Commit Graph

236 Commits

Author SHA1 Message Date
Alexander Mai d704e97203 Fix (potential) multi-threading issues by moving static local vars (non-POD-type) to file scope 2015-06-10 21:14:17 +02:00
Alexander Mai f0bc300198 #6510 False positive performance warning for std::list::size(). Fix this and other similar false positives. Refactoring of Variable::isStlType(), use fail-safe std::set instead of plain array. Run astyle 2015-05-17 20:02:41 +02:00
Daniel Marjamäki 88f59ad7e8 Partial fix for #6656 (Allow that CWE is mapped for error message) 2015-04-25 17:48:11 +02:00
Simon Martin e5745d7d4a Restore build with libc++ and revert PR#228 and PR#562. 2015-04-12 20:29:49 +02:00
Matthias Krüger 42f0955e3f Move more setting checks out of loops and use const bools instead. Reorder a few related checks.
Follow up to eedcb6abcb .
2015-04-10 14:31:19 +02:00
Matthias Krüger eedcb6abcb move setting flags checks out of for loops, make them const. 2015-04-07 07:23:28 +02:00
PKEuS b2835051df Refactorization: Renamed Token::Match pattern %var% to %name%, implement new pattern %var% which is true if varId > 0. 2015-01-31 12:32:04 +01:00
PKEuS 5c56e63996 Fixed false positive #6452: Handle member functions in CheckIO::checkFileUsage() 2015-01-27 21:52:52 +01:00
Daniel Marjamäki 228f5960fc CheckIO: only report warnings when --enable=warning has been used 2015-01-06 15:08:25 +01:00
Thomas Jarosch 1ef1143609 Make local functions static 2015-01-05 01:25:49 +01:00
Daniel Marjamäki ff11ba9847 Updated copyright year to 2015 2015-01-03 12:14:58 +01:00
Daniel Marjamäki 051d42ae6b astyle formatting 2014-11-20 14:20:09 +01:00
orbitcowboy f5d804f71a running astyle 2014-11-20 10:13:03 +01:00
Alexander Mai 5300ba2074 Make single-argument constructors explicit 2014-11-13 21:39:14 +01:00
Robert Reif d5908f03b7 Fixed #6226 (false negative: printf format check for user defined array type) 2014-10-20 06:33:36 +02:00
PKEuS 1df1b9c2bd Fixed #5836: Make showing $ in stringified tokens optional 2014-09-29 14:50:00 +02:00
Robert Reif 1729ea6f0f Fixed #6182 (Format specifier check confused by ternary operator) 2014-09-24 16:45:06 +02:00
PKEuS 6f92557478 Use information about pure/leak-ignore from library to improve accuracy of several bailouts 2014-09-11 20:27:07 +02:00
Martin Ettl 8a15486370 Fixed CID-1234716: Dereference after null check in lib/checkio.cpp 2014-09-01 09:00:05 +02:00
PKEuS e8f7279039 Refactorization: Moved detection of STL strings to SymbolDatabase 2014-09-05 12:03:08 +02:00
PKEuS a52401cf1b Fixed some compiler warning about signed/unsigned conversions. 2014-09-02 11:44:51 +02:00
PKEuS 80df3dc642 Disabled several checks and simplifications for C code, if they are C++-only. Do not match arguments for C code, since there can't be overloads. 2014-09-01 18:43:24 +02:00
PKEuS 47764321f2 Several fixes to invalidScanfFormatWidthError():
- Different IDs for different messages (#5809)
- severity is warning, not style, so check _settings->isEnabled() properly
- Removed never shown message text
2014-09-01 09:33:58 +02:00
PKEuS 288c94a47f Extended Message "fflushOnInputStream" to files opened for reading. 2014-08-31 21:03:33 +02:00
PKEuS b07f61170d Changed severity of fflushOnInputStream to portability: The behaviour of fflush(stdin) is defined on Linux. 2014-08-31 20:56:05 +02:00
Dmitry-Me 443e846b2e Remove duplicate return statements. 2014-08-18 16:02:35 +04:00
Moshe Kaplan 4894d3807d Improved invalidScanf error message 2014-08-06 06:08:28 +02:00
PKEuS de66ed4071 Added missing message to --errorlist output, changed Id to avoid duplicate 2014-08-02 20:55:59 +02:00
Robert Reif 90bc59e0fa Fixed #6009 (Detect type mismatch in printf-like function when type is returned) 2014-07-28 09:16:35 +02:00
Dmitry-Me 07c120f1af Cache option flags and check them first. 2014-07-23 17:06:27 +04:00
amai2012 9b38ae73c1 Attempt to fix 2 Coverity messages.
Replace a few unsigned int by std::size_t
2014-07-07 21:25:30 +02:00
Dmitry-Me 4f21b31004 Use temp variables to simplify code. 2014-07-04 10:56:43 +04:00
Daniel Marjamäki 86ef5f8ae7 CheckIO: Handle library types 2014-06-12 07:01:44 +02:00
Dmitry-Me 6e1568a6db Simplify code - bail out early, vreak loops early, reorder checks and declarations. 2014-06-09 13:35:30 +04:00
Simon Martin d2223ce419 Factorize type name equality checks in CheckIO. 2014-05-27 19:20:19 +02:00
PKEuS 8f79dc3ff8 Cleaned up includes and forward declarations in checkers:
- Removed definitely unnecessary forward declarations (e.g. "class Token"; token.h is already included by check.h, so a definition is unnecessary)
 - Removed unused includes
2014-05-24 12:50:03 +02:00
PKEuS f7a41057ad Use AST in CheckIO::checkCoutCerrMisusage() - fixes #3254. 2014-05-22 20:25:54 +02:00
Robert Reif 888fd44039 Fixed #5609 (Wrong warning: %zu requires 'size_t' - but type is 'std::size_t') 2014-05-04 07:55:23 +02:00
Robert Reif b0af67f369 Fixed #5486 (false positive: (warning) %zd in format string (no. 1) requires 'ssize_t' but the argument type is 'ssize_t {aka long}'.) 2014-04-10 17:25:11 +02:00
PKEuS 4ad7ef69c6 Updated german translation
ran lupdate gui.pro
Reverted accidential change in checkio.cpp
2014-03-28 19:06:48 +01:00
PKEuS a01bfcb62d Fixed a few cppcheck messages 2014-03-28 18:55:16 +01:00
Robert Reif 5c88934431 CheckIo: Fixed FIXME 2014-03-19 20:57:33 +01:00
PKEuS b564986d5d Added missing casts causing assertion failures on Windows (#5391)
-> Changed much more occurences, especially in preprocessor.cpp.
2014-03-18 21:41:47 +01:00
PKEuS 3a4b7e5c07 Fixed false positive #5578 2014-03-18 13:44:27 +01:00
PKEuS 86e6bb430a New check: Warning, if positioning operation (fseek) is performed on a file opened in "a" mode 2014-03-17 11:02:03 +01:00
Thomas Jarosch 93341f4449 Use simple match where possible
Fixes these warnings found by "--enable=internal":

[lib/checkclass.cpp:972]: (warning) Found simple pattern inside Token::Match() call: "* *"
[lib/checkbufferoverrun.cpp:635]: (warning) Found simple pattern inside Token::Match() call: "."
[lib/checkbufferoverrun.cpp:1397]: (warning) Found simple pattern inside Token::Match() call: ";"
[lib/checksizeof.cpp:299]: (warning) Found simple pattern inside Token::Match() call: "."
[lib/checksizeof.cpp:301]: (warning) Found simple pattern inside Token::Match() call: ")"
[lib/checksizeof.cpp:303]: (warning) Found simple pattern inside Token::Match() call: "]"
[lib/checksizeof.cpp:318]: (warning) Found simple pattern inside Token::Match() call: ")"
[lib/checknullpointer.cpp:413]: (warning) Found simple pattern inside Token::Match() call: "delete"
[lib/checkio.cpp:1336]: (warning) Found simple pattern inside Token::Match() call: "> ("
[lib/checkstl.cpp:1509]: (warning) Found simple pattern inside Token::findmatch() call: ";"
[lib/checkstl.cpp:1512]: (warning) Found simple pattern inside Token::findmatch() call: ";"
[lib/checkstl.cpp:1594]: (warning) Found simple pattern inside Token::Match() call: "="
[lib/checkstl.cpp:1598]: (warning) Found simple pattern inside Token::Match() call: "] ="
[lib/checkunusedvar.cpp:755]: (warning) Found simple pattern inside Token::Match() call: "goto"
[lib/checkunusedvar.cpp:793]: (warning) Found simple pattern inside Token::Match() call: "="
[lib/checkuninitvar.cpp:376]: (warning) Found simple pattern inside Token::Match() call: "> ("
[lib/checkother.cpp:86]: (warning) Found simple pattern inside Token::Match() call: "> ("
[lib/checkother.cpp:2181]: (warning) Found simple pattern inside Token::Match() call: "> {"
[lib/valueflow.cpp:54]: (warning) Found simple pattern inside Token::Match() call: "&"
[lib/valueflow.cpp:409]: (warning) Found simple pattern inside Token::Match() call: "do"
[lib/valueflow.cpp:425]: (warning) Found simple pattern inside Token::Match() call: ") {"
[lib/valueflow.cpp:487]: (warning) Found simple pattern inside Token::Match() call: ") {"
[lib/valueflow.cpp:511]: (warning) Found simple pattern inside Token::Match() call: "} else {"
[lib/valueflow.cpp:615]: (warning) Found simple pattern inside Token::Match() call: "for ("
[lib/symboldatabase.cpp:80]: (warning) Found simple pattern inside Token::Match() call: "= {"
[lib/symboldatabase.cpp:1069]: (warning) Found simple pattern inside Token::Match() call: "std ::"
[lib/tokenize.cpp:2207]: (warning) Found simple pattern inside Token::Match() call: "< >"
[lib/tokenize.cpp:2730]: (warning) Found simple pattern inside Token::Match() call: ";"
[lib/tokenize.cpp:4234]: (warning) Found simple pattern inside Token::Match() call: "try {"
[lib/tokenize.cpp:4235]: (warning) Found simple pattern inside Token::Match() call: "} catch ("
[lib/tokenize.cpp:5500]: (warning) Found simple pattern inside Token::Match() call: "INT8"
[lib/tokenize.cpp:5752]: (warning) Found simple pattern inside Token::Match() call: "}"
[lib/tokenize.cpp:5752]: (warning) Found simple pattern inside Token::Match() call: "do"
2014-03-14 16:27:47 +01:00
Robert Reif cb1fc06a80 Fixed #5079 (CheckIO::checkFileUsage doesn't support wide char and microsoft functions) 2014-03-12 19:22:44 +01:00
Lauri Nurmi 70a67eaf85 Change some more 0 literals into nullptr. 2014-02-16 13:38:50 +02:00
Daniel Marjamäki fd3a8a2a18 Update copyright 2014-02-15 07:45:39 +01:00
Simon Martin 8ff9696374 OSX's compiler supports C++11 but one needs to use GNU's STL to build cppcheck, that does not have cbegin/end. 2014-02-01 07:40:08 +01:00
Lucas Manuel Rodriguez ad0269eeeb Refactor checks using Variable::isStlType() 2014-01-30 01:26:48 -03:00
Robert Reif d679a4c1f7 Fixed #5248 (False positive: Invalid argument in scanf for %zd) 2014-01-14 06:09:13 +01:00
PKEuS b775714e3d Moved several hardcoded function names in format string checking into libraries (std.cfg and windows.cfg).
Added support for loading a library in test suite.
2014-01-12 03:44:24 -08:00
Robert Reif cbe3862599 Fixed #5264 (Size specifier in printf functions is wrong for some types) 2014-01-03 15:58:45 +01:00
Robert Reif 0afdbc73da Fixed #5195 (Crash below CheckIO::checkWrongPrintfScanfArguments()) 2013-11-23 08:40:35 +01:00
Martin Ettl babbee4e73 Fixed typos in comments, no functional changes. 2013-11-09 16:07:28 +01:00
Robert Reif a6ef3a224a Fixed #5151 (false negative: improper formatstring - vector::at()) 2013-11-08 12:44:05 +01:00
Martin Ettl 083af88801 Checkio: removed redundant NULL-pointer check, introduced by me. 2013-11-01 00:18:13 +01:00
Robert Reif ac3b1c0611 Fixed #5134 (Memory leak below CheckIO::checkWrongPrintfScanfArguments()) 2013-11-01 05:42:37 +01:00
Martin Ettl 897533ab93 Checkio: fixed potential NULL-pointer dereference (Coverity-ScanId: CID 1113428). 2013-10-31 20:03:05 +01:00
Robert Reif 94187c41c2 Fixed #5104 (False positive: Invalid argument in printf and scanf for vector template) 2013-10-27 10:48:49 +01:00
Robert Reif 41b3ed788d CheckIO: fix crash 2013-10-08 05:33:37 +02:00
Robert Reif 7098fc6039 CheckIO: fixed handling of unknown types. Ticket #5051 2013-10-05 16:47:06 +02:00
Robert Reif 5dbc02250f This patch adds pointer to format string support to printf. Ticket: #5051 2013-10-05 07:47:52 +02:00
Robert Reif 6c06cdd24d CheckIO fixes. Ticket: #5051 2013-10-04 17:30:55 +02:00
Robert Reif 59de30823e CheckIO: This patch adds support for fprintf_s, fscanf_s and %I. Ticket: #5051 2013-10-03 06:37:40 +02:00
Robert Reif 5aba841499 CheckIO: Handling of casts (#4964) 2013-10-02 04:12:46 +02:00
Robert Reif cc6745fef6 CheckIO: Fixed false positives when using _snprintf_s and _snwprintf_s. Ticket: #5057 2013-10-01 05:49:44 +02:00
Robert Reif c37c6617d3 Fixed #5057 (Microsoft secure printf/scanf support.) 2013-09-30 19:55:21 +02:00
Robert Reif d3798958f4 CheckIO: Fixed false positive when using wchar_t (#5051) 2013-09-29 15:25:18 +02:00
Robert Reif c5723ab46a CheckIO: Clarify format check warnings 2013-09-29 10:42:47 +02:00
Robert Reif 44d86e97c0 Fixed #4920 (Microsoft ATL/MFC CString::Format argument checking) 2013-09-26 16:20:01 +02:00
Robert Reif 2de3ebcb1e CheckIO: fixed some more false negatives. Ticket: #4964 2013-09-24 06:43:03 +02:00
Robert Reif 5c4c397372 CheckIO: add scanf argument type checking. Floating point and integer checking is complete but string checking is incomplete and character checking is missing. Ticket #4099 2013-09-22 06:56:31 +02:00
Robert Reif 19745bbb7d Fixed #5021 (Confusing message about %lf format in printf()) 2013-09-15 16:38:45 +02:00
Robert Reif 4d82e37078 Fixed #5021 (Confusing message about %lf format in printf()) 2013-09-12 05:54:05 +02:00
Robert Reif 9be2f6b5d4 Fixed #4964 (printf format argument check only supports simple variables) 2013-09-08 20:21:00 +02:00
Daniel Marjamäki 40c5924292 CheckIO: Handle classes derived from STL 2013-09-07 07:20:06 +02:00
Robert Reif 2fe91e290c CheckIo: Improved %d handling 2013-09-05 06:04:41 +02:00
Robert Reif 921a1aaa4f CheckIO: Improved handling of %u 2013-09-05 01:46:58 +02:00
Robert Reif 0dddd424a4 CheckIO: Improved handling of function return type 2013-09-03 05:50:19 +02:00
Robert Reif 8790f6d73f Fixed #4999 (Crash with simple code snipped in rev ab30fa3) 2013-08-31 18:58:55 +02:00
Robert Reif 05f2f0e419 CheckIO: improved type info - keep track of original typename. 2013-08-31 06:26:39 +02:00
Robert Reif fc435ae9aa CheckIO: fix false negative for a function in a base class not being found, fix false positives and negatives for std::vector operator [] 2013-08-30 05:41:59 +02:00
Robert Reif 2950eb08cb CheckIO: fix some %I64 related false positives. Ticket: #4964 2013-08-29 05:49:16 +02:00
Robert Reif 5c3315db7a CheckIO: improved handling of functions returning pointers. Ticket: #4964 2013-08-28 05:57:40 +02:00
Robert Reif 228f6b1a87 Fixed #4984 (False positive: (warning) %f in format string (no. 1) requires a floating point number given in the argument list.) 2013-08-27 05:46:09 +02:00
Robert Reif a1b9bb0688 CheckIO: Fix false positives for functions returning unknown types and false negatives for functions returning record types 2013-08-26 06:03:26 +02:00
Robert Reif 3d9383aabb Fixed #4975 (False positive: (warning) %s in format string (no. 3) requires a char* given in the argument list. (git/column.c)) 2013-08-25 08:32:10 +02:00
Robert Reif 26de3646e9 CheckIo: Revised patch that fixes bug in class function return type. Ticket: #4964 2013-08-24 22:34:52 +02:00
Robert Reif 01fd156852 CheckIO: Start to add checking of function return types. Ticket: #4964 2013-08-24 07:25:50 +02:00
Robert Reif 5ce1933687 CheckIo: handle more complex variables 2013-08-23 05:35:57 +02:00
Robert Reif 707dfb4eea Fixed #4964 (printf format argument check only supports simple variables) 2013-08-20 06:16:31 +02:00
Robert Reif 56d8073d0f Fixed #4902 (printf and scanf format checks don't support microsoft %I, %I32 and %I64 extensions) 2013-08-10 12:37:31 +02:00
Robert Reif 5aa79198e6 Fixed #4948 (check printf %l and %ll arguments for long and long long) 2013-08-10 12:33:55 +02:00
PKEuS a9a5dc0354 Updated to AStyle 2.03, require this version 2013-08-07 16:27:37 +02:00
PKEuS 1538b46970 Refactorization in checkio.cpp 2013-08-06 10:24:35 -07:00
Simon Martin 1fe008ba4b Ensure wrongPrintfScanfParameterPositionError is shown by 'cppcheck --errorlist'. 2013-07-28 20:33:49 +02:00
Daniel Marjamäki 9ff204f8bc astyle formatting, use isEnabled("warning") instead of isEnabled("style") 2013-07-28 16:13:16 +02:00
Simon Martin d01e3fa17a Handle parameter positions format strings (POSIX extensions). 2013-07-28 15:00:28 +02:00
Daniel Marjamäki 178467a578 astyle formatting 2013-07-24 11:20:28 +02:00
Daniel Marjamäki a1fafa7f06 Library: added <formatstr> and <strz> to argument checks 2013-07-22 20:21:45 +02:00
Robert Reif 20f81f92d9 CheckIO: Improved handling of h, hh, l, and ll. 2013-07-22 08:28:29 +02:00
Robert Reif f11e54aa42 Fixed #4902 (printf and scanf format checks don't support microsoft %I, %I32 and %I64 extensions) 2013-07-21 08:35:01 +02:00
Daniel Marjamäki 9c67af058a SymbolDatabase: Renamed Variable::varId() to Variable::declarationId() to make it more clear how it works. 2013-07-20 12:31:04 +02:00
PKEuS b58e1241dc Distinguish between different swprintf overloads. (#4790)
Fixed MSVC warning recently introduced
2013-05-14 02:06:16 -07:00
kchrist 740e790bf1 Fixed #4649 (false positive: Used file that is not opened; variables in struct) 2013-03-15 06:42:46 +01:00
PKEuS d78c06dc3f Replaced _settings->isEnabled("style") by _settings->isEnabled("warning") wherever warnings are issued 2013-03-03 02:41:59 -08:00
PKEuS e2655da1ec Properly handle return/break/continue in CheckIO::checkFileUsage() (#4466) 2013-02-15 08:30:43 -08:00
Robert Reif 42588e9729 Fixed #4535 (Simplify checks by caching symbol database Variable pointer in Token) 2013-02-06 06:39:58 +01:00
Reijo Tomperi 5d5f7085bf Updating year 2012 -> 2013 to .cpp and .h files and man page. 2013-01-01 18:29:08 +02:00
PKEuS 578e582987 Fixed regression #4368. 2012-12-08 00:26:10 -08:00
PKEuS bbe06c65c0 Added support for wide-strings (wcs* functions, std::wstring, std::*wstringstream) at many places. 2012-11-06 10:54:52 -08:00
Robert Reif d7b658a5aa speed up checks by caching commonly looked up stuff in the symbol database (checkio) 2012-10-30 15:52:45 +01:00
Baris Demiray 0e100f7563 Fixed #4189 (Improve check (printf('%l') not detected)) 2012-10-21 08:50:29 +02:00
PKEuS 3449684137 Fixed usage of _settigns->isEnabled("style") in CheckIO. Added forgotten test cases. 2012-09-10 16:23:00 +02:00
PKEuS e9f13e1547 Fixed false positive #4163 2012-09-10 16:14:24 +02:00
Reijo Tomperi 7ddd564ad6 Change file encoding to UFT-8 like it is for other files. 2012-08-26 00:12:38 +03:00
PKEuS a243983242 Refactorized type handling in CheckIO and CheckOther:
- Added several types (std::) to isComplexType
- Types in namespace std:: are considered to have no side-effects (solved one TODO)
- Scope of a pointer can be limited without side effects
2012-08-20 08:57:28 -07:00
PKEuS 6aa7f984cb Fixed false positives on FILE* arrays. (#3965) 2012-07-29 04:04:12 -07:00
Ville Skyttä 7ab2f6a9fa Spelling fixes. 2012-07-21 18:11:20 +02:00
PKEuS 1e704edbd5 Message refactorization: checkio.h/cpp 2012-07-13 10:36:58 -07:00
PKEuS 3523f89917 Added 'char' back where I removed it by mistake. 2012-07-12 01:01:52 -07:00
PKEuS 2bd1f1d8dc Improved check: Sign checking in printf format string (#3511)
Removed some redundant code (already covered by token list simplifications and symboldatabase)
2012-07-11 10:46:35 -07:00
PKEuS e8f4dce25f Added check to CheckInternal: detect invalid patterns like "%typ%"
Replaced some Token::Match by Token::simpleMatch (suggestions of internal checks)
2012-07-11 08:45:16 -07:00
Edoardo Prezioso fae40c4782 Change every C version of 'size_t' to C++ 'std::size_t'. 2012-07-09 13:30:18 +02:00
PKEuS d3c44c20ff Refactorized checking of scanf field width specifiers (#3946):
- Removed duplicate check
- Changed severity to portability, when a crash only happens with certain libc versions
- Fixed handling of * in format string (#3877)
- Added support for [...] pattern
- Removed garbage from tests
2012-07-07 04:34:37 -07:00
PKEuS f5c42660de Fixed #3909: Handle constructor syntax initialization. 2012-06-24 09:57:17 -07:00
Robert Reif dc4982115a Improved checking of scanf format strings 2012-06-23 07:52:52 +02:00
Edoardo Prezioso 57ade25099 Fixed checkio.cpp warning in #2123. 2012-06-18 13:08:01 +02:00
PKEuS e191f0d7d4 Fixed test failures in testio caused by my last commit. 2012-06-08 10:35:08 -07:00
PKEuS 9dc8123151 Refactorizations:
- Use const string references instead of const strings copies when possible
- Fixed cppcheck warning about postfix increment in CheckIO
- Use symbolDatabase to detect pointers in CheckOther::checkAssignBoolToPointer
2012-05-25 03:09:41 -07:00
PKEuS 9ca7f6a8c3 Fixed crashes #3830 and #3832 2012-05-23 01:04:21 -07:00
Ettl Martin 1fd6d36493 fixed regression with g++-4.6 (Ubuntu Linux, 64 Bit). Moved local struct definition out of function scope. No functional change. 2012-05-22 15:43:40 +02:00
PKEuS a8382ea553 Implemented file pointer usage checking:
- File I/O without positioning function call (#1742)
- Read/Write to a file that was opened for writing/reading (#463)
- Operations on closed file

Old fflushOnInputStream check is now part of the new check.
2012-05-22 05:30:22 -07:00
PKEuS b81eafe0dc Splitted CheckIO from CheckOther. 2012-05-20 02:57:07 -07:00