Commit Graph

470 Commits

Author SHA1 Message Date
Daniel Marjamäki c4dd8536c1 Fixed make checkcfg 2020-09-30 12:36:31 +02:00
Paul Fultz II 32df807b22
Fix issue 9783: wrong lifetime analysis temporary assigned to object (#2711) 2020-09-02 07:13:15 +02:00
Paul fec2914700 Add tests for container changes 2020-08-09 22:52:03 -05:00
Paul 26693df788 Use forward analyzer for container forward 2020-08-08 00:10:03 -05:00
orbitcowboy cabafca5ae windows.cfg: Added some constants from WinUser.h 2020-07-01 16:14:59 +02:00
Daniel Marjamäki c3749625f3
Merge pull request #2688 from jpyllman/fix_chklibfunc
not report locally declared functions as missing configuration of --check-library
2020-06-27 06:53:09 +02:00
orbitcowboy b33326bf51 windows.cfg: Added a regression test for GetSystemInfo that ensure no uninitvar-FP is shown. 2020-06-26 20:45:18 +02:00
Jens Yllman a87686911a one more test updated for the new checkLibraryFunction 2020-06-23 09:06:54 +02:00
Jens Yllman aa380e0de1 fix a test that was suppressed because #9002 2020-06-19 23:04:15 +02:00
Ken-Patrick Lehrmann c297ed8204 Better handle noreturn or throwing functions in valueflow
Teaching cppcheck about `BOOST_THROW_EXCEPTION` and
`boost::throw_exception`, and using noreturn information from libraries
in value flow.

This fixes false positive nullPointerRedundantCheck with the following
code:
```
void throwexception(int * buf)
{
    if (!buf)
        boost::throw_exception(std::bad_alloc());
    *buf = 0;
}
```
2020-06-17 19:06:14 +02:00
orbitcowboy a3d58a9302 std.cfg: Allow scientific floating point notation for '<valid>'-tags 2020-06-12 08:51:33 +02:00
orbitcowboy e767bb8ff3 std.cfg: Added tests for 'atanh' 2020-06-11 15:13:19 +02:00
orbitcowboy 0fe0e56986 std.cfg: Added tests for 'acosh' 2020-06-11 15:07:35 +02:00
orbitcowboy 4880f30dc3 std.cfg: Added tests for 'aligned_alloc' 2020-06-10 19:33:22 +02:00
Sebastian 5cbed0464c
opencv2.cfg: Add types, macros, functions and memory (de)allocation (#2620)
* opencv2.cfg: Add types, macros, functions and memory (de)allocation

* cfg/cppcheck-cfg.rng: Allow alloc/realloc functions in classes
2020-05-30 17:41:44 +02:00
orbitcowboy 5142c9e9ed wxwidgets.cfg: Fixed containerOutOfBounds-false negatives for wxArrayInt and wxArrayString. These containers have std::vector like implementation 2020-05-23 09:24:01 +02:00
orbitcowboy 184977730c wxwidgets.cfg: Fixed false positive because Cppcheck cfg is not able to handle overloaded functions 2020-05-01 20:12:42 +02:00
Sebastian f0e3f9e79a
gtk.cfg: Fix/enhance Gtk library configuration (g_abort and others) (#2558)
test/CMakeLists.txt: Fix missing INCONCLUSIVE for Gtk configuration test
2020-02-27 13:16:43 +01:00
orbitcowboy a5ca3cb1f0 wxwidgets.cfg: Fixed FP for wxSizer::Add() 2020-02-26 16:10:10 +01:00
Sebastian 8fd17546ad
qt.cfg: #9650: Fix missing configuration for QString.chop() (#2556)
chop() and also remove() change the size of a QString, so they have to
be added in the container configuration accordingly to avoid false
positives.
2020-02-26 10:53:03 +01:00
Sebastian fb36889d29
gtk.cfg: Fix syntax errors and false positives (#2552)
A missing definition for g_assert_cmp*() causes syntax errors if code
like g_assert_cmpint(a, ==, b); is encountered.
The function g_hash_table_iter_replace() does not have to be marked
with leak-ignore since the memory could be freed later if corresponding
functions are present in the GHashTable. Since we can not know if this
is the case we have to assume that the memory is freed to avoid false
positives. The same is true for g_hash_table_insert() and
g_hash_table_replace().
2020-02-26 10:33:23 +01:00
orbitcowboy b32a89924c wxwidgets.cfg: Added <not-bool/>-flag at more function args. 2020-02-25 21:48:15 +01:00
orbitcowboy e9937e3acb wxwidgets.cfg: Fixed recently introduced FP. 2020-02-25 20:23:20 +01:00
orbitcowboy 84d2c86d74 posix.cfg: Added more <not-bool/>-flags. 2020-02-22 14:49:36 +01:00
orbitcowboy e1eb7e04b5 std.cfg: Added <not-bool/>-flags for some functions from <cwctype> 2020-02-22 14:24:14 +01:00
orbitcowboy a62ddc6edd std.cfg: Added <not-bool/>-tag to isblank() function arg. 2020-02-22 09:43:15 +01:00
orbitcowboy be96abc21a std.cfg: Added <not-bool/>-tags to <cctype> function args. 2020-02-22 09:39:21 +01:00
Steven Hoving 26e403893c googletest.cfg; add MATCHER (#2485) 2020-01-12 08:11:58 +01:00
Paul Fultz II 42d44f02a2 Use lifetime analysis for checking mismatching containers (#2456)
* Use lifetimes to check for mismatching containers

* Fix error messages

* Format

* Remove unused variables

* Fix configuration and track iterators through algorithms

* Fix iterator value types in qt config

* Fix library issue with QStringList

* Remove unused functions

* Fix cppcheck errors
2019-12-25 09:32:50 +01:00
orbitcowboy 2ca866f781 wxwidget.cfg: Added support for more interfaces. 2019-12-22 11:11:59 +01:00
Sebastian de4d44ae2f
opencv2.cfg: Add initial OpenCV 2.x API Library Configuration (#2439) 2019-12-10 19:34:30 +01:00
Dmitry-Me 8af2ee968e Fix incorrect usage of "unlikely" hint 2019-11-27 18:08:10 +03:00
Dmitry-Me 45e617f50b Fix -Wint-conversion warning 2019-11-27 18:08:10 +03:00
Dmitry-Me 8f72a714d1 Fix -Wint-conversion warning 2019-11-26 18:03:47 +03:00
Armin Müller 130ebe4b85 Typos found by running "codespell" (#2380) 2019-11-19 20:02:24 +01:00
orbitcowboy 2ff18b76ec test std.cfg: Improved tests for strncpy and strrchr . 2019-11-18 13:53:42 +01:00
orbitcowboy d5d2915873 test std.cfg: Improved tests for strncmp and strncat. 2019-11-18 13:43:49 +01:00
orbitcowboy dbbb7f544a test std.cfg: Improved strlen() tests. 2019-11-14 16:45:27 +01:00
orbitcowboy ea92695e54 test std.cfg: Improved sscanf() tests. 2019-11-14 16:38:30 +01:00
orbitcowboy ade54bef3f test std.cfg: Added better tests. 2019-11-14 10:48:23 +01:00
orbitcowboy dd30f37642 std.cfg: Merged 'wcscmp' and 'strcmp' configurations and added better tests. 2019-11-14 08:43:31 +01:00
orbitcowboy 20e2c513b6 test std.cfg: Added better test cases for toupper() and tolower(). 2019-11-14 08:31:00 +01:00
orbitcowboy 09eaa412b1 std.cfg: Improved cfg for 'mbstowcs' 2019-11-13 16:55:17 +01:00
orbitcowboy aa5c42ffc5 test std.cfg: Addressed comments from 177eed122a (comments) 2019-11-13 15:07:57 +01:00
orbitcowboy 177eed122a std.cfg: Added 'indirect' flag for destination argument of 'mbstrtowc' function. 2019-11-13 14:34:02 +01:00
orbitcowboy 02adb60f08 test std.cfg: Added a regression test for std::vsprintf(). The first argument is allowed to be a null pointer. 2019-11-11 09:29:16 +01:00
orbitcowboy c358688c68 Formatted code. There are no functional changes. [ci skip] 2019-11-07 11:29:37 +01:00
KenPatrickLehrmann 1114dc0536 Enhance handling of assertion from googletest (#2331)
* Enhance handling of assertion from googletest

* Update googletest, and add it to cmake build

* Enhance ASSERT_STR* in googletest.cfg
2019-11-06 21:38:01 +01:00
orbitcowboy f59a2b491d #9455: Added a test case. 2019-11-05 14:00:50 +01:00
Sebastian 8b2903d5ce openssl.cfg: Add OpenSSL library configuration with tests (#2248)
* openssl.cfg: Add OpenSSL library configuration with tests

Reference: https://www.openssl.org/docs/man1.1.1/man3/

* openssl.cfg: Add some configurations for EVP functions

Add alloc/dealloc configuration for EVP_CIPHER_CTX_new and
EVP_CIPHER_CTX_free.
Add configuration for encryption functions that are used in example code
which is added to the tests.
2019-10-31 09:21:08 +01:00
Sebastian 02c0240dcd
Fix #9322: bsd.cfg, gnu.cfg: Fix FP for mmap when argument "fd" is -1 (#2306)
In contrast to POSIX, GNU and BSD allow or even require the argument
"fd" to be set to -1 if MAP_ANONYMOUS or MAP_ANON is specified.
2019-10-30 09:39:50 +01:00
Sebastian 8fb794e731
libsigc++.cfg: Add configuration for library libsigc++ (#2291)
* libsigc++.cfg: Add configuration for library libsigc++

Reference: https://libsigcplusplus.github.io/libsigcplusplus/

* Make code compatible with libsigc++-2.0 instead of 3.0

Since Version 3.0 C++14 is required which is not (fully) supported in
some older GCC versions.
2019-10-26 17:37:14 +02:00
orbitcowboy 24d6794ba6 windows.cfg: Added support for more interfaces. 2019-10-21 10:09:20 +02:00
versat 6cf0aed737 test/cfg/runtests.sh: Remove verbose output (meant for debugging) 2019-10-21 08:53:21 +02:00
versat 094caf31ac std.cfg: Remove redundant configurations for vector::(push|pop)_back()
Add tests in std.cpp to verify that a configuration for the functions
exists.
2019-10-18 12:40:10 +02:00
Sebastian 8eea046e5b
std.cfg: Add support for std::fill_n() (#2273)
Reference: https://en.cppreference.com/w/cpp/algorithm/fill_n
2019-10-18 12:24:57 +02:00
Sebastian 478625c802
kde.cfg: Add KDE configuration and tests (#2278)
Reference: https://kde.org
2019-10-17 21:29:32 +02:00
orbitcowboy 7c48874793 #9347: Added a robustness test for scanf 2019-10-17 17:50:26 +02:00
Sebastian e3fe559f0d
windows.cfg: Add support for `__alignof()` (#2271)
Reference:
https://docs.microsoft.com/en-us/cpp/cpp/alignof-operator?view=vs-2019
2019-10-15 16:02:28 +02:00
Sebastian 60de5e12dd gnu.cfg: Add configuration for __alignof__() (#2268)
Reference: https://gcc.gnu.org/onlinedocs/gcc-6.2.0/gcc/Alignment.html
2019-10-14 20:59:38 +02:00
Sebastian 0527b80174
gnu.cfg: Add support for __glibc_likely() and __glibc_unlikely() (#2267)
Reference:
https://sourceware.org/glibc/wiki/Style_and_Conventions#Branch_Prediction
2019-10-14 12:16:28 +02:00
Sebastian e24008544e
test/cfg/std.c: Add nullPointer tests for vsnprintf() (#2262)
Related tickets:
https://trac.cppcheck.net/ticket/9408
https://trac.cppcheck.net/ticket/9410
2019-10-11 20:00:10 +02:00
versat 77c711d129 gnu.cfg: Add configuration and test for __builtin_assume_aligned() 2019-10-10 10:23:21 +02:00
Sebastian 4d305d5c54
googletest.cfg: Fix #9397 (syntaxError when macro is unknown) (#2255)
Also add test in googletest.cpp
2019-10-09 19:53:58 +02:00
versat 93e9e12aa1 gtk.cfg: Add some missing g_str*() functions found by daca@home 2019-10-08 10:01:38 +02:00
Daniel Marjamäki a09fe763d9 Try to make Travis happy 2019-09-28 20:43:55 +02:00
Sebastian 0fadae78d3 boost.cfg: Add configuration and tests for boost::bind() (#2206) 2019-09-25 12:49:05 +02:00
Sebastian 5615da4547
std.cfg: Add configuration and tests for std::bind() (#2207)
TODO:
Somehow Cppcheck fails to print an ignoredReturnValue message when the
return value is not used (see ticket 
https://trac.cppcheck.net/ticket/9369 )
2019-09-24 12:16:13 +02:00
versat 7277fe5a2b gnu.cfg: Add support for macro __extension__
The macro does nothing except preventing from warnings when compiling
with "pedantic" or other options.
2019-09-19 12:27:21 +02:00
Sebastian 8207fb7b14
cairo.cfg: Add library configuration/tests/... for cairo library (#2176)
Reference: https://www.cairographics.org/
2019-09-19 08:48:04 +02:00
versat 076c604de8 python.cfg: Improve Python C API configuration
Add configurations for types, macros, alloc/dealloc and functions.
2019-09-18 15:09:13 +02:00
versat d08539fe17 windows.cfg: Fix PostMessage() configuration
First argument is optional (allowed to be NULL). See also the annotation
"_In_opt_".
Reference:
https://docs.microsoft.com/en-us/windows/win32/api/winuser/nf-winuser-postmessagea
2019-09-18 09:22:57 +02:00
Sebastian 5bf6bd1f5e
windows.cfg: Enhance/fix Windows configuration (#2177)
Add/fix some missing/incorrect function configurations found by
analyzing TortoiseGit project.
Add some macros.
2019-09-18 08:41:37 +02:00
Sebastian fbbaea3cd9
qt.cfg: Add some missing macro definitions (#2175)
Found by daca@home
2019-09-16 15:58:35 +02:00
Paul Fultz II ba037837c9 Track lifetime across multiple returns
This will now warn when doing something like this:

```cpp
template <class T, class K, class V>
const V& get_default(const T& t, const K& k, const V& v) {
    auto it = t.find(k);
    if (it == t.end()) return v;
    return it->second;
}
const int& bar(const std::unordered_map<int, int>& m, int k) {
    auto x = 0;
    return get_default(m, k, x);
}
```

The lifetime warning is considered inconclusive in this case.

I also updated valueflow to no tinject inconclusive values unless `--inconclusive` flag is passed. This creates some false negatives because library functions are not configured to not modify their input parameters, and there are some checks that do not check if the value is inconclusive or not.
2019-09-11 19:25:09 +02:00
orbitcowboy da29a1f56b gnu/bsd.cfg: Cleanup redundant configuration for timercmp() and add more tests. 2019-09-10 11:51:47 +02:00
versat 7737a448cf Fix #9345 FP wrongPrintfScanfArgNum for vasprintf
Configuration "<formatstr/>" for function is wrong, for the argument it
is fine.
2019-09-09 15:02:55 +02:00
orbitcowboy aed5e17867 #9323, #9331: Moved configuration and tests to gnu and bsd. 2019-09-08 19:17:15 +02:00
orbitcowboy 12c851d9a8 posix.cfg: Fixed #9323, #9331 by adding timercmp() configuration. 2019-09-07 10:42:09 +02:00
Sebastian 4531b31a4a
Test for issue 9334: FP resourceLeak for dlopen/dlclose with library posix (#2151)
Add test to avoid further FP for valid code.
Tests for true positives are already present.
https://trac.cppcheck.net/ticket/9334
2019-09-06 16:37:51 +02:00
Sebastian 32dad3f44a
posix.cfg: Fix vsyslog() configuration (#2150)
Add tests to make sure no false positives are reported.
Found the issue via daca@home
2019-09-06 10:16:11 +02:00
Daniel Marjamäki 068b0ef648 Make Travis happy 2019-09-04 13:38:19 +02:00
Sebastian a501f65c8c
libcurl.cfg: Add library configuration for libcurl (#2120)
Add curl_easy_*() functions and deprecated functions with warnings.
Add tests and prepare donate-cpu.py
Reference: https://curl.haxx.se/libcurl/c/
2019-08-29 15:11:59 +02:00
Sebastian 8782a5f5e4
lua.cfg: Add Lua C API library configuration with tests (#2119) 2019-08-29 11:38:21 +02:00
orbitcowboy 1994cbbb9c std.cfg: Improved configuration for mbrlen() and extended test cases. 2019-08-27 08:18:19 +02:00
orbitcowboy c8b7b40cd7 wxwidgets.cfg: Improved support for wxString member functions. 2019-08-25 15:54:50 +02:00
Daniel Marjamäki 4bd9d76a4c Try to make Travis happy 2019-08-25 10:24:13 +02:00
Sebastian f25dcd5cda
python.cfg: Add Py_CLEAR(), and add initial test file (#2110) 2019-08-24 10:17:23 +02:00
Sebastian 7f50642090
wxwidgets.cfg: Add container configuration for wxString (#2109) 2019-08-23 19:10:49 +02:00
Sebastian 2c673bd380
qt.cfg: Add container configuration for QStack (inherits from QVector) (#2102) 2019-08-20 20:37:52 +02:00
Sebastian a2a874dbd5
gtk.cfg: Add/enhance function configurations and tests. (#2101)
Add/enhance:
g_once_init_enter(), g_once_init_leave() and g_signal_emit_by_name()
2019-08-20 15:00:30 +02:00
Sebastian 26dfee58f8
qt.cfg: Add QLinkedList container configuration and some tests. (#2099) 2019-08-20 07:09:43 +02:00
Daniel Marjamäki 530a1a1c68 Remove test/cfg/unmatchedSuppressionTest.c: This testing belongs better in test/cli. 2019-08-17 17:18:44 +02:00
Sebastian 544bedc6ee
qt.cfg: Add QByteArray container configuration (similar to QString) (#2088)
Reference: https://doc.qt.io/qt-5/qbytearray.html
2019-08-15 16:14:17 +02:00
Sebastian 81edb23c16
qt.cfg: Fix and enhance Qt container configuration (#2055)
-Add iterator end patterns
-Add/fix size and access functions
-Remove marking QList and QStringList as std-like strings
-QStringList configuration now inherits from QList like it is actually the case
-Add tests
2019-08-15 10:23:05 +02:00
versat 2519a1aed5 gnu.cfg: Add more __builtin_* functions and some tests
Most of them were detected by daca@home
2019-08-02 12:27:46 +02:00
Sebastian 5390588cda
gnu.cfg: Add xfree() (#2051)
It is hard to find good references, one that describes it a bit can
be found here:
https://manpages.ubuntu.com/manpages/bionic/man3/xmalloc.3pub.html

xfree() can be used instead of free().
A check, to verify that a memory leak is found if the memory allocated
via xmalloc() is not freed, has also been added.
2019-08-02 07:41:32 +02:00
Sebastian 549452b7b9
qt.cfg: Add container and function configurations for QVector (#2052)
Reference: https://doc.qt.io/qt-5/qvector.html
2019-07-31 13:58:55 +02:00
Rikard Falkeborn 8cd1d5a47d Use library for memleak checks (#2002)
* Use library for memleak checks

Change memleakOnRealloc and leakReturnValNotUsed to use library
configuration instead of hardcoding "realloc".

In order to do so, some care needs to be taken when matching for a
reallocation function, since it can no longer be assumed that the input
to be allocated is the first argument of the function. This complicates
getReallocationType() and checkReallocUsage() but is necessary in order
to handle for example freopen() properly.

Also, refactor memleakOnRealloc check to reduce duplicated code when
checking "a" and "*a". When doing so, extending the check to look for
arbitrary number of "*" can be done for free (just change an if
statement to a while statement). Most likely, this is an unusual case in
real world code.

* Remove redundant whitespace in Token::Match()

* Run on simplified checks

* Fix cppcheck warning
2019-07-22 10:37:36 +02:00
Rikard Falkeborn e19068504d Configure xrealloc and adjust gnu memory functions (#2003)
Remove <noreturn> tag, since the functions do not return unless there
was no error.
2019-07-16 08:12:21 +02:00