Commit Graph

133 Commits

Author SHA1 Message Date
Daniel Marjamäki 88a35d2253 Fix CodeQL warning, Multiplication result converted to larger type 2020-11-06 19:50:05 +01:00
Georgy Komarov 80dee36e68
library: Add new warning: ignoredReturnErrorCode (#2877)
* library: Add optional "type" attribute to "use-retval"

Added an optional "type" attribute to "use-retval" nodes in the
configuration. When the return type of a function configured with
`<use-retval type="error-code"\>` node does not used, the new style
error "ignoredReturnErrorCode" will be generated.

* Fix and improve patch after the initial review

* Fixed severity level and [[nodiscard]] attribute

* Fix incorrect condition

* Remove redundant condition
2020-11-05 13:35:52 +01:00
Daniel Marjamäki 84b8f32fd4 daca: group warnings for prohibited functions 2020-09-27 21:42:07 +02:00
Jens Yllman 08b0fa21a7 do not report locally declared functions as missing configuration for --check-library 2020-06-18 14:49:19 +02:00
Jens Yllman 9320ac287a only report on functions in --library files 2020-06-18 11:42:07 +02:00
Daniel Marjamäki 08ddd84780 Update copyright year 2020-05-10 11:16:32 +02:00
Daniel Marjamäki 3e0218299b Revert "Update copyright year"
This reverts commit 6eec6c4bd5.
2020-05-10 11:13:05 +02:00
Daniel Marjamäki 6eec6c4bd5 Update copyright year 2020-05-10 11:11:34 +02:00
Rikard Falkeborn f6e7fb4bd9
Bugfix valuetype for some integer constants (#2545) 2020-02-19 07:51:39 +01:00
Rikard Falkeborn b1c6f2946a
Fix redundant FP assignment with unsigned zero (#2521)
* Refactor isNullOperand out of FwdAnalysis

* Improve isNullOperand

* Fix redundantAssignment FP with unsigned zero

* isNullValue check number

* Enhance isNullOperand to handle c++ casts

Also handle cast of NULL.
2020-02-09 11:16:08 +01:00
Sebastian c990d10ffa
Check for JSON error when parsing addon .json files + fixes (#2374)
* cppcheck.cpp: Check for JSON error when parsing addon .json files

This fixes that errors in JSON files given via `--addon=*.json` are
silently ignored and maybe only a part of the JSON file is used.
Now the error message which picojson can return is checked and a
corresponding error message is returned again by getAddonInfo().

* naming.json: Fix missing comma

* CLI: Fix naming violations detected by addon naming.py via naming.json

* Addon naming: Add argument for validating names of constants

* LIB: Rename functions/variables so they are valid, loosen naming rules

* GUI: Fix naming violations
2019-11-20 15:37:09 +01:00
Daniel Marjamäki c57d3e069a Replace 'unsigned' with 'nonneg' in checkfunctions 2019-07-16 08:49:02 +02:00
Daniel Marjamäki 84cc09d17c Update Copyright 2019-06-29 07:49:14 +02:00
Paul Fultz II e856920488 Fix false positive with ignoredReturnValue with std::move (#1809) 2019-04-26 12:22:31 +02:00
rikardfalkeborn 402d0c565f Fix false positive: Invalid string argument with array (#1439) 2018-10-19 07:48:47 +02:00
rikardfalkeborn f1074ea1ab Fix false positive: Invalid string argument with pointer to pointer (#1427)
If the address is taken inside an array, the address is not of a single
character, so do not warn about this.
2018-10-16 06:54:25 +02:00
rikardfalkeborn 613dc19b68 #4241: Check for address of single character passed as string (#1381)
* #4241: Check for address of single character passed as string

Add a check that address of a single character is not passed as argument
to argument marked as strings (using strz). The check does not warn if
the address of a character with known value '\0'.

Since ValueFlow currently does not handle global constants (see #7597),
do not warn if the variable is global to avoid FPs when the address of
a global variable assigned to '\0' is passed to a function expecting a
string.

Remove comment in docs saying strz is unused.

* Change asdf to Hello world

* Add test of address to first element in string

* Add error reporting function to getErrorMessages

* Fix strings in test
2018-10-14 18:49:34 +02:00
Daniel Marjamäki bcdd58de0b astyle formatting
[ci skip]
2018-08-05 10:48:28 +02:00
rikardfalkeborn 710d7ce015 Add checks of log2 and log1p range (#1324)
* Add tests for log10{,f,l} valid arguments

* Add log2{,f,l} to checkfunctions

* Add log1p{,f,l} to checkfunctions

* checkfunctions: Simplify check for log function limit out of range

The conditions for negative and non-negative int and float were
identical so the call to isNegative can be removed and the if-statements
be simplified.
2018-08-03 12:14:39 +02:00
rikardfalkeborn 30a8d953e3 Move sqrt{,f,l} argument checks to cfg file (#1313) 2018-07-20 20:56:39 +02:00
Daniel Marjamäki 7c4820e047 Rename Library::isargvalid() 2018-07-15 23:05:48 +02:00
rikardfalkeborn 491ee577c6 Support floats in valid config (#1297)
* Add tests for invalid ranges

* Refactor loadLibErrors

This reduces the amount of code slightly and will simplify adding
more tests.

* Handle empty valid field

Before this change, the sequence <valid></valid> in a config file would
result in a segmentation fault. Now an empty field results in the error
message:

cppcheck: Failed to load library configuration file 'mycfg.cfg'. Bad attribute value '""'

* Add support for valid for floating point arguments

Previously, it was not possible to add valid ranges to floating point
arguments since it only handled integers. This made ranges not work well
for floating point arguments since arguments were cast to integers
before the ranges were handled.

Fix this by using doubles instead of integers if the argument is a float.
Add some tests for this and make sure errors are printed with enough
precision (somewhat arbitrarily chosen).

Note that it is still only possible to add integer ranges (i.e. -1:1).

* Add support for floats in configuration valid range

Now that it is possible to handle decimal arguments, there is no reason
to not allow non-integer ranges. Take care to not allow broken
configurations.

* Move check to within if-clause

* Move asin{,f,l} and acos{,f,l} input checks to config file
2018-07-15 22:47:56 +02:00
Daniel Marjamäki 79ffe1d4fc Rename _tokenizer, _settings, _errorLogger 2018-06-16 16:10:28 +02:00
Daniel Marjamäki 45379a3aa6 Updated copyright year for modified files
[ci skip]
2018-06-10 22:07:21 +02:00
IOBYTE 3982c81394 Add support for C++ attribute nodiscard for functions. (#1269) 2018-05-29 21:43:56 +02:00
Daniel Marjamäki f336c2efe7 Refactoring; Renamed Scope::classStart and Scope::classEnd 2018-04-27 22:36:30 +02:00
Daniel Marjamäki e08683c009 Refactoring: Use range for loops in CheckFunctions 2018-04-23 07:49:38 +02:00
Daniel Marjamäki a0906140a6 Suppressions: New extensible Suppressions xml format that allow more attributes. To start with it also allows symbolName. 2018-04-09 06:43:48 +02:00
jrp2014 b6504c70ca Improve constness 2018-04-04 21:51:31 +02:00
Daniel Marjamäki c4caee6b18 Updated copyright year 2018-01-14 15:37:52 +01:00
Daniel Marjamäki b57dd4359b Fixed #8263 (check-library incorrectly reports missing configuration for case when value is in parentheses) 2017-11-17 22:10:39 +01:00
Dmitry-Me 151ace2581 Use Platform for char limits computation (#972) 2017-10-18 17:30:47 +02:00
Daniel Marjamäki abc3779e61 Tweaked the --check-library output so configured methods will not be shown 2017-10-10 10:18:03 +02:00
Daniel Marjamäki a1053dd7dd --check-library: Report unconfigured scoped functions also 2017-10-06 11:27:01 +02:00
Daniel Marjamäki 13c0b4131b --check-library: improved function name output 2017-10-05 21:50:24 +02:00
Daniel Marjamäki ba8222de1c ValueFlow: Put 'inconclusive' state in the ValueKind. A value can't be both known and inconclusive. 2017-09-20 22:41:36 +02:00
Daniel Marjamäki f86d8244fa Fixed #8022 (DacaWrongData: checkIgnoredReturnValue, hana) 2017-06-10 08:23:26 +02:00
Daniel Marjamäki 3b805e7001 fix testrunner (WRONG_DATA usage) 2017-06-05 18:49:20 +02:00
Daniel Marjamäki 150d2aa902 Refactor and rename CHECK_WRONG_DATA 2017-06-05 18:41:15 +02:00
Daniel Marjamäki 20b27cfd51 avoid some WrongData warnings 2017-06-04 18:27:42 +02:00
Daniel Marjamäki 1439b08fbd Fixed -DDACA2 compiler errors 2017-06-04 14:14:42 +02:00
Ayaz Salikhov 28aa939d69 iwyu - include what you use 2017-05-27 04:33:47 +02:00
Daniel Marjamäki d3d3d31613 Clarify 'invalidFunctionArg' messages 2017-05-23 11:57:25 +02:00
Daniel Marjamäki 9cdda53fb9 CheckFunctions::memsetZeroBytes: Add CHECK_WRONG_DATA to avoid crashes 2017-04-30 18:58:51 +02:00
Daniel Marjamäki 3f069d9e44 Write two FIXME comments, create library configuration to replace hardcoded checks 2017-04-23 15:34:45 +02:00
Daniel Marjamäki 101dc28afa Refactoring: Moved checkMemset.. from CheckOther to CheckFunctions 2017-04-23 07:53:41 +02:00
Daniel Marjamäki f601a6903f Updated comment 2017-04-23 06:44:38 +02:00
Matthias Krüger 2744a9456f fix [lib/checkfunctions.cpp:300]: (warning) Found simple pattern inside Token::Match() call: "new" 2017-04-22 21:53:31 +02:00
Daniel Marjamäki e5b9e2a898 --check-library: less warnings 2017-04-22 21:23:46 +02:00
Daniel Marjamäki f8e9071de1 CheckFunction: In the <valid> check handle possible/conditional/inconclusive values better 2017-04-20 22:14:54 +02:00
Daniel Marjamäki 3fbcc0cd3b Refactor CheckFunctions::invalidFunctionUsage 2017-04-20 19:57:39 +02:00
Daniel Marjamäki e43c078c5e checkfunctions: code cleanup 2017-04-20 17:42:25 +02:00
Daniel Marjamäki d252a64ec8 Cleanup CheckFunctions::checkIgnoredReturnValue 2017-04-12 10:44:08 +02:00
Daniel Marjamäki 41a64f6d1f Fix crash 2017-04-11 20:16:33 +02:00
PKEuS b1f4bd7504 Refactorization: Reimplemented Settings::_enabled as a bitfeld instead of std::set (#7995) 2017-04-11 11:49:26 +02:00
Daniel Marjamäki f5f141ff42 astyle formatting
[ci skip]
2017-04-07 19:19:41 +02:00
Daniel Marjamäki 7d8af7bdca Fixed #7979 (crash (nr 2): CheckFunctions::checkIgnoredReturnValue()) 2017-04-07 13:18:53 +02:00
Daniel Marjamäki de80d41ef4 CheckFunctions::checkIgnoredReturnValue: Dont warn in C++11 initializer lists in function arguments 2017-04-02 19:44:27 +02:00
Daniel Marjamäki 6874f27e73 Added CHECK_WRONG_DATA() that can be used to avoid crashes/hangs in release binaries 2017-03-26 11:23:39 +02:00
Daniel Marjamäki 5d7fa590af Don't check ignored function return value in ({..}). Ticket: #7934 2017-03-08 10:23:38 +01:00
Daniel Marjamäki 5ea9519586 UseRetVal: Fix FN for methods 2017-03-05 22:23:16 +01:00
Daniel Marjamäki ecc59859e1 Don't simplify _Bool in TokenList 2017-03-04 11:13:28 +01:00
Daniel Marjamäki 774a8979a3 Fixed #7095 (False positive: (warning) Return value of function to_string() is not used.) 2017-02-12 16:50:45 +01:00
Daniel Marjamäki 7c800d6ed7 Fixed #7447 (FP: ignoredReturnValue on C++11 uniform initialization) 2017-02-12 16:33:28 +01:00
amai2012 0bec604627 Repair CWE mapping for calling obsolete functions 2016-08-04 13:55:38 +02:00
PKEuS dde6f5eaea Do not warn about alloca() in C89 mode (#7558) 2016-06-20 09:30:41 +02:00
Roberto Martelloni dce7128f30 CWE mapping of duplicateExpression, duplicateBreak (CWE561), unreachableCode, unsignedLessThanZero, unsignedPositive, pointerLessThanZero, pointerPositive, varFuncNullUB, nanInArithmeticExpression, commaSeparatedReturn, (#797)
ignoredReturnValue
2016-05-22 13:17:38 +02:00
Roberto Martelloni afa8ad0ebe CWE mapping of selfAssignment, wrongmathcall, unpreciseMathCall, memsetZeroBytes, memsetFloat, memsetValueOutOfRange, clarifyCalculation, clarifyStatement 2016-05-14 10:13:33 +01:00
amai2012 f5e8a72dc2 #7438 Incorrect alloca() avoidance suggestion 2016-04-08 11:21:53 +02:00
Daniel Marjamäki 5e10e680da CWE: refactoring. use constants instead of magic numbers. 2016-01-25 20:01:48 +01:00
Roberto Martelloni 5ce69da02d Mapped 26 errors to their CWEs ID. 2016-01-24 20:53:05 +00:00
Lauri Nurmi 996c9244d8 Update copyright year to 2007-2016. 2016-01-01 15:34:45 +02:00
Daniel Marjamäki 34449ae857 Use simpleMatch instead of Match for simple pattern, hope this makes Travis happy 2015-12-26 02:21:52 +01:00
Daniel Marjamäki cea40168e0 Code fix. Used wrong variable in condition, leading to segfaults. 2015-12-26 01:52:43 +01:00
Daniel Marjamäki 293bd2eead Fixed #6990 (false negative: Invalid abs() argument nr 1. A non-boolean value is required.) 2015-12-26 01:38:41 +01:00
PKEuS 940d569980 Refactorization: Removed redundant %any% patterns. 2015-12-24 14:40:48 +01:00
Dmitry-Me 7303790a73 Pre-check to reduce number of match checks 2015-12-24 13:07:47 +03:00
Matthias Krüger 87ce88d6ab CheckFunctions::checkProhibitedFunctions(): don't warn about alloca when --enable=warning is not given. 2015-11-25 22:05:51 +01:00
Benjamin Bannier e84fe33ad0 Include cmath for std::fabs 2015-11-25 10:16:41 +01:00
Alexander Mai b7030fcfa1 Fix compiler error (VS2010) and warning 2015-11-22 16:56:44 +01:00
PKEuS f516de8633 Moved a few checks from CheckOther to CheckFunctions 2015-11-22 13:49:10 +01:00
Matthias Krüger a610ef9ce8 fix internal warning:
[lib/checkfunctions.cpp:44]: (warning) Found simple pattern inside Token::Match() call: "alloca ("
2015-11-22 11:00:36 +01:00
PKEuS 57d1196386 Replaced CheckNonReentrantFunctions and CheckObsoleteFunctions by generic CheckFunctions which is based on Library (#6529) 2015-11-22 09:18:07 +01:00