* Avoid some additional memleakOnRealloc false positives
checkReallocUsage() already contains code to suppress the
`p = realloc(p, size)` error message when the pointer has been
previously copied from another variable (hence there is an additional
copy of the original pointer value) within the same function, as in
the added realloc21() test case.
Extend this so that `p = *pp` and `p = ptr->foo` are also recognized
as copies from another variable with the same original pointer value,
as in the added realloc22() and realloc23() test cases.
* Rewrite as a single findmatch() expression
* y2038 addon: Fix that check can never return True, add tests
At the beginning of `check_y2038_safe()` the variable `y2038safe` should
be initialized with `True` and only be set to `False` if there are any
issues. Otherwise it could never become `True`.
In the unit tests the return value of `check_y2038_safe()` is now
verified. But it does not yet work for the "good" example. The "good"
example also returns `False` since it finds warnings in the include
file. So this verification is marked with a "FIXME" comment.
* y2038 tests: Add "good" test file that does not use time functionality
The test file y2038-test-5-good-no-time-used.c does not use any time
functionality so the y2038 addon is not allowed to issue any warnings
and the check must return with `True` (code is safe).
Fixed usage of hasSideEffectsRecursive which was causes crashes
of rules 12.4 and 13.1.
Add more tests for these rules.
See trac ticket: https://trac.cppcheck.net/ticket/9487
This adds an entry to the "Analysis Log" and prints a message via
`qWarning()` when the execution of an addon fails because either the
process failed to finish normally (for example if python binary is not
found) or because the script has issues (for example because of an
unhandled exception).
The Korean language file was missing the "language" attribute, so it was
no longer updated before.
The Russian language file had the attribute "sourcelanguage" set to
"ru_RU" which does not make sense and led to some wrong/strange entries.
The France and Korean translation files were missing the "location"
entries, so the GUI-preview with the translated text was not shown and
there were no references to the source-code.
All these errors are fixed.
For the German file I translated the new hint about addons requiring
Python being installed.
This adds a regression test to make sure that directly dereferencing a
returned NULL pointer issues a warning.
This has been asked on Stack Overflow:
https://stackoverflow.com/q/58981369
Cppcheck 1.89 does not warn for such a code, but 1.90 dev does. So it
is a good idea to make sure it is detected in the future too I guess.
Add some more tests for rule 10.1. They are given as examples in the
MISRA document. The 10.1 test that causes a false positive for 10.6 can be
found under the 10.6 tests.
Track ticket for false positive:
https://trac.cppcheck.net/ticket/9488
Trac ticket for the false negative:
https://trac.cppcheck.net/ticket/9489
* cert.py: Add ENV33-C-EX1 exception
ENV33-C-EX1: It is permissible to call system() with a null pointer
argument to determine the presence of a command processor for the
system. [1]
[1]: https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152177
* Handle different null-pointer constants
Format-string arguments are now marked to have `in` direction, except
for `scan`-functions (like `scanf`) where these arguments are explicitly
marked to have `out` direction.
Yesterday, I observed that some client with a wrong jobs setting
(only "-j") requested one package after another and always uploaded
results where it only said that the argument "-j" is invalid for
Cppcheck.
This check should avoid such cases where results are overwritten with
useless data and the server is kept busy for nothing.
fu7mu4
amai2012
Dmitry-Me
versat
John Marshall
Dmitry-Me
Paul Fultz II
Georgy Komarov
Adrien Chardon
IOBYTE
Daniel Marjamäki
Bo Rydberg