Commit Graph

9409 Commits

Author SHA1 Message Date
Paul Fultz II 997803869d Forward values after assignment in valueFlowReverse (#2226)
* Forward values after assignment in valueFlowReverse

* Rename variables

* Format
2019-10-03 09:58:57 +02:00
Daniel Marjamäki d916379f9f ExprEngine: Better handling of if/else 2019-10-02 21:47:00 +02:00
Daniel Marjamäki 7ab22c7176 ExprEngine: Use smt solver Z3 2019-10-02 17:59:04 +02:00
IOBYTE 4ba00d0694 Fix #9381 (alias in namespace not replaced in method declaration) (#2232) 2019-10-02 08:11:04 +02:00
Daniel Marjamäki 87ece5856a Fix Cppcheck internal warning 2019-10-01 21:37:43 +02:00
Daniel Marjamäki cf965b72b5 SymbolDatabase: look for functions in anonymous namespaces in the findFunction 2019-10-01 19:09:34 +02:00
orbitcowboy f05e21efa8 Formatted the code, there are no functional changes [ci skip]. 2019-10-01 08:39:08 +02:00
Paul Fultz II 166bd2bafc Fix issue 2153: valueFlowAfterCondition: struct member (#2228)
* Fix issue 2153: valueFlowAfterCondition: struct member

* Fix null pointer dereference

* Formatting

* Check for another null pointer

* Initialize variables

* Remove redundant condition

* Format

* Add missing initialization to copy constructor

* Format
2019-09-30 21:04:43 +02:00
Daniel Marjamäki 1ccc303602 ExprEngine: Simplify array value if possible, ensure each array data has a unique name 2019-09-29 21:20:57 +02:00
Daniel Marjamäki eb8908cd3e PodType: Add test 2019-09-29 17:02:14 +02:00
Daniel Marjamäki 40c3e68e07 ExprEngine: Add --debug-verify, fixed handling of global arrays 2019-09-29 15:00:54 +02:00
Daniel Marjamäki 60e1cf8b8d ExprEngine: Fix NULL pointer dereference tests 2019-09-29 08:26:09 +02:00
Daniel Marjamäki a09fe763d9 Try to make Travis happy 2019-09-28 20:43:55 +02:00
Daniel Marjamäki 3f587bef65 ExprEngine: Add some CWE476 (Null pointer dereference) checks 2019-09-28 19:28:12 +02:00
Daniel Marjamäki ec7c774a10 ExprEngine: Adjust the command line in test/verify/juliet.py 2019-09-28 12:10:01 +02:00
Daniel Marjamäki 4540846325 ExprEngine: Added a testscript that uses the juliet testsuite 2019-09-28 12:00:41 +02:00
Daniel Marjamäki 0de3e76b2d ExprEngine: Clarify when analysis is aborted 2019-09-28 10:59:28 +02:00
Daniel Marjamäki 7f64faae99 Virtual Destructors: Base class must have virtual destructor no matter if derived class has a destructor or not. There is UB according to paragraph 3 in [expr.delete]. 2019-09-27 09:55:56 +02:00
Daniel Marjamäki 2e1cbbeb14 ExprEngine: Fix output for StructValue 2019-09-26 19:39:30 +02:00
IOBYTE d0968a1377 Warn about unknown macro causing template syntax error (#2222) 2019-09-26 16:01:01 +02:00
Daniel Marjamäki b55c587ab2 astyle formatting
[ci skip]
2019-09-26 10:32:49 +02:00
Paul Fultz II 597d0fa35b Support expression in valueFlowAfterCondition (#2219)
* Add valueFlowForwardExpression function to forward values of an expression

* Use token for expression

* Fix name in bailout message

* Handle expressions

* Add more tests for more expressions

* Add more tests

* Solve the expression if possible

* Formatting
2019-09-26 10:32:25 +02:00
IOBYTE 4475c4c7e2 template simplifier: fix syntax error (#2218) 2019-09-26 10:31:19 +02:00
Daniel Marjamäki c5302d20a3 ExprEngine: ConditionalValues, output symbolic expressions 2019-09-26 10:03:58 +02:00
Rikard Falkeborn 4dbf006dc7 Fix severity of c++14 shifts with too many bits (#2213)
For c++14, shifting a variable with a value larger than or equal to the
number of bits in the variable is undefined. Left-shifting with a value
equal to the number of bits of the variable is implementation defined.

See also trac ticket #9306.
2019-09-25 20:16:04 +02:00
Daniel Marjamäki 9e76630a4b ExprEngine: Restructure handling of arrays to handle dynamic buffers better 2019-09-25 18:33:21 +02:00
Oliver Stöneberg eac040a00b Various clang-tidy fixes (#2192)
* use range loops

* removed redundant string initializations

* use nullptr

* use proper boolean false

* removed unnecessary continue from end of loop

* removed unnecessary c_str() usage

* use emplace_back()

* removed redundant void arguments
2019-09-25 15:25:19 +02:00
Tyson Nottingham ca5f2562fc Fix false negatives in checkIncrementBoolean (#2210)
Detect incrementing boolean expressions involving pointer dereferences,
array element accesses, etc.
2019-09-25 13:07:39 +02:00
Sebastian 0fadae78d3 boost.cfg: Add configuration and tests for boost::bind() (#2206) 2019-09-25 12:49:05 +02:00
IOBYTE 12f93b63a8 template simplifier: fix simplification of "< %num% %comp% %num% >" (#2214)
* template simplifier: fix simplification of "< %num% %comp% %num% >"

* fix test to not fail on 32 bit platforms
2019-09-25 12:06:29 +02:00
Daniel Marjamäki 0011fb5a36 ExprEngine: Temporary hardcoding for calloc 2019-09-24 22:22:16 +02:00
Daniel Marjamäki 0471e74489 ExprEngine: Handle char literals 2019-09-24 20:11:07 +02:00
Daniel Marjamäki 1769af4a6c ExprEngine: Passing variable address to function 2019-09-24 19:53:33 +02:00
Sebastian 5615da4547
std.cfg: Add configuration and tests for std::bind() (#2207)
TODO:
Somehow Cppcheck fails to print an ignoredReturnValue message when the
return value is not used (see ticket 
https://trac.cppcheck.net/ticket/9369 )
2019-09-24 12:16:13 +02:00
Paul Fultz II 0df4876059 Fix issue 9367: FP knownConditionTrueFalse (#2209) 2019-09-24 08:15:03 +02:00
Daniel Marjamäki c1ff3419a6 ExprEngine: Value truncation 2019-09-23 20:28:12 +02:00
Daniel Marjamäki 9025b47f82 ExprEngine: some handling of NULL pointer 2019-09-23 18:10:06 +02:00
Paul Fultz II a903aa7070 Fix issue 9351: false negative: (style) Condition '...' is always true (#2201) 2019-09-23 08:49:04 +02:00
Rikard Falkeborn bb5ac32872 Fix #7031 (improve error message for memory related warnings) (#2204)
Printout both the locations on double free errors, mismatching
alloc/dealloc and dealloc return error.
2019-09-22 21:50:02 +02:00
Daniel Marjamäki 28d13e7567 ExprEngine: Implement basic float handling 2019-09-22 21:14:36 +02:00
Rikard Falkeborn df800e35d4 Fix memleak FP with return with parenthesis (#2202)
* Fix memleak FP with return  with parenthesis

Fix FPs pointed out by daca@home on the following form:

    void* f(void) {
        void* x = malloc(1);
        return(x);
    }

Fix it by only skipping tokens if there is an actual match with a
variable. This allows to remove the special casing of "return;".

* Add testcase with cast
2019-09-22 19:18:31 +02:00
Daniel Marjamäki 6e17853ea9 ExprEngine: Guess function call return value 2019-09-22 16:40:48 +02:00
Daniel Marjamäki 5c07cfd2e8 ExprEngine: Better handling of pointer aliasing 2019-09-22 15:58:55 +02:00
Daniel Marjamäki ec4b7c1f4b ExprEngine: Better handling of pointers 2019-09-22 10:56:57 +02:00
Daniel Marjamäki 7d6fd915be ExprEngine: Better handling of compound assignments 2019-09-21 21:15:51 +02:00
Paul Fultz II c1961cec1c Fix issue 9362: FP: (style) Condition '(v&1)==0' is always false (#2200) 2019-09-21 19:53:54 +02:00
Daniel Marjamäki da91c139d5 ExprEngine: Passing array to function, array data might be overwritten 2019-09-21 19:34:06 +02:00
Rikard Falkeborn 46ac0d79c1 Checkmemleakautovar: fix crash and FP (#2196)
This fixes crashes found by daca where valueType() is NULL. Also,
somewhat related, it removes warnings when casting to a type that is
unknown to cppcheck, for example, there is no longer a warning for the
following code:

	void* f() {
		void *x = malloc(1);
		return (mytype)x;
	}
2019-09-21 14:59:54 +02:00
Daniel Marjamäki b2cab003ff ExprEngine: Fix output for arrays 2019-09-21 14:17:16 +02:00
Daniel Marjamäki 3d0d3ec4c5 ExprEngine: handling array initialization with string literal 2019-09-21 11:36:34 +02:00