Commit Graph

515 Commits

Author SHA1 Message Date
PKEuS 141d2ac215 Refactorization: Improved internal implementation of severity and certainty levels
Backported from LCppC.
2021-02-24 22:00:06 +01:00
Daniel Marjamäki cc1dfe243c Fix Cppcheck warnings 2021-02-20 17:22:04 +01:00
PKEuS 25678a9faf Refactorized CheckStl::string_c_str(), fixing some false negatives by supporting member functions and overloads
Merged from LCppC.
2021-02-20 12:52:39 +01:00
Ken-Patrick Lehrmann 4e35f19659
10153: Check that string.find() is compared with 0 before recommending starts_with() (#3099) 2021-01-31 12:05:38 +01:00
orbitcowboy bb451ca289 Running astlye [ci skip] 2021-01-22 21:47:24 +01:00
Oliver Stöneberg 491f4874c5
fixed/aligned some compiler warnings (#3065) 2021-01-21 18:13:32 +01:00
abhijit-sawant b97387db66
Made missing comparison in loop check more generic (#3048) 2021-01-18 08:11:37 +01:00
Daniel Marjamäki 503662f625 Try to fix null pointer dereference 2021-01-15 08:27:58 +01:00
Daniel Marjamäki 55262f03ec Fixed #9218 (False positive: Searching before insertion is not necessary (stlFindInsert)) 2021-01-14 22:31:43 +01:00
Daniel Marjamäki 1858465bca astyle formatting
[ci skip]
2021-01-12 21:28:56 +01:00
Paul Fultz II b1c56d33ac
Fix issue 9133: Invalid iterator; vector::push_back, functions (#3008) 2021-01-11 18:47:38 +01:00
orbitcowboy 02b714f6dc Code formatting [ci skip] 2021-01-04 13:09:05 +01:00
abhijit-sawant a4a225203c
Fix #9938 (false positive: StlMissingComparison) (#2989) 2021-01-04 10:07:07 +01:00
Daniel Marjamäki 8bd783f820 Refactoring; Added findBreakScope and Scope::isLoopScope() 2020-12-24 22:58:31 +01:00
Paul Fultz II ae6f611df0
Fix issue 9973: False positive: mismatching iterator container, reference (#2893) 2020-11-10 09:38:05 +01:00
Paul 1753c2ddee Remove known conditions 2020-09-08 12:39:27 -05:00
Paul 7754449fd6 Format 2020-09-06 23:48:05 -05:00
Paul 04c85baf03 Fix issue 8869: false negative: (error) Invalid v.at() argument nr 1 2020-09-06 23:46:31 -05:00
Daniel Marjamäki 7d51baa2f0 Fixed GCC warning, variable bodyTok is unused. False negative ticket: #9876 2020-09-05 08:17:40 +02:00
Daniel Marjamäki c1e03d63b2 astyle formatting
[ci skip]
2020-09-02 13:03:30 +02:00
Paul Fultz II dea5a23c34
Improve check: check for known empty containers passed to algorithms (#2768) 2020-09-02 07:11:23 +02:00
Paul Fultz II 494fff65b7
Add outOfBounds check for iterators to containers (#2752) 2020-08-26 21:05:17 +02:00
Paul Fultz II 46bf2d7d52
Dont diagnose impossible values for iterators (#2755) 2020-08-26 06:58:53 +02:00
Daniel Marjamäki 2bb73840fc astyle formatting 2020-08-23 17:17:33 +02:00
Paul Fultz II ac846b96d1
New check: Iterating a known empty container (#2740) 2020-08-22 09:16:26 +02:00
Paul 7776fb82a2 Fix issue 737: new check: Dereference end iterator 2020-08-17 16:36:45 -05:00
Paul 56affc9080 Fix issue 9780: FP: invalidContainer calling push_back after getting the address of the vector 2020-08-06 21:08:30 -05:00
Paul caabe56f14 Handle FPs: mutexes being locked at different scopes 2020-07-12 21:31:53 -05:00
Paul 82b91869ee Extend mutex checking for more locking patterns 2020-06-26 15:06:20 -05:00
Paul 3c10a9c659 Update message 2020-06-24 18:09:30 -05:00
Paul f7029e62ac Check for mor FPs 2020-06-17 17:06:06 -05:00
Paul 18225ee27e Update text and change to warnings 2020-06-16 10:32:39 -05:00
Paul 172537807b Add check for incorrect usage of mutexes and lock guards 2020-06-15 19:40:54 -05:00
Paul Fultz II 86ed860d26
Fix issue 9548: False negative: Mismatching iterators when inserting into a vector (#2595) 2020-06-06 17:54:56 +02:00
Oliver Stöneberg 37bc0483a4
made check.h less heavy (#2633) 2020-05-23 07:16:49 +02:00
Paul Fultz II 4270819728
Fix issue 9713: FP invalidContainerLoop when modifying container and immediately exiting the loop (#2659) 2020-05-23 07:14:45 +02:00
Paul Fultz II 6162ebd608
Fix issue 9714: FP invalidContainer related to auto and std::string::insert (#2660) 2020-05-23 07:13:55 +02:00
Daniel Marjamäki 08ddd84780 Update copyright year 2020-05-10 11:16:32 +02:00
Daniel Marjamäki 3e0218299b Revert "Update copyright year"
This reverts commit 6eec6c4bd5.
2020-05-10 11:13:05 +02:00
Daniel Marjamäki 6eec6c4bd5 Update copyright year 2020-05-10 11:11:34 +02:00
Oliver Stöneberg 2c1e36e63e
cleaned up includes based on include-what-you-use (#2600)
* cleaned up includes based on include-what-you-use

* check.h: trying to work around Visual Studio 2012 bug

* fixed Visual Studio compilation
2020-04-13 13:44:48 +02:00
Daniel Marjamäki b67a043e5b Remove unused variable 2020-04-10 13:16:15 +02:00
Oliver Stöneberg e3b644d877
aligned GCC warnings (#2592)
* excluded oss-fuzz related CMake targets from all

* checkstl.cpp: fixed -Wmissing-declarations warning

* suppress -Wsuggest-attribute=format GCC warnings for tinyxml in CMake for now

* aligned GCC warnings in dmake, CMake and Travis / removed now useless WARNINGS_ANSI_ISO
2020-04-08 14:56:12 +02:00
Paul Fultz II efdc5f5c4e
Fix issue 9435: False negative: invalidContainer when using range for loop (#2587)
* Fix issue 9435: False negative: invalidContainer when using range for loop

* Use ast

* Make string const
2020-04-04 11:47:02 +02:00
Paul Fultz II a22a77c1fc
Use library config for unstable containers instead of hardcoded values (#2585)
* Use library config for unstable containers instead of hardcoded values

* Fix xml validation
2020-04-03 13:16:57 +02:00
Daniel Marjamäki 1fd85c0ae8 Fixed #9630 (False positive: in stlIfFind checking, if with initializer is not handled properly) 2020-02-18 19:02:54 +01:00
Paul Fultz II 95a48eac67
Fix issue 9598: False positive: Using iterator to local container that may be invalid for loop handling (#2539) 2020-02-16 15:56:52 +01:00
Paul Fultz II d858bfc338
Fix issue 9599: False positive: Using object that points to local variable that may be invalid (#2530)
* Fix issue 9599: False positive: Using object that points to local variable that may be invalid

* Improve tests

* Skip else
2020-02-11 11:45:10 +01:00
Ken-Patrick Lehrmann 5f73e1cb32 Fix 9546: properly check that the bound is the size (#2475)
Previously, as the check was done on the token and not on the ast,
`i <= v.size()` and `i <= v.size() - 2` would both raise the same
warning.

This patch fixes this, but this mean the check is only done when the
condition if `i <= v.size()`. Any other (more complex) condition is
ignore, and so we have false negative for instance with
 `i <= v.size() + 1`.
2020-01-05 16:24:25 +01:00
Paul Fultz II 30b9455e89 Fix issue 9556: FP mismatchingContainers: raw pointer comparison (#2465)
* Fix issue 9556: FP mismatchingContainers: raw pointer comparison

* Formatting
2020-01-01 12:02:21 +01:00
Daniel Marjamäki 31bddb6ae0 astyle formatting
[ci skip]
2019-12-26 15:48:29 +01:00
Paul Fultz II 42d44f02a2 Use lifetime analysis for checking mismatching containers (#2456)
* Use lifetimes to check for mismatching containers

* Fix error messages

* Format

* Remove unused variables

* Fix configuration and track iterators through algorithms

* Fix iterator value types in qt config

* Fix library issue with QStringList

* Remove unused functions

* Fix cppcheck errors
2019-12-25 09:32:50 +01:00
Daniel Marjamäki 252c3a17fa Fixed #7107 (False positive iterators - using alias for container) 2019-12-20 12:13:26 +01:00
Paul Fultz II 694d147097 Refactor ProgramMemory and PathAnalysis (#2311)
* Traverse conditions for container size

* Move program memory to seperate file

* Revert "Traverse conditions for container size"

This reverts commit 914783769f.

* Move pathanalysis to seperate files
2019-10-30 17:57:46 +01:00
Paul Fultz II ad8abdb0c3 Add impossible values to ValueFlow (#2186)
* Add impossible category

* Replace values

* Try to adjust known values

* Add ! for impossible values

* Add impossible with possible values

* Remove contradictions

* Add values when the branch is not dead

* Only copy possible values

* Dont bail on while loops

* Load std lib in valueflow

* Check for function calls

* Fix stl errors

* Fix incorrect impossible check

* Fix heap-after-use error

* Remove impossible values when they are lowered

* Show the bound and remove overlaps

* Infer conditions

* Dont push pointer values through dynamic_cast

* Add test for dynamic_cast issue

* Add shifttoomanybits test

* Add test for div by zero

* Add a test for issue 9315

* Dont make impossible value inconclusive

* Fix FP with shift operator

* Improve handleKnownValuesInLoop for impossible values

* Fix cppcheck warning

* Fix impossible values for ctu

* Bailout for streams

* Check equality conditions

* Fix overflows

* Add regression test for 9332

* Remove duplicate conditions

* Skip impossible values for invalid value

* Check for null

* Rename bound to range

* Formatting
2019-09-20 15:06:37 +02:00
Paul Fultz II ba037837c9 Track lifetime across multiple returns
This will now warn when doing something like this:

```cpp
template <class T, class K, class V>
const V& get_default(const T& t, const K& k, const V& v) {
    auto it = t.find(k);
    if (it == t.end()) return v;
    return it->second;
}
const int& bar(const std::unordered_map<int, int>& m, int k) {
    auto x = 0;
    return get_default(m, k, x);
}
```

The lifetime warning is considered inconclusive in this case.

I also updated valueflow to no tinject inconclusive values unless `--inconclusive` flag is passed. This creates some false negatives because library functions are not configured to not modify their input parameters, and there are some checks that do not check if the value is inconclusive or not.
2019-09-11 19:25:09 +02:00
Paul Fultz II 88d194214f Fix FP with invalidContainerRef (#2141) 2019-09-03 06:41:35 +02:00
Daniel Marjamäki 7d63bdee6f astyle formatting
[ci skip]
2019-09-02 06:59:07 +02:00
Paul Fultz II cb509f1a8b Fix issue 4845: alias to vector element invalid after vector is changed (#2113)
* Try harder to track ref lifetimes

* Dont add lifetimes for references

* Use correct token

* Check for front and back as well

* Improve handling of addresses

* Formatting

* Fix FP
2019-09-02 06:58:09 +02:00
Daniel Marjamäki 996daaee4e STL: Fixed outOfBounds false positive 2019-08-24 15:40:29 +02:00
Paul Fultz II ef714225bb Use library to track container lifetimes 2019-08-15 21:14:54 +02:00
Paul Fultz II 68e8253920 Fix issue 8313 and 7326: Track values of pointer aliases in valueflow 2019-08-12 12:58:53 +02:00
Paul Fultz II 3ec3bd52e0 Fix FP when using a pointer to a container (#2029) 2019-07-24 00:04:49 +02:00
Paul Fultz II a08a9c1349 Switch to use lifetime analysis for iterators and pointers to invalid containers
This will diagnose more issues such as:

```cpp
void f(std::vector<int> &v) {
    auto v0 = v.begin();
    v.push_back(123);
    std::cout << *v0 << std::endl;
}
```
2019-07-18 10:56:44 +02:00
Daniel Marjamäki 90a215af0e Rephraze performance message. /would be faster/could be faster/ to indicate that Cppcheck is not _sure_ that it would be faster 2019-07-17 16:06:10 +02:00
Daniel Marjamäki 9973db3a71 Modernize: Use enum class for Library::Action and Library::Yield 2019-07-17 11:39:30 +02:00
Daniel Marjamäki 5eff1b0f4a Replace 'unsigned' with 'nonneg' in checkstl 2019-07-15 14:05:23 +02:00
Daniel Marjamäki fe04c15c9e CheckStl: Modernize the recommendations. string::starts_with is more intuitive than string::compare 2019-05-05 10:35:44 +02:00
Paul Fultz II 091f4bcf8d Add check for unnecessary search before insertion
This will warn for cases where searching in an associative container happens before insertion, like this:

```cpp
void f1(std::set<unsigned>& s, unsigned x) {
    if (s.find(x) == s.end()) {
        s.insert(x);
    }
}

void f2(std::map<unsigned, unsigned>& m, unsigned x) {
    if (m.find(x) == m.end()) {
        m.emplace(x, 1);
    } else {
        m[x] = 1;
    }
}
```

In the case of the map it could be written as `m[x] = 1` as it will create the key if it doesnt exist, so the extra search is not necessary.

I have this marked as `performance` as it is mostly concerning performance, but there could be a copy-paste error possibly, although I dont think thats common.
2019-05-02 11:04:23 +02:00
Daniel Marjamäki 54bea2847a STL: Better out of bounds checking for empty containers when index is unknown 2019-03-29 15:20:17 +01:00
Daniel Marjamäki 3c30d274a0 Clarify STL out of bounds warning message 2019-03-29 11:13:25 +01:00
Daniel Marjamäki e88a0c00c1 Fixed #9039 (STL: array index out of bounds: str.begin() + 1) 2019-03-28 12:49:52 +01:00
Paul Fultz II 3615eac347 Move useStlAlgorithm to normal checking (#1741) 2019-03-15 06:15:56 +01:00
Daniel Marjamäki 34711bcb93 Remove unused functions 2019-03-11 12:23:22 +01:00
Daniel Marjamäki f9fe6cc96a STL: Removed auto_ptr checking. 2019-03-09 07:48:01 +01:00
Daniel Marjamäki bd7790fd8c Update copyright year 2019-02-09 07:24:06 +01:00
Daniel Marjamäki d18f5d8709 CTU: Reuse CheckNullPointer::isPointerDeRef in the nullpointer isUnsafeUsage 2018-12-29 09:26:57 +01:00
Daniel Marjamäki ff469867e7 Refactor CheckStl::stlOutOfBounds 2018-11-28 20:30:58 +01:00
Daniel Marjamäki dd94bfede9 CheckStl: Improving checking of container access out of bounds 2018-11-28 19:27:28 +01:00
Daniel Marjamäki 6493db6ca2 Try to clarify message for container access out of bounds a little more. 2018-11-28 13:58:01 +01:00
Daniel Marjamäki 0f2f807798 Improve the container out of bounds messages. They are still not perfect. 2018-11-28 07:03:56 +01:00
Daniel Marjamäki 4983a6a5dc astyle formatting 2018-10-18 20:08:32 +02:00
Igor 0a9be3e734 Improve STL iterators checking (#1380)
* Improve STL interators checking

* Improve error messages for container iterators from different scopes

* Mini refactoring

* Replace hardcoded pattern to ValueType::Type::ITERATOR

* Error messages improvements, more tests and refactoring

* Refactoring after code review

* Put getting operand data into separate function

* Update getErrorMessages and iterator errors ids

* Refactoring

* Fix error

* Refactoring, early return implementation

* Delete redundant code

* Tiny changes in comments
2018-10-17 06:36:51 +02:00
Daniel Marjamäki 053b0d1654 STL: enable inconclusive warnings with --inconclusive 2018-10-09 20:10:43 +02:00
Paul Fultz II 4ed22f1ff8 Fix some FPs in mismatchingContainerExpression (#1402) 2018-09-30 14:49:58 +02:00
Paul Fultz II f65cf220ba Fix false positives in unknownEvaluationOrder when using followVar (#1391)
Fix false positives in unknownEvaluationOrder when using followVar
2018-09-28 08:38:24 +02:00
orbitcowboy d08b39c915
Improved const correctness of local variables. There are no functional changes intended. (#1392) 2018-09-23 20:24:51 +02:00
Matthias Krüger f965e5873d checkstl: remove uused variable 'beginCondTok'
Was:
lib/checkstl.cpp:2022:30: warning: unused variable 'beginCondTok' [-Wunused-variable]
                const Token *beginCondTok = condBodyTok->previous()->link();
                             ^

also run dmake to update Makefile
2018-09-22 21:10:21 +02:00
Paul Fultz II d43cd56afd Show line number when suggesting std::transform (#1385) 2018-09-21 10:38:30 +02:00
Paul Fultz II 1e347f6cde Initial check for recommending algorithms (#1352)
Add initial check for loop algorithms
2018-09-19 18:58:59 +02:00
Paul Fultz II eb07280075 Fix issue 8743: FP when derefencing iterators (#1376) 2018-09-12 17:33:53 +02:00
Daniel Marjamäki 772939476d Remove inconclusive warnings about reading empty stl container. We have better ValueFlow-based checking. 2018-09-09 11:25:04 +02:00
Paul Fultz II f7e7e9bd3c Fix issue 8736: Iterators to containers from different expressions (a.begin().x == b.begin().x) (#1370) 2018-09-07 07:08:02 +02:00
Daniel Marjamäki 756c1d8de7 Fixed #8341 (error:iterators not correct) 2018-09-02 21:04:45 +02:00
Daniel Marjamäki 4d0262fd0a astyle formatting
[ci skip]
2018-08-23 06:06:58 +02:00
Paul Fultz II f79849f6ba Diagnose mismatching iterators used together in operators (#1343)
* Diagnose mismatching iterators used together in operators

* Fix fp getting iterator expression in function call
2018-08-21 06:34:30 +02:00
Daniel Marjamäki 0e30bdef9d containerAccessOutOfBounds: Fix FPs for maps etc 2018-08-11 18:57:21 +02:00
Daniel Marjamäki f0c1d49abf Fix Cppcheck warning 2018-08-11 14:45:12 +02:00
Daniel Marjamäki 1f427eda8f CheckStl: rewrite and refactor out of bounds checker 2018-08-11 11:40:48 +02:00
Daniel Marjamäki 81f54f7094 Fixed #8681 (ValueFlow: Container size) 2018-08-10 11:29:16 +02:00