Commit Graph

470 Commits

Author SHA1 Message Date
Robert Reif 0d6592dd2e use correct checkScope function in CheckBufferOverrun for single dimension member arrays 2011-09-11 19:21:13 -04:00
Robert Reif 19928e26d1 refactor to unify functionally identical code in CheckBufferOverrun::checkScope() 2011-09-11 14:00:53 -04:00
Robert Reif 547a79d4fe calculate array size for variable length structures with array at end in CheckBufferOverrun::checkStructVariable() when possible 2011-09-10 10:14:32 -04:00
Robert Reif b0eab2587d better detection of variable sized structure in CheckBufferOverrun::checkStructVariable() 2011-09-09 08:37:24 -04:00
Robert Reif 27bfa2a346 fix some CheckBufferOverrun::checkStructVariable() flase negatives for possible variable length structs 2011-09-09 07:46:06 -04:00
Robert Reif 16924c7c7a fix #3094 (Buffer access out-of-bounds in struct variable) 2011-09-09 07:16:39 -04:00
Robert Reif 812a17f294 fix one of the TODO testcases added for #3094 (Buffer access out-of-bounds in struct variable) 2011-09-08 22:44:25 -04:00
Robert Reif 65b1a4df19 add soem test cases for #3094 (Buffer access out-of-bounds in struct variable) 2011-09-08 22:41:18 -04:00
Robert Reif 7451c5cece warn when buffer is not zero terminated after memmove 2011-09-05 15:59:41 -04:00
Robert Reif f5d71d1ac5 warn when buffer is not zero terminated after memcpy 2011-09-05 15:41:37 -04:00
Robert Reif 3c8988e7a5 warn when buffer is not zero terminated after strncpy 2011-09-05 15:19:38 -04:00
Robert Reif fe85b8779e fix #2528 (false negative: buffer access out of bounds) 2011-09-04 21:39:52 -04:00
Robert Reif 50688b28fd fix #2889 (false negative: buffer access out of bounds on local struct member) 2011-09-04 19:54:57 -04:00
Robert Reif c2b76cd41f add some variable length array tests 2011-09-04 14:39:24 -04:00
Robert Reif e782d98241 final fix for #3063 (false negative: multi dimensional arrays not well supported) 2011-09-03 21:51:00 -04:00
Daniel Marjamäki d23c58d387 enable: break out 'performance' and 'portability' from the 'style' id. Ticket: #3074 2011-09-03 15:30:30 +02:00
Robert Reif d749e28dc0 another partial fix for #3063 (false negative: multi dimensional arrays not well supported) 2011-09-02 21:07:29 -04:00
Robert Reif d85410de8c partial fix for #3063 (false negative: multi dimensional arrays not well supported) 2011-09-02 19:35:09 -04:00
Daniel Marjamäki ef30da51bf Fixed #3034 (Cppcheck crash on specific file (truecrypt).) 2011-08-29 19:16:52 +02:00
Robert Reif cf6d04de74 fix #3044 (Symbol database: handle multidim array with unknown dimension 'char a[][4]') 2011-08-28 11:40:55 -04:00
Robert Reif d643397a7e better message for strncpy zero-terminated check 2011-08-28 09:06:51 -04:00
Robert Reif 8c093d0f8a refactor CheckBufferOverrun::checkScope strncpy check and change experimental to inconclusive 2011-08-27 21:18:39 -04:00
Robert Reif c4fdb8d113 better test for symbol database bug fixed in last commit 2011-08-24 06:53:27 -04:00
Robert Reif 8c1efe9bb6 improve message for #3035 (false negative: strcpy(dst, src) where src is bigger than dst) 2011-08-21 15:18:41 -04:00
Robert Reif 67e8731a96 partial fix for #3035 (false negative: strcpy(dst, src) where src is bigger than dst) 2011-08-21 14:44:55 -04:00
Robert Reif a30da73d3e fix #2986 (segmentation fault of cppcheck ( x[y] )) 2011-08-09 19:45:18 -04:00
Daniel Marjamäki e2367b4149 Fixed #2976 (False positive: array out of bounds) 2011-08-08 18:22:15 +02:00
Daniel Marjamäki 999b80bbb8 Buffer overrun: Fix false negative 2011-08-07 17:54:25 +02:00
Kimmo Varis cfcfa3f000 Use "enabled" list for the style checking.
Settings-class currently enables style checking via dedicated
boolean attribute. All other CLI's enable-options are handled
through the enable-list. This commit moves style-check enabling
to use the enable-list.

Main advantage is the consistency how options are handled/stored
in the Settings class. Which also unifies using them for the other
code. You need to enable certain type of checks? Use the
addEnabled()-method. You want to check if certain type of checks
are enabled? Use the isEnabled()-method.
2011-08-07 10:28:52 +03:00
Daniel Marjamäki fd7e085c9d Array index out of bounds: prevent false positive when a dimension for an array is unknown 2011-08-05 13:08:48 +02:00
Daniel Marjamäki 0186fc0650 tweaked the error message somewhat for id arrayIndexThenCheck 2011-08-05 09:10:07 +02:00
Daniel Marjamäki ceb763f57a Fixed #2956 (False negative: read array and then immediately check the index 'str[i] && i<sizeof(str)') 2011-08-04 11:15:14 +02:00
Daniel Marjamäki 3cfef6285c Fixed #2920 (False positive: Array 'arr[0]' index 0 out of bounds (array size and index are unknown)) 2011-07-20 07:57:42 +02:00
Daniel Marjamäki 7dcb68f5a4 CheckBufferOverrun: Detect overflows when buffer is allocated with alloca 2011-07-17 09:35:51 +02:00
Daniel Marjamäki e597ad72e7 Fixed #2841 (False positive: Array index out of bounds, can't compare ints to chars) 2011-06-29 18:44:05 +02:00
Daniel Marjamäki af7c97f972 Fixed #1684 (false positive: buffer access out of bounds when using extern variable declaration) 2011-05-07 11:34:48 +02:00
Daniel Marjamäki e5d43d4ed2 Renamed Settings::stupid to Settings::experimental 2011-04-10 15:55:08 +02:00
Daniel Marjamäki 30ee9ba6e4 Added Settings::stupid flag that can be used to hide checking that generates false positives. 2011-04-10 13:23:45 +02:00
Daniel Marjamäki 07fe361964 Fixed #2638 (Tokenizer::setVarId : varid is wrongly given when unknown macro is used) 2011-03-13 17:52:45 +01:00
Daniel Marjamäki bea3875386 Fixed #2607 (segmentation fault of cppcheck ( struct C {} {} x)) 2011-03-09 21:00:28 +01:00
Daniel Marjamäki bf2362d558 Fixed #2634 (False positive: buffer access out of bounds) 2011-03-08 19:49:56 +01:00
Reijo Tomperi 7f9dc42ff1 Fix test array_index_24() to share code with environments where plain char is either signed or unsigned.
This was done, because that particular test has been already fixed a couple of times and it is still broken in some systems.
2011-02-22 21:46:12 +02:00
Daniel Marjamäki bfe28d3b26 Fixed #2597 (False positive: Buffer access out-of-bounds for u_char, uint*_t, ...) 2011-02-20 21:24:57 +01:00
Raphael Geissert 5998ec4af9 Really fix the build failure this time 2011-02-15 14:10:56 -06:00
Daniel Marjamäki aacb94c427 Revert "Buffer overruns: Removed TODO test case. We intentionally don't check struct/class arrays fully to avoid false positives"
This reverts commit 87cc42e6f0.
2011-02-13 22:48:26 +01:00
Daniel Marjamäki 87cf0949f2 Buffer overruns: Removed TODO test case. We intentionally don't check struct/class arrays fully to avoid false positives 2011-02-13 21:48:13 +01:00
Daniel Marjamäki 87cc42e6f0 Buffer overruns: Removed TODO test case. We intentionally don't check struct/class arrays fully to avoid false positives 2011-02-13 21:42:35 +01:00
Daniel Marjamäki 518a495334 Fixed #2576 (False positive: (error) Buffer access out-of-bounds) 2011-02-12 18:34:12 +01:00
Daniel Marjamäki 318f2e8a57 Fixed #2561 (False positive on array index when using conditional operator) 2011-02-12 11:31:10 +01:00
Raphael Geissert d8119cd57a Fix test for architectures where char is unsigned 2011-02-12 02:42:31 -06:00
Erik Lax c7821675dd Preprocessor: Test handling of strings with multiple spaces (Ticket: #2548) 2011-02-11 18:57:58 +01:00
Daniel Marjamäki 757c840633 astyle formatting 2011-01-31 17:26:07 +01:00
Ettl Martin f3111b541e #2528 added todo-testcase 2011-01-31 13:46:51 +01:00
Pete Johns 098f0bf3e6 Fixed #2526 (Make TODO_ASSERT_EQUALS take three arguments (value, to_be, as_is)?...
Removed replaced EXPECTED with...

WANTED (to-be):     The future expected value.
CURRENT (as-is):    Documenting how cppcheck behaves now.

This removes the need for an ASSERT_EQUALS but enforces the check for every TODO_ASSERT_EQUALS.
2011-01-30 23:20:11 +11:00
Daniel Marjamäki 9d3b242cd8 Fixed #1952 (false negative: buffer acces out of bounds with memcpy) 2011-01-22 21:31:26 +01:00
Reijo Tomperi 226b605774 Change year 2010 -> 2011 in license texts. 2011-01-09 21:33:36 +02:00
Daniel Marjamäki 79ef02812d Fixed #2211 (false negative: buffer access out of bounds for(int i=0; i !=6;i++)) 2011-01-09 18:51:28 +01:00
Kimmo Varis b750a52f6d Improve strncat 3rd parameter usage warning message.
See forum thread:
https://sourceforge.net/apps/phpbb/cppcheck/viewtopic.php?f=3&t=192
2011-01-04 23:17:44 +02:00
Daniel Marjamäki 4ec9d418ff Fixed #2215 (Improve check: Writing outside malloc bounds not detected) 2011-01-01 20:56:21 +01:00
Daniel Marjamäki 2da3fea1b8 Fixed #2386 (segmentation fault occurs in the checking when typedef has same name as an enum constant) 2010-12-31 20:55:28 +01:00
Daniel Marjamäki 04eb9cf305 Fixed #2378 (Refactoring: create utility function that skips redundant if/for/while) 2010-12-31 18:07:46 +01:00
Daniel Marjamäki ed6c76ce04 Fixed #2385 (False positive: array index out of bounds) 2010-12-31 17:43:38 +01:00
Daniel Marjamäki 38e7209d26 Fixed #2373 (Using XML2 in --errorlist output) 2010-12-29 12:43:29 +01:00
Daniel Marjamäki bdf0cb7115 Fixed #2370 (false negative: Buffer access out-of-bounds (for with if, no break)) 2010-12-28 20:46:31 +01:00
Daniel Marjamäki 6aa400fd80 Buffer overrun: UB when pointer arithmetic result points out of bounds. Ticket #1774 2010-12-26 21:23:28 +01:00
Daniel Marjamäki 8247270f35 Fixed #2328 (false positive: buffer overrun (for loop with a break => the end value is not reached)) 2010-12-19 10:39:43 +01:00
Daniel Marjamäki f6c00fc478 Fixed #2323 (false positive: Buffer access out of bounds) 2010-12-18 10:54:36 +01:00
Daniel Marjamäki eb0231b48f astyle formatting 2010-12-16 20:15:22 +01:00
Daniel Marjamäki 5ce63a1df0 Fixed #2292 (segmentation fault with cppcheck 1.46 with --errorlist) 2010-12-13 18:17:33 +01:00
Robert Reif f12c0c7ada Tokenizer: add assert(_settings) to Tokenizer to insure the tokenizer always has settings. Ticket: #2219 2010-12-01 18:00:55 +01:00
Daniel Marjamäki ec6edaee6e Buffer overflow: Added unit test that makes sure that array index out of bounds is detected inside loop. Ticket: #2199 2010-11-21 12:24:57 +01:00
Daniel Marjamäki 66c2825b23 Fixed #2210 (False positive: buffer overrun (snprintf, unknown type)) 2010-11-18 19:26:46 +01:00
Daniel Marjamäki 586f4992d8 Tokenizer::simplifyKnownVariables: Fixed TODO test cases in TestBufferOverrun 2010-11-07 17:42:32 +01:00
Daniel Marjamäki fb068a4e71 Fixed #2170 (false positive: After a strncpy() the buffer should be zero-terminated) 2010-11-07 09:37:45 +01:00
Daniel Marjamäki dd41c74d7f Fixed #2136 (false negative: array bounds) 2010-11-06 09:10:10 +01:00
Daniel Marjamäki 52faadda89 Tokenizer: simplify calculations with zero better 2010-11-05 20:35:31 +01:00
Daniel Marjamäki b55f6458a2 Fixed #2120 (False positive: array index out of bounds (unknown type in struct, sub function)) 2010-10-30 12:32:43 +02:00
Daniel Marjamäki 79583ee45d #2133 (cppcheck: floating point exception) 2010-10-26 20:05:34 +02:00
Daniel Marjamäki 306587b1d0 Buffer overruns: Fixed TODO test case 2010-10-24 11:32:27 +02:00
Daniel Marjamäki f3c6c64e9a Fixed #2121 (False positive: Buffer access out-of-bounds when using uint32_t) 2010-10-23 13:12:17 +02:00
Daniel Marjamäki 5deb046ac5 Fixed #2120 (False positive: array index out of bounds (unknown type in struct, sub function)) 2010-10-23 08:49:03 +02:00
Daniel Marjamäki 9fdc03fc1d Fixed #2117 (false positive: buffer access out of bounds) 2010-10-22 20:15:51 +02:00
Daniel Marjamäki 2ca7dbc004 Fixed #2109 (false positive: buffer overrun) 2010-10-19 18:23:44 +02:00
Daniel Marjamäki 92a1e9e76e Severities: Added 'warning' and 'performance' severities. No changes to the command line options nor to the XML format. Ticket: #2106 2010-10-17 14:41:00 +02:00
Daniel Marjamäki ba2b986ece Fixed #2097 (false positive: buffer access out of bounds) 2010-10-14 20:00:32 +02:00
Daniel Marjamäki b6c995ea47 Fixed #2096 (False positive: buffer overrun (extern array)) 2010-10-13 20:57:59 +02:00
Daniel Marjamäki 229604b3e3 Fixed #2093 (False positive: buffer access out of bounds (unknown type)) 2010-10-13 18:06:50 +02:00
Daniel Marjamäki 9e15c4ef38 Fixed #2088 ([test.c:12]: (error) Buffer access out-of-bounds: l) 2010-10-12 19:35:20 +02:00
Daniel Marjamäki 74bf1821e6 Array index: detect array index out of bounds when datatype is unknown. Ticket: #2086 2010-10-11 20:52:14 +02:00
Daniel Marjamäki a73ada54d5 Fixed #1705 (false negative: access past end of buffer) 2010-10-10 09:15:18 +02:00
Daniel Marjamäki e7f7c77eab Fixed #1948 (C++ class scoping not followed) 2010-08-24 22:04:14 +02:00
Erik Lax 248bb3b6e8 Fixed #1935 (false negative: detect buffer overrun from network functions (recv, recvfrom..)) 2010-08-14 20:19:23 +02:00
Daniel Marjamäki 1b2f16f443 Buffer overflow: Fixed two TODO test cases 2010-08-05 11:01:47 +02:00
Daniel Marjamäki 33bf8bf730 Fixed #1670 (False negative: Array index out of bounds in return statement) 2010-08-04 20:38:52 +02:00
Daniel Marjamäki bea714445a Fixed #1850 (An access to a nested std::map via a negative integer key is reported as 'Array index out of bounds') 2010-07-14 12:24:07 +02:00
Daniel Marjamäki b02fc037ed Buffer Overrun: Fixed false positive when variable is reassigned in called function 2010-07-05 22:19:27 +02:00
Robert Reif 18bb7488b9 Fixed #1787 (false negative: out of bounds in derived class) 2010-06-13 07:17:50 +02:00
Martin Ettl 0d34416bce added TODO_TESTCASE for ticket 1734: Array index out of bounds 2010-06-06 16:20:50 +02:00
Daniel Marjamäki 5789eb116d astyle formatting 2010-06-02 18:09:25 +02:00
Zachary Blair 33b4254d33 Fixed #568 (string functions with command line arguments may overflow buffer) 2010-06-01 22:41:07 -07:00
Daniel Marjamäki 7601089bee astyle formatting 2010-05-29 11:19:56 +02:00
Zachary Blair 59086fa599 Fixed #818 (Detect sprintf buffer overrun with struct members) 2010-05-28 22:51:28 -07:00
Daniel Marjamäki d23f63c805 astyle formatting 2010-05-26 19:21:34 +02:00
Zachary Blair 619cfbc56f Fixed #168 (buffer overflow: not enough room for the null terminator) 2010-05-26 01:56:34 -07:00
Daniel Marjamäki c31accc52a Fixed #1695 (Ticket #1614 is broken using latest from git) 2010-05-19 19:23:09 +02:00
Daniel Marjamäki f8442391af astyle formatting 2010-05-17 19:51:35 +02:00
Monika Lukow 71e5c56bf9 Fixed #1418 (false negative: buffer access out of bounds) 2010-05-16 23:53:42 +02:00
Daniel Marjamäki 01034cd48d Refactoring: Removed 'possible error' message about cin 2010-05-16 19:09:36 +02:00
Daniel Marjamäki 26fab24de4 Refactoring: Removed some inconclusive checking in CheckBufferOverrun 2010-05-16 15:30:39 +02:00
Daniel Marjamäki 0415560912 refactoring: changed the severity for strncatUsage from possibleError to style 2010-05-02 09:54:08 +02:00
Daniel Marjamäki 883d462553 refactoring: Use style severity instead of possible error for the 'The size argument is given as a char constant' 2010-05-02 09:16:45 +02:00
Daniel Marjamäki 0444ff5298 Fixed #1627 (###### If you see this, there is a bug ###### - Token::Match('%varid% [ %num% ]', 0)) 2010-04-26 18:52:40 +02:00
Daniel Marjamäki 1a34e7daf6 Fixed #948 (array index out of bound not detected 'a[i-1] = 0') 2010-04-25 07:34:50 +02:00
Daniel Marjamäki 8ccd95a643 Fixed #836 (buffer overrun: memmove) 2010-04-24 21:48:58 +02:00
Martin Ettl 5eb9c78533 added further testcases to multidimensional out of bounds unit test 2010-04-23 22:04:49 +02:00
Martin Ettl bd4bead561 update in todo testcase (line number was wrong) 2010-04-23 21:59:46 +02:00
Martin Ettl 572ae0c1b4 added todo testcases for multidimensional out of bounds checking 2010-04-23 21:56:35 +02:00
Daniel Marjamäki a3b781a181 Fixed #819 (array index out of bounds not detected for multidimension arrays) 2010-04-23 16:26:40 +02:00
Daniel Marjamäki b9d8f52cca CheckBufferOverrun: Fixed false positives caused by refactorings 2010-04-22 19:22:23 +02:00
Daniel Marjamäki f9f6927e63 CheckBufferOverrun: Don't give false positives when reading from array with strncpy/strncat 2010-04-21 20:02:58 +02:00
Daniel Marjamäki f057e127a0 CheckBufferOverrun: Refactoring the checking of function calls 2010-04-21 19:27:28 +02:00
Daniel Marjamäki 798aa84151 Refactoring: CheckBufferOverrun refactorings. split up the checkScope into two separate functions. The ArrayInfo usage was improved. Also broke out for-loop handling into separate functions. 2010-04-21 18:33:21 +02:00
Reijo Tomperi 96d66af478 Change "Array index -1 corresponds with 4294967295..." error message into "Array index -1 is out of bounds" 2010-04-20 21:44:31 +03:00
Daniel Marjamäki 7e2f39290d Fixed #1614 (negative array index issues in latest from git) 2010-04-20 16:43:51 +02:00
Daniel Marjamäki 8eff4fcbba Buffer overruns: Added testcase for negative index when using 2-dimensional array 2010-04-18 21:07:21 +02:00
Daniel Marjamäki b6ab419a06 Buffer Overrun: Broke out the checking for negative array index 2010-04-18 20:51:39 +02:00
Daniel Marjamäki a473345f18 Buffer overruns: First change to detect overruns in multidimensional arrays (#819) 2010-04-18 11:08:29 +02:00
Daniel Marjamäki 6db4ab68ef Unit Testing: added assertions for todo testcases to detect changes 2010-04-17 15:01:18 +02:00
Daniel Marjamäki c0e9a546f7 Refactoring: Refactoring the Settings class 2010-04-17 09:23:54 +02:00
Reijo Tomperi 35d2a27b9c Update copyright year in all source files 2010-04-13 22:23:17 +03:00
Reijo Tomperi d102369196 Fix #1590 (False negative: Array index out of bounds: "0 <= i")
http://sourceforge.net/apps/trac/cppcheck/ticket/1590
2010-04-12 22:04:59 +03:00
Reijo Tomperi 7f7e621ecb More tests added to test/testbufferoverrun.cpp 2010-04-11 23:22:16 +03:00
Daniel Marjamäki 6f74c0af5e Fixed #1587 (Crash while processing file) 2010-04-11 20:57:30 +02:00
Daniel Marjamäki 5fed938f56 Fixed #1190 (array index out of bounds when index variable is assigned in a condition) 2010-04-10 21:12:00 +02:00
Daniel Marjamäki e17cce6ac4 Unit Testing: Added an ASSERT 2010-04-10 18:54:12 +02:00
Daniel Marjamäki 15da4fe689 Refactoring: simplified test case 2010-04-10 18:50:28 +02:00
Daniel Marjamäki e9b4ea44a2 Refactoring: Disable inconclusive checks. They can still be activated for debugging/testing purposes 2010-04-10 14:05:33 +02:00
Daniel Marjamäki b4e9185177 Fixed #1134 (improve check: pointer access out of bounds not detected (allocated with malloc)) 2010-04-10 07:57:29 +02:00
Daniel Marjamäki 9a4707c025 Fixed #1576 ('Index out of bounds' false positive) 2010-04-08 19:57:38 +02:00
Martin Ettl 2e11805c1a added TODO testcase for checking fwrite() and fread() check for buffer overrun 2010-04-06 20:56:01 +02:00
Reijo Tomperi c28b365ea0 astyle fix 2010-04-06 16:56:06 +03:00
Martin Ettl c4d1d47f6b fixed ticket 997, now fread and fwrite checked for bufferoverrun 2010-04-06 13:55:03 +02:00
Reijo Tomperi 928163b0cf Fix line number in previously committed unit test 2010-04-05 23:37:30 +03:00
Daniel Marjamäki 0cffe547f9 Unit Testing: Added unit test for untested code in CheckBufferOverrun. Using memset on struct. 2010-04-05 21:50:40 +02:00
Reijo Tomperi d3c251f53a Refactor and fix "After a strncpy() the buffer should be zero-terminated" checking, 2010-04-05 21:47:50 +03:00
Daniel Marjamäki 6327ed55a2 Unit Testing: Buffer overruns when using memchr/memset/memcpy/etc 2010-04-05 20:02:28 +02:00
Daniel Marjamäki 0cad22314e Reverted 'astyle fix'. Those changes are not in sync with my astyle configuration/setup. 2010-04-02 07:30:58 +02:00
Martin Ettl 193aa7d1d3 astyle fix 2010-04-02 02:21:53 +02:00
Reijo Tomperi c7d36b73ed Fix #1548 (False positive: array index out of bounds in for-loop)
http://sourceforge.net/apps/trac/cppcheck/ticket/1548
2010-04-01 22:35:36 +03:00
Robert Reif 32e597e343 Fixed #1539 (False positive: possible error Array index out of bounds) 2010-03-30 17:33:17 +02:00
Robert Reif 0bddd1977f Fixed #1536 (###### If you see this, there is a bug ###### Token::Match() - varid was 0) 2010-03-29 17:25:38 +02:00
Robert Reif 62d2845014 Fixed #1492 (false negatives: array index out of bounds) 2010-03-28 15:56:13 +02:00
Robert Reif c50469dba6 Fixed #1523 (false negative:: buffer access out of bounds when using shift operator) 2010-03-27 07:21:08 +01:00
Reijo Tomperi 88840e6a08 Fix #1453 (possible infinite loop processing GNU Go's engine/montecarlo.c)
http://sourceforge.net/apps/trac/cppcheck/ticket/1453
2010-02-27 23:47:56 +02:00
Daniel Marjamäki 8f4edb5e45 Fixed #1409 (False positive: Buffer access out-of-bounds with strncpy and an array in typedef'ed struct) 2010-02-21 15:23:50 +01:00
Reijo Tomperi e44f0b1b8d Fix #1392 (Segfault in CheckBufferOverrun::checkScope)
http://sourceforge.net/apps/trac/cppcheck/ticket/1392
2010-02-15 23:20:09 +02:00
Monika Lukow e9e5174797 Fixed #1333 (Detect access out of bounds 'for (i = 100; i > 0; --i) a[i] = 0;') 2010-02-14 23:10:15 +01:00
Reijo Tomperi 2a78637da7 Fix #1340 (False positive: Array out of bounds for re-initialised array pointer)
http://sourceforge.net/apps/trac/cppcheck/ticket/1340
2010-02-10 23:11:08 +02:00
Reijo Tomperi 9852ab86e9 Fix #1358 (False negative: out-of-bounds not found near return)
http://sourceforge.net/apps/trac/cppcheck/ticket/1358
2010-02-05 23:55:10 +02:00
Reijo Tomperi db2aff03c7 Added test case for #1333 (Detect access out of bounds 'for (i = 100; i > 0; --i) a[i] = 0;')
http://sourceforge.net/apps/trac/cppcheck/ticket/1333
2010-01-31 22:02:26 +02:00
Daniel Marjamäki c666a9662b BufferOverrun: negative index is out of bounds 2010-01-11 21:18:07 +01:00
Daniel Marjamäki 57d1da3910 Ticket #1228 : Handle tokensBack in the Token class. When adding&removing tokens the Token class can make sure that this pointer is updated accordingly. It is very important that the tokensBack has the same scope as the token list, otherwise there will be a dead pointer problem. 2010-01-06 20:19:27 +01:00
Daniel Marjamäki e6d5c76138 refactoring 2010-01-03 15:52:52 +01:00
Daniel Marjamäki 79223b71d5 added test case for #1193 (false negative: array out of bounds in loop when there is calculation) 2010-01-03 15:49:17 +01:00
Daniel Marjamäki 5925b88b38 Robert Reif: improve check: array index out of bounds, show name of array, array size and array index 2009-12-25 15:25:58 +01:00
Daniel Marjamäki 8a1940e043 astyle 2009-12-19 17:57:58 +01:00
Daniel Marjamäki 0da0b5ffed ericsesterhenn: Fixed #1106 (check if buffer is zero terminated after a strncpy) 2009-12-18 17:26:15 +01:00
Daniel Marjamäki 0b09c36851 Fixed #1026 (false positive: buffer access out of bounds) 2009-12-05 11:41:30 +01:00
Martin Ettl 03e7914c98 partial fix of ticket #997; added check for write() two testcases 2009-11-28 13:41:24 +01:00
Daniel Marjamäki f75c9619d1 Fixed #1021 (Out-of-bounds access false positive) 2009-11-28 12:51:23 +01:00
Reijo Tomperi 12a87fa3a4 Fix #1007 (False positive array index out of bounds concerning a switch statement in a for loop)
Bailout if switch is found in for loop.
http://sourceforge.net/apps/trac/cppcheck/ticket/1007
2009-11-25 22:40:51 +02:00
Reijo Tomperi 9bdf4502ed Fix #995 (false positive: buffer access out of bounds when using fgets)
http://sourceforge.net/apps/trac/cppcheck/ticket/995
2009-11-21 15:45:52 +02:00
Reijo Tomperi 6417704577 Fix #985 (Detect buffer overrun with read())
http://sourceforge.net/apps/trac/cppcheck/ticket/985
2009-11-20 23:47:06 +02:00
Reijo Tomperi 9275b49688 Fix #964 (Integer division by zero exception)
http://sourceforge.net/apps/trac/cppcheck/ticket/964
2009-11-15 17:44:30 +02:00
Slava Semushin 6669a50634 Fixed #842 (out of bounds: when buffer is allocated with malloc)
http://sourceforge.net/apps/trac/cppcheck/ticket/842
2009-11-15 18:38:57 +06:00
Slava Semushin 3911dd79cb Fixed #900 (Improve out-of-bounds check to detect error with "new char(x)")
http://sourceforge.net/apps/trac/cppcheck/ticket/900
2009-11-15 18:04:17 +06:00
Reijo Tomperi 3d5760b149 Fix #947 (Errors not detected when size_t is used instead of int)
http://sourceforge.net/apps/trac/cppcheck/ticket/947
2009-11-12 23:31:13 +02:00
Reijo Tomperi 0518eed937 Fix #946 (False positive: Buffer access out-of-bounds)
http://sourceforge.net/apps/trac/cppcheck/ticket/946
2009-11-12 23:24:44 +02:00
Daniel Marjamäki 1fe94d74b8 unit testing: minor syntax fixes 2009-11-09 20:34:36 +01:00
Daniel Marjamäki 52eb32eb5b testbufferoverrun.cpp: fixed unit test error 2009-11-07 19:59:03 +01:00
Daniel Marjamäki 3b9b3b241e testbufferoverrun.cpp: minor updates to make it work better as extracted code 2009-11-07 19:51:18 +01:00
Daniel Marjamäki 3bd36226d6 testbufferoverrun: minor updates to make the code more easily compilable 2009-11-07 18:03:33 +01:00
Reijo Tomperi b222ef89be Fix #903 (false positive: buffer access out of bounds)
http://sourceforge.net/apps/trac/cppcheck/ticket/903
2009-11-07 00:58:33 +02:00
Daniel Marjamäki 77b676937d cleanup in testbufferoverrun.cpp 2009-11-06 19:15:59 +01:00
Reijo Tomperi 504ae8e22d Fix #868 (False positive - buffer access out of bounds in for loop)
http://sourceforge.net/apps/trac/cppcheck/ticket/868
2009-10-29 16:04:23 +02:00
Reijo Tomperi 9db22d9b48 Modify CheckBufferOverrun::checkGlobalAndLocalVariable() to use varid only.
Also add some TODO test cases.
2009-10-28 22:42:54 +02:00
Reijo Tomperi 0e695ea527 Test case for #863 (false positive memset array of pointers)
http://sourceforge.net/apps/trac/cppcheck/ticket/863
2009-10-27 20:54:35 +02:00
Daniel Marjamäki 09859c1019 refactoring the folder structure 2009-10-25 12:49:06 +01:00
Reijo Tomperi 6fbf873d25 Improved countSprintfLength() to detect more errors with %d.
Fixed some errors from test cases.
Added more test cases.
2009-10-20 00:48:29 +03:00
Reijo Tomperi aca743c9ed Fix #826 (False positive: sprintf with "f%s")
http://sourceforge.net/apps/trac/cppcheck/ticket/826
2009-10-18 13:58:48 +03:00
Daniel Marjamäki 01af70cc88 Fixed #823 (Buffer overrun with memcpy) 2009-10-15 19:36:48 +02:00
Reijo Tomperi be90d34962 Buffer overrun errors behind function call should be possible errors. 2009-10-14 00:09:37 +03:00
Reijo Tomperi 3dc45903bc Move buffer overrun errors behind --all
Fix one possible error issue with arrayindexoutofbounds
Make sure that possible errors are not shown without --all
2009-10-13 23:33:41 +03:00
Reijo Tomperi 4036dd5eff arrayIndexOutOfBounds check is now done without --all
Errors with buf[1] are still listed only with --all due to false positive risk in them.
2009-10-13 22:39:51 +03:00
Reijo Tomperi b6999d010f Fix #812 (False positive: sprintf with "%.4s" with --all)
http://sourceforge.net/apps/trac/cppcheck/ticket/812
2009-10-11 22:07:18 +03:00
Reijo Tomperi 59aad35137 Fix #694 (False (possible error) Buffer overrun with %-1s)
ashim2009 did most of the work
http://sourceforge.net/apps/trac/cppcheck/ticket/694
2009-10-11 21:36:22 +03:00
Reijo Tomperi a078c9353d More test cases for sprintf counter 2009-10-08 17:36:00 +03:00
Reijo Tomperi 5eee9af974 sprintf counter improvements 2009-10-08 16:27:46 +03:00
Reijo Tomperi 52ca36a6ed Added more test cases for sprintf counter 2009-10-07 21:33:44 +03:00
Daniel Marjamäki 13e43b8710 Ashim Kapoor: updated the counter (#694) 2009-10-07 18:21:44 +02:00
Reijo Tomperi fcd269dbf7 Refactoring: Moved some code into a new function.
Renamed count->countSprintfLength.
Added code to collect sprintf parameters.
Added a few TODO test cases.
2009-10-07 15:37:20 +03:00
Reijo Tomperi d598bed1c6 Fix #575 (Array index out of bounds check: get address of one-past-the-end array is legal)
http://sourceforge.net/apps/trac/cppcheck/ticket/575
2009-10-06 14:50:27 +03:00
Reijo Tomperi 1eba4b374f Fix #794 (Floating point exception on CheckBufferOverrun)
http://sourceforge.net/apps/trac/cppcheck/ticket/794
2009-10-05 23:19:44 +03:00
Reijo Tomperi 4650e513e1 Fix #741 (False positive: Buffer overrun with -a when index increased in multiple locations)
http://sourceforge.net/apps/trac/cppcheck/ticket/741
2009-10-01 11:33:53 +03:00
Reijo Tomperi d4a97eb2b4 Fix #419 (missleading buffer overrun)
http://sourceforge.net/apps/trac/cppcheck/ticket/419
2009-10-01 10:59:27 +03:00
Reijo Tomperi ec44f8f6c7 Fix #744 (False positive: (possible error) Array index out of bounds)
http://sourceforge.net/apps/trac/cppcheck/ticket/744
2009-09-30 15:51:33 +03:00
Daniel Marjamäki e5bc4a02ae added a TODO_ASSERT_EQUALS for the counter 2009-09-29 20:50:22 +02:00
Reijo Tomperi 77d677dd59 TODO test case for count() added 2009-09-29 18:51:29 +03:00
Daniel Marjamäki 12b29e35ad Ashim Kapoor: deal with backspace better (#694) 2009-09-29 17:02:19 +02:00
Daniel Marjamäki a1e20290cd Refactoring the unit testing of format strings 2009-09-27 22:13:15 +02:00
Slava Semushin e8c83613e4 Fixed #740 (False positive, buffer overrun with --all)
Regression since 07f41f4563 commit.

http://sourceforge.net/apps/trac/cppcheck/ticket/740
2009-09-27 22:50:59 +07:00
Slava Semushin 661ce78b69 Fixed #738 (False Buffer overrun with -a when i is increased by more than 1 inside loop body)
http://sourceforge.net/apps/trac/cppcheck/ticket/738
2009-09-27 22:14:51 +07:00
Reijo Tomperi fdde2182b9 Fix GPL comments in all files. ">." was missing from the end. 2009-09-27 18:08:31 +03:00
Slava Semushin 07f41f4563 Fixed #714 (False Buffer overrun with -a when i is increased by more than 1 in a loop)
http://sourceforge.net/apps/trac/cppcheck/ticket/714
2009-09-27 21:12:46 +07:00
Slava Semushin acdbb20c99 Detect buffer overruns when ?: use as sprintf() argument. 2009-09-27 00:40:58 +07:00
Slava Semushin 19ed8e9311 Fixed #729 (False positive: Buffer overrun when ? is used to select parameter)
http://sourceforge.net/apps/trac/cppcheck/ticket/729
2009-09-27 00:06:54 +07:00
Slava Semushin 50a34b8a37 Fixed #731 (False positive, strcpy copying a buffer with a null character)
http://sourceforge.net/apps/trac/cppcheck/ticket/731
2009-09-26 22:58:14 +07:00
Daniel Marjamäki 3da779725d Ashim Kapoor: handle %i,%f,%d,%x,%X better (#694) 2009-09-26 16:19:18 +02:00
Reijo Tomperi 6a63742dde Fix #730 (False positive, buffer overrun with strncpy)
http://sourceforge.net/apps/trac/cppcheck/ticket/730
2009-09-25 23:32:18 +03:00
Daniel Marjamäki fe3c8cab9f Ashim Kapoor: Added function that returns minimum size of format strings (#694) 2009-09-25 18:23:44 +02:00
Slava Semushin 5dee65048f Fixed #690 (False positive: (possible error) Buffer overrun)
http://sourceforge.net/apps/trac/cppcheck/ticket/690
2009-09-20 17:54:19 +07:00
Slava Semushin a9273c9d39 Fixed #629 (Tokenizer: expand nested strcat() calls)
http://sourceforge.net/apps/trac/cppcheck/ticket/629
2009-09-05 23:46:27 +07:00
Slava Semushin c50f7787f9 Fixed #569 (Buffer overrun not detected when strcat() called few times)
http://sourceforge.net/apps/trac/cppcheck/ticket/569
2009-08-30 18:44:23 +07:00
Slava Semushin 7c86a10a9d Fixed #617 (False positive "buffer overrun" when sprintf() doesn't have optional parameters)
http://sourceforge.net/apps/trac/cppcheck/ticket/617
2009-08-27 00:21:32 +07:00
Slava Semushin 0f96299d87 Fixed ticket #570 (Buffer overrun not detected when sprintf() format string greater then buffer size)
http://sourceforge.net/apps/trac/cppcheck/ticket/570
2009-08-08 21:52:35 +07:00
Slava Semushin 92d4c086ce Fixed ticket #571 (Buffer overrun for sprintf() not detected after first ')' symbol)
http://sourceforge.net/apps/trac/cppcheck/ticket/571
2009-08-08 21:03:10 +07:00
Slava Semushin 822fb93cda Improved "index out of bounds" check.
Corrected 342acaaaf2 commit.
2009-08-02 19:29:45 +07:00
Slava Semushin f38530fb31 test/testbufferoverrun.cpp: improve test cases. 2009-08-02 19:29:37 +07:00
Slava Semushin 342acaaaf2 Fixed #547 (index out of bounds not detected when addition used as array index)
http://sourceforge.net/apps/trac/cppcheck/ticket/547
2009-08-02 14:59:02 +07:00
Slava Semushin 6c022798ea Fixed ticket #499 (buffer overflow not detected when using macros)
sprintf() buffer overrun detection works wrong due to typo (since time
when it was added in commit a604f56f19).

Also reports buffer overrun when sprintf() writes bytes equal to
buffer size -- in this case off-by-one error appears.

http://sourceforge.net/apps/trac/cppcheck/ticket/499
2009-07-26 19:29:46 +07:00
Daniel Marjamäki 18f9e05f5a refactoring: Renamed checking classes 2009-07-13 16:00:15 +02:00
Daniel Marjamäki 7d35447d80 refactoring: renamed the severity "all" to "possible error" 2009-07-13 10:16:31 +02:00
Daniel Marjamäki 36896e1ca0 better description for the message with id strncatUsage 2009-07-11 12:16:38 +02:00
Reijo Tomperi 751a31ed91 Fix ticket #445 (simple to avoid false positive for buffer overflow)
http://sourceforge.net/apps/trac/cppcheck/ticket/445
Simple bailout in case "if" is found inside the for-loop.
2009-06-30 00:42:46 +03:00
Slava Semushin 4dd3835617 Embed errout.str() into ASSERT_EQUALS() call.
Get rid of useless variables.

No functional change.
2009-06-14 13:33:44 +07:00
Slava Semushin 58781c761c Fixed ticket #329 (snprintf size is out of bounds when two variables in one scope with similar names)
FIXME:
Because it's fix for simplifyTokenList() test should be moved to
test/testsimplifytokens.cpp file.

http://apps.sourceforge.net/trac/cppcheck/ticket/329
2009-06-05 09:53:34 +07:00
Slava Semushin 52a8368b02 Strip redundant std::string usage from tests.
Second round: handle empty strings.

Done by command:
git grep -l ASSERT_EQUALS | xargs sed -i 's|ASSERT_EQUALS(std::string(\(".*"\)),|ASSERT_EQUALS(\1,|'

Should be no functional change.
2009-06-05 07:43:55 +07:00
Daniel Marjamäki b4c637c58b Fixed #350 (False positive: Array index out of bounds) 2009-06-02 18:56:53 +02:00
Daniel Marjamäki 6ef87e8eab Fixed #339 (Buffer overrun not detected with pointer arrays)
http://apps.sourceforge.net/trac/cppcheck/ticket/339
2009-06-01 19:21:08 +02:00
Slava Semushin e5c0383594 Strip redundant std::string usage from tests.
Done by command:
git grep -l ASSERT_EQUALS | xargs sed -i 's|ASSERT_EQUALS(std::string(\(".\+"\)),|ASSERT_EQUALS(\1,|'

Should be no functional change.
2009-06-01 02:50:25 +07:00
Reijo Tomperi 58eda6e978 Fix ticket #325 (Replace developer names in source files with AUTHORS file)
http://apps.sourceforge.net/trac/cppcheck/ticket/325
2009-05-30 08:48:12 +03:00
Reijo Tomperi 11858129d0 Fix ticket #243 (boundary checking)
http://apps.sourceforge.net/trac/cppcheck/ticket/243
2009-04-04 21:05:48 +03:00
Daniel Marjamäki b9f4a773b8 Buffer overrun: Added check to detect when size argument to memset is a char constant (#213) 2009-03-25 07:25:10 +01:00
Daniel Marjamäki 6580e0eb21 fixed snprintf false positive (#210) 2009-03-24 18:43:39 +01:00
Daniel Marjamäki 21dff96e7b refactoring checkbufferoverrun 2009-03-20 17:35:53 +01:00
Daniel Marjamäki 0cc7672673 Fixed Ticket #82 (detect buffer overrun; dynamic memory) 2009-03-16 18:11:09 +01:00
Reijo Tomperi fc8f47145a Copyrights updated 2009-03-01 19:52:33 +00:00
Daniel Marjamäki dddfc50dff Reverted changes made in [1289] 2009-02-27 07:50:39 +00:00
Daniel Marjamäki 91011b8450 array index out of bounds: Added todo test case TestBufferOverrun::array_index_13 for ticket #118 2009-02-26 19:46:59 +00:00
Daniel Marjamäki 08f76279ed buffer overrun: catch cases when using cin to read to a char array 2009-02-21 12:22:04 +00:00