Commit Graph

11289 Commits

Author SHA1 Message Date
Daniel Marjamäki 7ab22c7176 ExprEngine: Use smt solver Z3 2019-10-02 17:59:04 +02:00
IOBYTE 4ba00d0694 Fix #9381 (alias in namespace not replaced in method declaration) (#2232) 2019-10-02 08:11:04 +02:00
Daniel Marjamäki cf965b72b5 SymbolDatabase: look for functions in anonymous namespaces in the findFunction 2019-10-01 19:09:34 +02:00
Daniel Marjamäki 07b337c580 Removed extra zero division heuristics, they seem redundant as ValueType is used 2019-10-01 17:33:58 +02:00
orbitcowboy f05e21efa8 Formatted the code, there are no functional changes [ci skip]. 2019-10-01 08:39:08 +02:00
Paul Fultz II 166bd2bafc Fix issue 2153: valueFlowAfterCondition: struct member (#2228)
* Fix issue 2153: valueFlowAfterCondition: struct member

* Fix null pointer dereference

* Formatting

* Check for another null pointer

* Initialize variables

* Remove redundant condition

* Format

* Add missing initialization to copy constructor

* Format
2019-09-30 21:04:43 +02:00
Armin Müller b4af8bdc2e Typos found by running "codespell" (#2227) 2019-09-29 21:23:19 +02:00
Daniel Marjamäki 1ccc303602 ExprEngine: Simplify array value if possible, ensure each array data has a unique name 2019-09-29 21:20:57 +02:00
Daniel Marjamäki 03ff32993e Fixed Cppcheck warning 2019-09-29 17:32:26 +02:00
Daniel Marjamäki 1979b64170 ExprEngine: Bailout when for|while|switch is seen 2019-09-29 17:28:12 +02:00
Daniel Marjamäki 69a54b0ee9 Library: added 'stdtype' attribute in <podtype> element so we can configure standard types better 2019-09-29 16:48:25 +02:00
Daniel Marjamäki 40c3e68e07 ExprEngine: Add --debug-verify, fixed handling of global arrays 2019-09-29 15:00:54 +02:00
Daniel Marjamäki 60e1cf8b8d ExprEngine: Fix NULL pointer dereference tests 2019-09-29 08:26:09 +02:00
Daniel Marjamäki 2dc477571c Fix gcc compiler warnings 2019-09-28 20:50:56 +02:00
Oliver Stöneberg 1fa4df419a avoid some unnecessary copies in emplace_back() calls (#2194) 2019-09-28 20:22:46 +02:00
Daniel Marjamäki 3f587bef65 ExprEngine: Add some CWE476 (Null pointer dereference) checks 2019-09-28 19:28:12 +02:00
Daniel Marjamäki 1acd78a038 ExprEngine: Translate uninitialized values to value ranges 2019-09-28 16:16:36 +02:00
Daniel Marjamäki 2e5d663ae9 ExprEngine: Handle void* -> int* casts better 2019-09-28 15:40:00 +02:00
Daniel Marjamäki 4138bf7fb3 SymbolDatabase: Better handling when return type of function is PodType 2019-09-28 14:57:41 +02:00
Daniel Marjamäki f6c0550c41 ExprEngine: Do not bailout if function type is not known if the result is not used anyway 2019-09-28 11:55:06 +02:00
Daniel Marjamäki b2239f04ba ExprEngine: Improve 'division by zero' warning 2019-09-28 11:03:20 +02:00
Daniel Marjamäki 0de3e76b2d ExprEngine: Clarify when analysis is aborted 2019-09-28 10:59:28 +02:00
Daniel Marjamäki a3cad7fa51 Fix Coverity warning CID 1405837; negative bit shift 2019-09-28 06:34:51 +02:00
SimonCornell1 6453a85363 Fix the following compilation error on VC142 : (#2224)
Error C2039 'inserter': is not a member of 'std' cppcheck C:\Users\simon\__Si\git_projects\cppcheck\lib\astutils.cpp 1229
2019-09-28 06:24:32 +02:00
Daniel Marjamäki 8b8701d078 ExprEngine: Cleanup output when variable declaration and initialization is separated 2019-09-27 21:03:47 +02:00
Daniel Marjamäki 398cfc1f5a ExprEngine: Create array value in struct 2019-09-27 18:58:49 +02:00
Daniel Marjamäki 2b4fe66908 Try to make Travis happy 2019-09-27 16:13:43 +02:00
Daniel Marjamäki f7a8075001 ExprEngine: Disable integerOverflow check 2019-09-27 15:07:56 +02:00
Daniel Marjamäki 7ea8b69235 ExprEngine: Robustness 2019-09-27 14:36:33 +02:00
Daniel Marjamäki 69016e38bc ExprEngine: Add a temporary overflow check 2019-09-27 14:20:17 +02:00
Daniel Marjamäki 8ccbdfe725 ExprEngine: Better output 2019-09-27 13:30:09 +02:00
Daniel Marjamäki 71aa9a531a ExprEngine: Create symbolic expression for string arguments 2019-09-27 13:12:16 +02:00
Daniel Marjamäki 7f64faae99 Virtual Destructors: Base class must have virtual destructor no matter if derived class has a destructor or not. There is UB according to paragraph 3 in [expr.delete]. 2019-09-27 09:55:56 +02:00
Rikard Falkeborn 0111b4afdc Silence unused variable warning (#2223) 2019-09-27 08:19:45 +02:00
Daniel Marjamäki 350363616c Fix Cppcheck naming convention 2019-09-27 08:17:46 +02:00
Daniel Marjamäki dffae8f7d9 Try to make Travis happy 2019-09-26 21:43:29 +02:00
Daniel Marjamäki 371babc322 ExprEngine: Improved handling of structs 2019-09-26 21:35:29 +02:00
Daniel Marjamäki f47aaed21e ExprEngine: Improve output 2019-09-26 21:00:36 +02:00
Daniel Marjamäki f1b42fe05c ExprEngine: Extend output 2019-09-26 20:49:03 +02:00
Daniel Marjamäki 2e1cbbeb14 ExprEngine: Fix output for StructValue 2019-09-26 19:39:30 +02:00
IOBYTE d0968a1377 Warn about unknown macro causing template syntax error (#2222) 2019-09-26 16:01:01 +02:00
Daniel Marjamäki cd816f42eb ExprEngine: fix code for float comparisons 2019-09-26 12:13:14 +02:00
Daniel Marjamäki b55c587ab2 astyle formatting
[ci skip]
2019-09-26 10:32:49 +02:00
Paul Fultz II 597d0fa35b Support expression in valueFlowAfterCondition (#2219)
* Add valueFlowForwardExpression function to forward values of an expression

* Use token for expression

* Fix name in bailout message

* Handle expressions

* Add more tests for more expressions

* Add more tests

* Solve the expression if possible

* Formatting
2019-09-26 10:32:25 +02:00
IOBYTE 4475c4c7e2 template simplifier: fix syntax error (#2218) 2019-09-26 10:31:19 +02:00
Daniel Marjamäki d7d22f51b7 ExprEngine: Minor output cleanup 2019-09-26 10:07:31 +02:00
Daniel Marjamäki c5302d20a3 ExprEngine: ConditionalValues, output symbolic expressions 2019-09-26 10:03:58 +02:00
Rikard Falkeborn 4dbf006dc7 Fix severity of c++14 shifts with too many bits (#2213)
For c++14, shifting a variable with a value larger than or equal to the
number of bits in the variable is undefined. Left-shifting with a value
equal to the number of bits of the variable is implementation defined.

See also trac ticket #9306.
2019-09-25 20:16:04 +02:00
Daniel Marjamäki 9e76630a4b ExprEngine: Restructure handling of arrays to handle dynamic buffers better 2019-09-25 18:33:21 +02:00
Oliver Stöneberg eac040a00b Various clang-tidy fixes (#2192)
* use range loops

* removed redundant string initializations

* use nullptr

* use proper boolean false

* removed unnecessary continue from end of loop

* removed unnecessary c_str() usage

* use emplace_back()

* removed redundant void arguments
2019-09-25 15:25:19 +02:00
Tyson Nottingham ca5f2562fc Fix false negatives in checkIncrementBoolean (#2210)
Detect incrementing boolean expressions involving pointer dereferences,
array element accesses, etc.
2019-09-25 13:07:39 +02:00
IOBYTE 12f93b63a8 template simplifier: fix simplification of "< %num% %comp% %num% >" (#2214)
* template simplifier: fix simplification of "< %num% %comp% %num% >"

* fix test to not fail on 32 bit platforms
2019-09-25 12:06:29 +02:00
Daniel Marjamäki 0011fb5a36 ExprEngine: Temporary hardcoding for calloc 2019-09-24 22:22:16 +02:00
Daniel Marjamäki 7cf8327b31 ExprEngine: Sign extension in truncateValue 2019-09-24 20:31:12 +02:00
Daniel Marjamäki 0471e74489 ExprEngine: Handle char literals 2019-09-24 20:11:07 +02:00
Daniel Marjamäki 1769af4a6c ExprEngine: Passing variable address to function 2019-09-24 19:53:33 +02:00
Daniel Marjamäki ba035074f0 ExprEngine: Extended value truncation 2019-09-24 13:28:14 +02:00
Paul Fultz II 0df4876059 Fix issue 9367: FP knownConditionTrueFalse (#2209) 2019-09-24 08:15:03 +02:00
Daniel Marjamäki c1ff3419a6 ExprEngine: Value truncation 2019-09-23 20:28:12 +02:00
Paul Fultz II 1616282f6b Use fixed number of iterations for valueflow loop (#2205) 2019-09-23 19:35:39 +02:00
Daniel Marjamäki 9025b47f82 ExprEngine: some handling of NULL pointer 2019-09-23 18:10:06 +02:00
Paul Fultz II a903aa7070 Fix issue 9351: false negative: (style) Condition '...' is always true (#2201) 2019-09-23 08:49:04 +02:00
Rikard Falkeborn bb5ac32872 Fix #7031 (improve error message for memory related warnings) (#2204)
Printout both the locations on double free errors, mismatching
alloc/dealloc and dealloc return error.
2019-09-22 21:50:02 +02:00
Daniel Marjamäki 28d13e7567 ExprEngine: Implement basic float handling 2019-09-22 21:14:36 +02:00
Rikard Falkeborn df800e35d4 Fix memleak FP with return with parenthesis (#2202)
* Fix memleak FP with return  with parenthesis

Fix FPs pointed out by daca@home on the following form:

    void* f(void) {
        void* x = malloc(1);
        return(x);
    }

Fix it by only skipping tokens if there is an actual match with a
variable. This allows to remove the special casing of "return;".

* Add testcase with cast
2019-09-22 19:18:31 +02:00
Daniel Marjamäki 6e17853ea9 ExprEngine: Guess function call return value 2019-09-22 16:40:48 +02:00
Daniel Marjamäki 5c07cfd2e8 ExprEngine: Better handling of pointer aliasing 2019-09-22 15:58:55 +02:00
Daniel Marjamäki ec4b7c1f4b ExprEngine: Better handling of pointers 2019-09-22 10:56:57 +02:00
Daniel Marjamäki 7d6fd915be ExprEngine: Better handling of compound assignments 2019-09-21 21:15:51 +02:00
Paul Fultz II c1961cec1c Fix issue 9362: FP: (style) Condition '(v&1)==0' is always false (#2200) 2019-09-21 19:53:54 +02:00
Daniel Marjamäki da91c139d5 ExprEngine: Passing array to function, array data might be overwritten 2019-09-21 19:34:06 +02:00
Rikard Falkeborn 46ac0d79c1 Checkmemleakautovar: fix crash and FP (#2196)
This fixes crashes found by daca where valueType() is NULL. Also,
somewhat related, it removes warnings when casting to a type that is
unknown to cppcheck, for example, there is no longer a warning for the
following code:

	void* f() {
		void *x = malloc(1);
		return (mytype)x;
	}
2019-09-21 14:59:54 +02:00
Daniel Marjamäki b2cab003ff ExprEngine: Fix output for arrays 2019-09-21 14:17:16 +02:00
Daniel Marjamäki 3d0d3ec4c5 ExprEngine: handling array initialization with string literal 2019-09-21 11:36:34 +02:00
Tyson Nottingham d6a70d27c7 Fix false negatives in checkAssignBoolToFloat and minor related improvements (#2198)
* Fix false negatives in checkAssignBoolToFloat

Detect assignments to expressions involving pointer dereferences, array
element accesses, etc.

* Pass assignment token to assignBoolToFloatError

Pass assignment token rather than boolean token to make error reporting
consistent between checkAssignBoolToFloat and checkAssignBoolToPointer,
as well as with other assignment checks in the code base.

* Make checkAssignBoolToPointer check consistent with checkAssignBoolToFloat
2019-09-21 08:24:54 +02:00
Paul Fultz II 40f1635c35 Fix issue 9361: false positive: (style) Condition 'isdigit(c)!=0' is always true (#2199) 2019-09-21 08:19:54 +02:00
Oliver Stöneberg 65d1e90aa3 deleted methods should be public (#2193) 2019-09-20 21:58:09 +02:00
Oliver Stöneberg b5c598cca4 added missing OVERRIDE usage and removed redundant virtual (#2190) 2019-09-20 21:57:16 +02:00
Oliver Stöneberg 9028b4a81d do not access static methods through instance (#2189) 2019-09-20 21:54:30 +02:00
Ken-Patrick Lehrmann 49b7ef84d9 Fix crashes in checkleakautovar (#2195)
Crashes found by daca@home
http://cppcheck1.osuosl.org:8000/crash.html

For instance
```
2019-09-20 16:27
ftp://ftp.se.debian.org/debian/pool/main/n/nedit/nedit_5.7.orig.tar.gz
cppcheck-options: -j1 --library=posix --library=gnu --library=motif -D__GNUC__ --check-library --inconclusive --enable=style,information --platform=unix64 --template=daca2 -rp=temp temp
platform: Linux-4.19.0-6-amd64-x86_64-with-debian-10.1
python: 2.7.16
client-version: 1.1.37
cppcheck: head 1.89
head-info: 38dec6a9a (2019-09-20 16:46:57 +0200)
count: Crash! 934
elapsed-time: -11.0 9.0
head results:
Checking temp/nedit-5.7/source/shell.c: __GNUC__=1...

Program received signal SIGSEGV, Segmentation fault.
0x000055555564b862 in CheckLeakAutoVar::ret (this=0x7fffffffb8c0, tok=0x5555582ea9e0, varInfo=...) at lib/token.h:340
340	        return mImpl->mValueType;
 #0  0x000055555564b862 in CheckLeakAutoVar::ret (this=0x7fffffffb8c0, tok=0x5555582ea9e0, varInfo=...) at lib/token.h:340
 #1  0x0000555555651764 in CheckLeakAutoVar::check (this=0x7fffffffb8c0) at build/checkleakautovar.cpp:714
 #2  0x0000555555652b37 in CheckLeakAutoVar::runChecks (this=<optimized out>, tokenizer=0x7fffffffc3a0, settings=<optimized out>, errorLogger=<optimized out>) at lib/checkleakautovar.h:108
 #3  0x00005555556bc833 in CppCheck::checkNormalTokens (this=0x7fffffffce50, tokenizer=...) at build/cppcheck.cpp:732
 #4  0x00005555556bf694 in CppCheck::checkFile (this=0x7fffffffce50, filename=..., cfgname=..., fileStream=...) at build/cppcheck.cpp:542
 #5  0x00005555556c1cb8 in CppCheck::check (this=this@entry=0x7fffffffce50, path="temp/nedit-5.7/source/shell.c") at /usr/include/c++/8/bits/basic_string.h:936
 #6  0x00005555557fd63f in CppCheckExecutor::check_internal (this=0x7fffffffdbd0, cppcheck=..., argv=<optimized out>) at cli/cppcheckexecutor.cpp:884
 #7  0x00005555557fda92 in CppCheckExecutor::check (this=this@entry=0x7fffffffdbd0, argc=argc@entry=14, argv=argv@entry=0x7fffffffdf58) at cli/cppcheckexecutor.cpp:198
 #8  0x00005555555e6358 in main (argc=14, argv=0x7fffffffdf58) at cli/main.cpp:95

DONE
```
2019-09-20 21:29:17 +02:00
Daniel Marjamäki 6c59957109 ExprEngine: Better handling of conditions 2019-09-20 21:27:51 +02:00
Rikard Falkeborn 007b5d3e8d Fix #9343 (memleak FP when return with cast) (#2162)
This was most likely introduced when the checks were changed to run on
the full tokenlist instead of the simplified one.

Take care to warn about cases where casts destroy the pointer, such as

	uint8_t f() {
		void* x = malloc(1);
		return (uint8_t)x;
	}
2019-09-20 15:09:27 +02:00
Daniel Marjamäki 049f6475ee astyle formatting
[ci skip]
2019-09-20 15:07:27 +02:00
Paul Fultz II ad8abdb0c3 Add impossible values to ValueFlow (#2186)
* Add impossible category

* Replace values

* Try to adjust known values

* Add ! for impossible values

* Add impossible with possible values

* Remove contradictions

* Add values when the branch is not dead

* Only copy possible values

* Dont bail on while loops

* Load std lib in valueflow

* Check for function calls

* Fix stl errors

* Fix incorrect impossible check

* Fix heap-after-use error

* Remove impossible values when they are lowered

* Show the bound and remove overlaps

* Infer conditions

* Dont push pointer values through dynamic_cast

* Add test for dynamic_cast issue

* Add shifttoomanybits test

* Add test for div by zero

* Add a test for issue 9315

* Dont make impossible value inconclusive

* Fix FP with shift operator

* Improve handleKnownValuesInLoop for impossible values

* Fix cppcheck warning

* Fix impossible values for ctu

* Bailout for streams

* Check equality conditions

* Fix overflows

* Add regression test for 9332

* Remove duplicate conditions

* Skip impossible values for invalid value

* Check for null

* Rename bound to range

* Formatting
2019-09-20 15:06:37 +02:00
IOBYTE 8c5cf8c029 Fixed #9046 syntaxError (#2180)
* Fixed #9046 syntaxError

* fix another syntax error

* fix some more syntax errors
2019-09-20 12:35:01 +02:00
Daniel Marjamäki 8fba2af267 Try to make Travis happy 2019-09-20 07:04:58 +02:00
Daniel Marjamäki 6c38b69e11 Rename dataIndex to mDataIndex according to our naming conventions 2019-09-20 06:12:35 +02:00
Oliver Stöneberg de9f489b08 use range loops / constness (#2181)
* use range loops / constness

* platform.cpp: avoid shadowed variable
2019-09-19 20:29:33 +02:00
Daniel Marjamäki 5f0f8afc27 ExprEngine: Print some 'debug' output 2019-09-19 20:18:55 +02:00
Sebastian bf55e835aa
Windows testrunner: Add testexprengine.cpp (#2184)
Add export of executeAllFunctions() in exprengine.h
2019-09-19 19:40:00 +02:00
Daniel Marjamäki 745c91106e Removed unused Data::dump 2019-09-19 09:16:18 +02:00
orbitcowboy b37b0c0f78 Running astyle [ci skip] 2019-09-19 08:03:29 +02:00
amai2012 d97c826319 Compile fix for VisualStudio 2019-09-18 22:07:42 +02:00
amai2012 5355df8b6e Add exprengine.cpp to VisualStudio solution 2019-09-18 21:56:31 +02:00
amai2012 5a6084fbec Map #warning to #pragma message for VisualStudio 2019-09-18 21:50:23 +02:00
Daniel Marjamäki b66d701599 Fix Cppcheck warnings 2019-09-17 22:28:36 +02:00
Daniel Marjamäki 2d651b09fc ExprEngine: Add new experimental path-sensitive data flow analysis. Initially used for 'verification' but could possibly later be used as a complement in the normal analysis. The code is work-in-progress and hacky! 2019-09-17 21:00:59 +02:00
Daniel Marjamäki 033640310b One more fix for #9354 (Unknown macro is not reported and then Cppcheck is silent about issues) 2019-09-15 21:07:20 +02:00
Daniel Marjamäki 742c437953 Fixed #9354 (Unknown macro is not reported and then Cppcheck is silent about issues) 2019-09-13 13:05:48 +02:00
Paul Fultz II 068b0b246c Fix issue 9352: FP constParameter and constVariable for auto& in combination with ternary ?: operator (#2173) 2019-09-13 08:33:30 +02:00
Daniel Marjamäki fc25fe83bd ctu: fixed error locations 2019-09-12 19:20:13 +02:00
Daniel Marjamäki 4e076e1854 Fix travis build 2019-09-12 19:06:57 +02:00
Daniel Marjamäki da363c7d6f Fixed #9349 (FP ctuuninitvar for pointer dereferenced inside sizeof) 2019-09-12 13:29:52 +02:00
Daniel Marjamäki b8e3d3b982 CTU: Add 'column' 2019-09-12 10:46:33 +02:00
Daniel Marjamäki 8855978f8a Import project: Ignoring paths better 2019-09-12 09:32:24 +02:00
IOBYTE 4e222afa2c template simplifier: ignore alias template definitions with syntax errors (#2169)
Is not allowed to define a type in an alias template definition.

This code:

template<int N>
using A1 = struct B1 { static auto constexpr value = N; };
A1<0> a1;

produces this output:

2: } ;
3: struct B1 { static const auto value = 0 a1 ;

test.cpp:2:57: error: Analysis failed. If the code is valid then please
report this failure. [cppcheckError]
using A1 = struct B1 { static auto constexpr value = N; };
                                                        ^

because it tries to instantiate the invalid alias template definition
and generates garbage code.
2019-09-11 19:31:15 +02:00
Paul Fultz II ba037837c9 Track lifetime across multiple returns
This will now warn when doing something like this:

```cpp
template <class T, class K, class V>
const V& get_default(const T& t, const K& k, const V& v) {
    auto it = t.find(k);
    if (it == t.end()) return v;
    return it->second;
}
const int& bar(const std::unordered_map<int, int>& m, int k) {
    auto x = 0;
    return get_default(m, k, x);
}
```

The lifetime warning is considered inconclusive in this case.

I also updated valueflow to no tinject inconclusive values unless `--inconclusive` flag is passed. This creates some false negatives because library functions are not configured to not modify their input parameters, and there are some checks that do not check if the value is inconclusive or not.
2019-09-11 19:25:09 +02:00
warmsocks a56bc006b7 Fixed a typo in lib/checkother.cpp. Corrected spelling errors found by codespell. (#2170) 2019-09-11 19:21:38 +02:00
Daniel Marjamäki bee30b0ca2 astyle formatting
[ci skip]
2019-09-10 19:42:17 +02:00
Paul Fultz II dc0b3527ad Fix issue 9311: False positive duplicateCondition "same if condition" with pointer inside array of struct (#2166)
* Check for typeOf through an array

* Handle array constructors

* Format

* Fix compile error on gcc 4.8
2019-09-10 19:41:35 +02:00
Paul Fultz II 2595b82634 Fix issue 9348: FP uninitvar for pointer passed to memcpy (#2167) 2019-09-10 19:40:08 +02:00
Paul Fultz II ddb1f1b5ce Try to fix issue 9341: daca crash: isContainerSizeChangedByFunction (#2168) 2019-09-10 19:39:44 +02:00
IOBYTE 639c29eb5c Fix #9338 (Regression: Syntax error on valid C++) (#2156)
* Fix #9338 (Regression: Syntax error on valid C++)

* fix cppcheck warning
2019-09-09 21:46:21 +02:00
Paul Fultz II 9753e18ebd Fix issue 9340: AST broken: endless recursion from '{' (#2161) 2019-09-09 21:35:49 +02:00
IOBYTE 59fdbd8435 Fix #9337 (Syntax error on valid C++) (#2152) 2019-09-07 09:09:04 +02:00
Paul Fultz II 27ebff7ae4 Add deeper analysis of when a function changes a containers size (#2149)
* Add deeper analysis of when a function changes a containers size

* Fix issues

* Track addressOf
2019-09-06 21:18:45 +02:00
Paul Fultz II 70cad280ea Fix issue 9319: FP knownConditionTrueFalse related to aggregate initialization of struct (#2147) 2019-09-05 19:36:45 +02:00
Paul Fultz II 9e140831eb Fix issue 9329: FP knownConditionTrueFalse - vector modified by function calls (#2145) 2019-09-05 16:42:26 +02:00
Paul Fultz II e657cf4073 Fix issue 9320: False positive knownConditionTrueFalse related to truncation (#2144) 2019-09-05 15:15:58 +02:00
Daniel Marjamäki a9fda3f488 Clarify redundantVarAssignment warnings 2019-09-04 10:55:41 +02:00
IOBYTE e5220bdf0c make ellipsis ... a single token (#2143)
* make ellipsis ... a single token

Using cppcheck -E to preprocess code with ellipsis produces output that
can't be compiled because ... is split into 3 tokens.

* try to fix addon
2019-09-04 08:07:30 +02:00
Paul Fultz II 1afd56e964 Fix issue 8785: ValueFlow: Track pointer alias
This fixes the issue by making `ProgramMemory` keep track of values based on the conditions.

It also removes the `deadpointer` check since it duplicates the `invalidLifetime` check.
2019-09-03 17:16:15 +02:00
Paul Fultz II 55a78f482b Fix issue 9293: false negative: uninitvar 2019-09-03 06:46:34 +02:00
Paul Fultz II dc201d110d Fix issue 9274: false negative: (error) Buffer is accessed out of bounds (std::string, std::wstring) 2019-09-03 06:43:54 +02:00
Daniel Marjamäki af449779f0 astyle formatting
[ci skip]
2019-09-03 06:43:08 +02:00
Paul Fultz II 88d194214f Fix FP with invalidContainerRef (#2141) 2019-09-03 06:41:35 +02:00
Ken-Patrick Lehrmann 5c172bb55a Fix issue 8897: Huge array initializations (#2135)
* Fix issue 8897: Huge array initializations

iscpp11init would take a lot of time when parsing huge arrays.
This patch add memoization to keeps track that we are parsing an array,
and allows to propagate the result without re-parsing the array for each
of its members.

* Use enum class instead of enum
2019-09-02 20:31:01 +02:00
PKEuS e9f8dddabe Set version to 1.89.99/1.90 dev 2019-09-02 15:44:40 +02:00
Daniel Marjamäki 7d63bdee6f astyle formatting
[ci skip]
2019-09-02 06:59:07 +02:00
Paul Fultz II cb509f1a8b Fix issue 4845: alias to vector element invalid after vector is changed (#2113)
* Try harder to track ref lifetimes

* Dont add lifetimes for references

* Use correct token

* Check for front and back as well

* Improve handling of addresses

* Formatting

* Fix FP
2019-09-02 06:58:09 +02:00
IOBYTE fd403bf7e6 template simplifier: only add recursive instantiation if its arguments are a constant expression (#2138) 2019-09-02 06:51:19 +02:00
Ken-Patrick Lehrmann 005765a561 Clarify valueFlowUninit (#2136)
https://github.com/danmar/cppcheck/pull/2129#issuecomment-526916467
2019-09-02 06:50:56 +02:00
Ken-Patrick Lehrmann 7a75aa084b Fix crash in CheckUninitVar (#2129)
http://cppcheck.osuosl.org:8000/ycmd
```
2019-08-30 23:21
ftp://ftp.se.debian.org/debian/pool/main/y/ycmd/ycmd_0+20181101+git600f54d.orig.tar.gz
cppcheck-options: -j1 --library=posix --library=gnu --library=qt --library=python --library=googletest --library=boost -D__GNUC__ --check-library --inconclusive --enable=style,information --platform=unix64 --template=daca2 -rp=temp temp
platform: Linux-4.15.0-58-generic-x86_64-with-Ubuntu-18.04-bionic
python: 2.7.15+
client-version: 1.1.31
cppcheck: head 1.88
count: Crash! 83
elapsed-time: -11.0 61.2
head results:
Checking temp/ycmd-0+20181101+git600f54d/ycmd/tests/clang/testdata/completion_fixit.cc: __GNUC__=1...

Program received signal SIGSEGV, Segmentation fault.
CheckUninitVar::valueFlowUninit (this=this@entry=0x7fffffffb350) at build/checkuninitvar.cpp:2376
2376	            if (!tok->variable())
 #0  CheckUninitVar::valueFlowUninit (this=this@entry=0x7fffffffb350) at build/checkuninitvar.cpp:2376
 #1  0x00005555556901ac in CheckUninitVar::runChecks (this=<optimized out>, tokenizer=0x7fffffffbcb0, settings=0x7fffffffcd10, errorLogger=<optimized out>) at lib/checkuninitvar.h:68
 #2  0x00005555556a2210 in CppCheck::checkNormalTokens (this=this@entry=0x7fffffffcaf0, tokenizer=...) at build/cppcheck.cpp:730
 #3  0x00005555556a6ee2 in CppCheck::checkFile (this=this@entry=0x7fffffffcaf0, filename="temp/ycmd-0+20181101+git600f54d/ycmd/tests/clang/testdata/completion_fixit.cc", cfgname="", fileStream=...) at build/cppcheck.cpp:540
 #4  0x00005555556aad4c in CppCheck::check (this=this@entry=0x7fffffffcaf0, path="temp/ycmd-0+20181101+git600f54d/ycmd/tests/clang/testdata/completion_fixit.cc") at build/cppcheck.cpp:195
 #5  0x00005555557ef167 in CppCheckExecutor::check_internal (this=this@entry=0x7fffffffd880, cppcheck=..., argv=argv@entry=0x7fffffffdc08) at cli/cppcheckexecutor.cpp:884
 #6  0x00005555557efa9a in CppCheckExecutor::check (this=0x7fffffffd880, argc=17, argv=0x7fffffffdc08) at cli/cppcheckexecutor.cpp:198
 #7  0x00005555555b1d1b in main (argc=17, argv=0x7fffffffdc08) at cli/main.cpp:95
```
2019-09-01 14:51:40 +02:00
PKEuS 9163248e0c Fixed linker errors on Windows 2019-09-01 14:44:03 +02:00
Daniel Marjamäki 4ede39a9b7 1.89: Set version 2019-09-01 12:16:33 +02:00
Daniel Marjamäki c32261c737 Updated copyright year 2019-09-01 11:49:43 +02:00
Ken-Patrick 2c656d6586 Issue 9255: Prevent infinite recursion in parsedecl (#2134) 2019-09-01 11:36:02 +02:00
IOBYTE 3a1aec8850 template simplifier: ignore friend templates (#2122)
* template simplifier: ignore friend templates

friend templates were interpreted as variable templates

* fix cppcheck warning
2019-09-01 09:56:33 +02:00
Ken-Patrick d918f76a0d Remove useless check introduced by 717aa826d8 (#2130)
I was confused by the naming in the forum entry (this/that). This would
be a pointer, there's no point checking for it there.
2019-09-01 09:53:45 +02:00
Ken-Patrick d1c6cb9aa5 Fix issue 9304: boolean type of ternary (#2131)
* Add test cases for 9304

* Fix 9304
2019-09-01 09:51:53 +02:00
Paul Fultz II 121093658d Fix issue 9202: False positive: std::array, size is a constant (#2132) 2019-09-01 09:44:34 +02:00
Ken-Patrick 717aa826d8 Fix false positive in initializationListUsage (#2128)
https://sourceforge.net/p/cppcheck/discussion/general/thread/d5b690ef19/
Check that we warn only about using the initializer list when we assign
the object being constructed.
2019-08-31 12:27:07 +02:00
Paul Fultz II e8435b9ecb Fix issue 9306: Adjust shiftTooManyBitsSigned for C++14 (#2127) 2019-08-31 07:40:57 +02:00
Daniel Marjamäki 1a25d3f9ec astyle formatting
[ci skip]
2019-08-30 18:34:14 +02:00
Paul Fultz II 0b9e823fc8 Fix issue 9305: False positive uninitvar - struct initialized via function (#2123) 2019-08-30 18:32:45 +02:00
Paul Fultz II 2942be53f7 Add more tests for valueFlowUninit (#2124) 2019-08-30 08:41:17 +02:00
Paul Fultz II 03fe6795bf Fix issue 9302: FP uninitvar - struct accessed via pointer (#2121) 2019-08-29 08:38:50 +02:00
IOBYTE 28a95802a2 template simplifier: fix syntax error false positive (an expression can't be a template) (#2115)
https://stackoverflow.com/questions/57590411/cppcheck-syntax-error-with-using-typedef
2019-08-27 06:37:58 +02:00
Daniel Marjamäki a47633c4b9 Added TODO comment 2019-08-26 06:56:29 +02:00
Daniel Marjamäki 4bd9d76a4c Try to make Travis happy 2019-08-25 10:24:13 +02:00
Daniel Marjamäki 82eec11898 Created redundantInitialization id 2019-08-25 09:45:39 +02:00
Daniel Marjamäki 324e5e581b Redundant assignments: Fix false positive when reassignment expression contains assembler 2019-08-24 20:15:52 +02:00
Daniel Marjamäki 0dfda5eb4a Try to make Travis happy 2019-08-24 15:43:31 +02:00
Daniel Marjamäki 996daaee4e STL: Fixed outOfBounds false positive 2019-08-24 15:40:29 +02:00
Daniel Marjamäki 9d26be8380 Fixed #5259 (Improve check: Uninitialized variable not reported when used in array initialization) 2019-08-24 14:43:35 +02:00
Paul Fultz II 5c488b9519 Fix issue 9190: FP uninitvar for struct member (#2112)
* Fix issue 9190: FP uninitvar for struct member

* Add more test cases

* Fix false negative
2019-08-24 11:27:47 +02:00
Daniel Marjamäki 35fb55d76c Fixed #5259 (Improve check: Uninitialized variable not reported when used in array initialization) 2019-08-24 08:01:55 +02:00
Daniel Marjamäki 9cbdc262f6 Fix Cppcheck internal warning 2019-08-23 16:56:28 +02:00
Daniel Marjamäki d3f7fc92f2 Quick fix to make Travis happy 2019-08-23 15:23:49 +02:00
versat 50c6af5e5d astyle formatting
[ci skip]
2019-08-23 10:19:29 +02:00
Daniel Marjamäki 7061cc334b RedundantAssignment: Don't warn for initialization with {0} 2019-08-23 08:51:16 +02:00
Thomas Niederberger d122b1c722 Fix issue with __declspec and final (#2107)
* Add missing Qt macros

Add two Qt macros that were missing

* Fix issue with __declspec and final

This change is a bit naive but it fixes the issues I was having when combining __declspec(dllexport) and final classes. Without the fix I get errors along the line of "The code 'class x final :' is not handled. You can use -I or --include to add handling of this code. "
2019-08-23 06:43:02 +02:00
Rikard Falkeborn fd3cb24973 leakNoReturnVar: Don't break early (#2095)
There seems to be no reason for stopping checking the scope if a call to
free() is seen (or fclose() or realloc()), so just continue checking.
Also, if there are multiple arguments, check all, perhaps there are more
memory leaks to warn about.
2019-08-23 06:33:00 +02:00
Paul Fultz II c0a8d628b9 Fix issue 6010: Uninitialized inner struct (#2098)
* Fix issue 6010: Uninitialized inner struct

* Show to root variable that is unitialized

* Warn on pointer dereferences
2019-08-23 06:23:20 +02:00
Daniel Marjamäki 6815e38879 TokenList::insertTokens: copy column also 2019-08-20 20:53:44 +02:00
IOBYTE 4b231c53a4 Fixed #9287 and #9288 (Syntax error on valid C++ code) (#2104) 2019-08-20 20:25:18 +02:00
Daniel Marjamäki ef47d3d304 Fixed #9286 (FP: syntax error: { .abc.a = 1) 2019-08-20 13:56:38 +02:00
Daniel Marjamäki 474fed453e memleak: Fixed false negative for sample 2019-08-18 19:45:39 +02:00
Daniel Marjamäki a5ba82c2d3 Fixed #9260 (--template=gcc does not work correctly with -j) 2019-08-18 16:33:32 +02:00
Daniel Marjamäki d95f29b23a Fixed test/cli 2019-08-18 12:51:32 +02:00
Daniel Marjamäki 2d9a131817 Refactoring: Rename variables. Do not use leading _. Renamed 'col' to 'column' 2019-08-18 12:19:05 +02:00
Daniel Marjamäki de9b928d98 ErrorLogger: add 'column' in serializer/deserializer 2019-08-18 09:06:40 +02:00
Daniel Marjamäki 04e3884ff6 xml: Add column attribute in <location> 2019-08-18 08:37:56 +02:00
Daniel Marjamäki c3a27eb8c1 Fix a few cppcheck internal warnings 2019-08-17 16:02:58 +02:00
Daniel Marjamäki a17f2a6f05 Compiling/Installing : The CFGDIR parameter was removed. Use FILESDIR instead. 2019-08-17 10:53:07 +02:00
IOBYTE 04bb6c0d1f template simplifier: fix new daca crashes (#2093) 2019-08-17 07:38:07 +02:00
Paul Fultz II ee7fe3aaa1 Fix FP: Unitialized variable when using a pointer
This fixes the FP in cases like this:

```cpp
void f() {
    bool b;
    bool * x = &b;
    if (x != nullptr)
        x = 1;
}
```

It tracks the indirection of the uninit value in valueflow.
2019-08-17 07:36:41 +02:00
Paul Fultz II 3e0d1141d3 Fix issue 9277: FP: Dont warn for knwon conditions in if constexpr (#2085) 2019-08-16 07:56:39 +02:00
Paul Fultz II 3aef0c9bd3 Fix issue 8715: regression uninitvar not detected (#2092) 2019-08-16 07:48:54 +02:00
Paul Fultz II ef714225bb Use library to track container lifetimes 2019-08-15 21:14:54 +02:00
Daniel Marjamäki 95ac8db584 TemplateSimplifier: Set column number for expanded tokens 2019-08-15 15:22:56 +02:00
Daniel Marjamäki f33a8a417f Put 'isExpandedMacro' info in the dump files 2019-08-15 14:24:56 +02:00
Daniel Marjamäki a57d22d2d9 astyle formatting
[ci skip]
2019-08-15 10:46:16 +02:00
Paul Fultz II af214e8212 Fix issue 8825: ValueFlow: uninitialized struct member (#2087)
* Pass uninit value across pointers

* Add more testing
2019-08-15 10:44:55 +02:00
Rikard Falkeborn fc1d5b187f leakNoVarFunctionCall: Use AST more (fix #9252) (#2086)
Use the AST a little bit more to improve the check. In order to do so,
rewrite the check to work from the outer function first and then check
the arguments, instead of the other way around.

It also fixes Trac ticket #9252, no warning is now given for

	void* malloc1() {
		return(malloc1(1));
	}

This FP seems to be common in daca results.

It also makes it possible to improve handling of casts, for example
cppcheck now warns about

	void f() {
		strcpy(a, (void*) strdup(p));
	}

But not for

	char* f() {
		char* ret = (char*)strcpy(malloc(10), "abc");
		return ret;
	}

These FP/FN were introduced when the check was switched to use the
simplified token list.
2019-08-14 22:01:40 +02:00
Rikard Falkeborn f139558d90 Dmake cleanups (#2077)
* dmake: Refactor object files to separate function

No functional change.

* dmake: Use range for loops

No functional change.

* Add all external cpp files instead of open coding

No functional change.

* Remove duplicate check.h in lib.pri HEADERS

* Add missing newline

No functional change, but the readability of the generated Makefile is
slightly improved.
2019-08-14 20:53:51 +02:00
Paul Fultz II 4f76588f98 Fix issue 9275: False positive: Non-local object uses local variable (#2084) 2019-08-14 20:09:33 +02:00
Paul Fultz II 0c1dff5c93 Fix issue 9268: false negative: (style) Condition '...' is always true (#2080)
* Fix issue 9268: false negative: (style) Condition '...' is always true

* Fix copy and paste mistake
2019-08-14 06:34:27 +02:00
Paul Fultz II 13df5b2413 Fix FP with negative index and negated condition (#2081) 2019-08-14 06:32:31 +02:00
Daniel Marjamäki d4549217d0 Renamed safeClassRefMember => unsafeClassRefMember 2019-08-13 20:58:31 +02:00
Daniel Marjamäki ed7edc6d2a Improve warning message 2019-08-13 20:42:25 +02:00
Daniel Marjamäki 41f8c1b281 Fixed #9271 (Safe classes: Class that store references) 2019-08-13 20:40:48 +02:00
Rikard Falkeborn ffcceb097e Memleak: Refactor check to separate function (#2079)
This makes all the checks in CheckMemoryLeakNoVar separate functions to
improve readability.
2019-08-13 13:00:59 +02:00
Paul Fultz II c0c6f92221 Fix issue 8431 and 8776: Size of constant string
Fixes these cases:

```cpp
void f(void) {
        const std::string msg="xyz";
        if(!msg.empty()){} // Always true
}
```

And out of bounds access:

```cpp
#include <string>
char fstr1(){const std::string s = "<a><b>"; return s[42]; }
wchar_t fwstr1(){const std::wstring s = L"<a><b>"; return s[42]; }
```
2019-08-12 20:24:16 +02:00
Paul Fultz II 68e8253920 Fix issue 8313 and 7326: Track values of pointer aliases in valueflow 2019-08-12 12:58:53 +02:00
Daniel Marjamäki aec217fede astyle formatting
[ci skip]
2019-08-12 12:54:25 +02:00
Rikard Falkeborn cd36f8ed0a Fix #9253: leakNoVarFunctionCall: do not warn if freopen opens standard stream (#2076)
This fixes false positives from daca@home where freopen is used to
reopen a standard stream. There is no longer a warning for

	void f() {
		assert(freopen("/dev/null", "r", stdin));
	}
2019-08-12 12:53:59 +02:00
Paul Fultz II 9aa97cbb95 Fix issue 8296: ValueFlow: value not set in conditional scope in subfunction (#2071)
* Fix issue 8296: ValueFlow: value not set in conditional scope in subfunction

* Refactor condition checkingg

* Make test case TODO
2019-08-11 15:39:37 +02:00
Daniel Marjamäki 0edc4feb57 Try to make Appveyor happy 2019-08-10 08:46:27 +02:00
IOBYTE 5fc5e3728d template simplifier: refactor TemplateSimplifier::TokenAndName into a… (#2073)
* template simplifier: refactor TemplateSimplifier::TokenAndName into a class

assert when more than one family flag is set

* fix function parameter names
2019-08-10 08:42:12 +02:00