOverrun: Cleanup testcases for memory functions
2015-02-13 16:16:59 +01:00
2d21eb07ba
Cleaned up snprintf hardcoding in CheckBufferOverrun
2015-02-13 06:44:38 +01:00
a6cfd15bde
refactoring TestBufferOverrun
2015-02-12 17:36:22 +01:00
chrchr-github
Armin Müller
Paul Fultz II
Daniel Marjamäki
orbitcowboy
Oliver Stöneberg
PKEuS
PKEuS
Ken-Patrick Lehrmann
Dmitry-Me
Sebastian
Rikard Falkeborn
Scott Furry
amai2012
orbitcowboy
Simon Martin
rebnridgway
IOBYTE
Ayaz Salikhov
Simon Martin
umanamente
Lauri Nurmi
Alexander Mai
PKEuS