Using "--suppress=unmatchedSuppression" did not suppress the error-id in
all files, one needed to specify "*" as file-name. This commit also
allows empty file-names to suppress "unmatchedSuppression", not only "*"
or the exact file-name.
The manual uses the following example for suppressions specified in a
file:
// suppress all uninitvar errors in all files
uninitvar
This example suggests that no "*" has to be used to get suppression in
all files. I think that the command line parameter should work in the
same way.
* Avoid some additional memleakOnRealloc false positives
checkReallocUsage() already contains code to suppress the
`p = realloc(p, size)` error message when the pointer has been
previously copied from another variable (hence there is an additional
copy of the original pointer value) within the same function, as in
the added realloc21() test case.
Extend this so that `p = *pp` and `p = ptr->foo` are also recognized
as copies from another variable with the same original pointer value,
as in the added realloc22() and realloc23() test cases.
* Rewrite as a single findmatch() expression
This adds a regression test to make sure that directly dereferencing a
returned NULL pointer issues a warning.
This has been asked on Stack Overflow:
https://stackoverflow.com/q/58981369
Cppcheck 1.89 does not warn for such a code, but 1.90 dev does. So it
is a good idea to make sure it is detected in the future too I guess.
Format-string arguments are now marked to have `in` direction, except
for `scan`-functions (like `scanf`) where these arguments are explicitly
marked to have `out` direction.
The invalid code in Trac tickets #8750, #8753, #8756, #8762, #8764
and #8765 previously crashed cppcheck. Now it throws a syntax error
instead. Add some tests for these tickets.
* fix syntax error for conversion operator for type with global namespace
* fix syntax error when taking address of operator function
* fix syntax error for using ::operator "" _a;
* fix syntax error for template<> void operator "" _h<'a', 'b', 'c'>() {}
* fix syntax error for operator in parentheses
There are probably a lot more valid code patterns that generates syntax
errors so I added "operator" to the error message to make it easier to
find them.
* Add indirect to library cfg files
* Check indirect for non null arguments
* Reenable subfunction analysis
* Use indirect 1 when using not-null
* Parse correct string name
* Update documentation
* Make attribute optional
* Fix issue 9404: False positive: Either the condition 'if(x)' is redundant or there is possible null pointer dereference: a->x
* Use simpleMatch
* Add a test case for the FP
* Check if expression is changed
* Check for no return scope
* Use simpleMatch
Improve handling of adjacent string literals of different types.
Example of adjacent string literals: "ab" L"cd".
In C89, C++98 and C++03, this is undefined. As of C99 and C++11, this is
well defined and the two string literals are concatenated to L"abcd".
C11 and C++11 introduces the utf16, utf32 and (C++ only) utf8 string
types. Concatenating any of these with a regular c-string works exactely
as the wide string example above. The result of having two adjacent
string literals with different prefix is implementation defined, unless
one is an UTF-8 string literal and the other is a wide string literal.
In this case the behaviour is undefined.
Ignore the undefined and ill-formed programs (this behaviour is unchanged)
and make sure that concatenating a plain c string literal with a prefixed
one works correct (in C99 and C++11 and later versions). It also makes the
behaviour consistent since previously, "ab" L"cd" would result in "abcd"
while L"ab" "cd" would result in L"abcd".
It also means the somewhat awkward updatePropertiesConcatStr() test can
be removed since the added tests would not work if update_properties()
was not called in concatStr().
Since the prefix is stored in the token, testing the type of the string
is not relevant in TestSimplifyTokens. It is tested extensively in
TestToken::stringTypes().
* openssl.cfg: Add OpenSSL library configuration with tests
Reference: https://www.openssl.org/docs/man1.1.1/man3/
* openssl.cfg: Add some configurations for EVP functions
Add alloc/dealloc configuration for EVP_CIPHER_CTX_new and
EVP_CIPHER_CTX_free.
Add configuration for encryption functions that are used in example code
which is added to the tests.
* libsigc++.cfg: Add configuration for library libsigc++
Reference: https://libsigcplusplus.github.io/libsigcplusplus/
* Make code compatible with libsigc++-2.0 instead of 3.0
Since Version 3.0 C++14 is required which is not (fully) supported in
some older GCC versions.
The Windows Data Type SSIZE_T is declared in BaseTsd.h
However, it is written in capital letters
- Fixes e.g. the following false positive:
(portability) %zd in format string (no. 1) requires 'ssize_t' but the
argument type is 'SSIZE_T {aka signed long long}'.
[invalidPrintfArgType_sint]
* Set correct type and size of string and char literals
Use that string and char literal tokens store the prefix. This makes
it possible to distinghuish between different type of string literals
(i.e., utf8 encoded strings, utf16, wide strings, etc) which have
different type.
When the tokens holding the string and character values have the correct
type, it is possible to improve Token::getStrSize() to give the correct
result for all string types. Previously, it would return the number of
characters in the string, i.e., it would give the wrong size unless
the type of the string was char*.
Since strings now can have different size (in number of bytes) and
length (in number of elements), add a new helper function that returns
the number of characters. Checkers have been updated to use the correct
functions.
Having the size makes it possible to find more problems with prefixed
strings, and to reduce false positives, for example in the buffer
overflow checker.
Also, improve the stringLiteralWrite error message to also print the
prefix of the string (if there is one).
* Add comment and update string length
* Fix crashes in valueflow
http://cppcheck1.osuosl.org:8000/crash.html
For instance in http://cppcheck1.osuosl.org:8000/styx
```
==19651==ERROR: AddressSanitizer: SEGV on unknown address 0x00000000001c (pc 0x556f21abc3df bp 0x7ffc140d2720 sp 0x7ffc140d2710 T0)
==19651==The signal is caused by a READ memory access.
==19651==Hint: address points to the zero page.
#0 0x556f21abc3de in Variable::isGlobal() const ../lib/symboldatabase.h:342
#1 0x556f221f801a in valueFlowForwardVariable ../lib/valueflow.cpp:2471
#2 0x556f22208130 in valueFlowForward ../lib/valueflow.cpp:3204
#3 0x556f221e9e14 in valueFlowReverse ../lib/valueflow.cpp:1892
#4 0x556f221f1a43 in valueFlowBeforeCondition ../lib/valueflow.cpp:2200
#5 0x556f2223dbb5 in ValueFlow::setValues(TokenList*, SymbolDatabase*, ErrorLogger*, Settings const*) ../lib/valueflow.cpp:6521
#6 0x556f220e5991 in Tokenizer::simplifyTokens1(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) ../lib/tokenize.cpp:2342
#7 0x556f21d8d066 in CppCheck::checkFile(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::istream&) ../lib/cppcheck.cpp:508
#8 0x556f21d84cd3 in CppCheck::check(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) ../lib/cppcheck.cpp:192
#9 0x556f21a28796 in CppCheckExecutor::check_internal(CppCheck&, int, char const* const*) ../cli/cppcheckexecutor.cpp:884
#10 0x556f21a24be8 in CppCheckExecutor::check(int, char const* const*) ../cli/cppcheckexecutor.cpp:198
#11 0x556f22313063 in main ../cli/main.cpp:95
```
* Add test case for crash in valueflow
Keeping the prefix in the token allows cppcheck to print the correct
string and char literals in debug and error messages.
To achieve this, move some of the helper functions from token.cpp to
utils.h so that checks that look at string and char literals can reuse
them. This is a large part of this commit.
Note that the only user visible change is that when string and char
literals are printed in error messages, the prefix is now included.
For example:
int f() {
return test.substr( 0 , 4 ) == U"Hello" ? 0 : 1 ;
};
now prints U"Hello" instead of "Hello" in the error message.
`__typeof__` is just an alternative keyword for `typeof`, see
https://gcc.gnu.org/onlinedocs/gcc/Typeof.html
Since `typeof` is handled in several checkers it makes sense to define
`__typeof__` as `typeof`.
Tokenizer::simplifyTypedef(): Use `typeof` instead of `__typeof__` to
be consistent with the rest of the code.
* Better handle const/noexcept methods/conversion operator
const or noexcept in a method / (conversion) operator definition were
badly parsed, ending in a bad ast.
This patch tries to make it better, at least making the ast less bad,
so as to avoid errors in later checks.
* Fix parsing of some operator
It is still very broken, but at least, it does not fail.
Here is the previous error:
```
TestSimplifyTypedef::simplifyTypedef129
terminate called after throwing an instance of 'InternalError'
Program received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
51 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
#1 0x00007ffff612a801 in __GI_abort () at abort.c:79
#2 0x00007ffff6b1d957 in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#3 0x00007ffff6b23ab6 in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#4 0x00007ffff6b23af1 in std::terminate() () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#5 0x00007ffff6b23d24 in __cxa_throw () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#6 0x0000555556366bf8 in Tokenizer::cppcheckError (this=0x7fffffffc2d0, tok=0x607000006760) at ../lib/tokenize.cpp:8721
#7 0x000055555636a4bb in Tokenizer::validate (this=0x7fffffffc2d0) at ../lib/tokenize.cpp:9154
#8 0x000055555633e3aa in Tokenizer::simplifyTokenList1 (this=0x7fffffffc2d0, FileName=0x603000002d50 "test.cpp") at ../lib/tokenize.cpp:4477
#9 0x00005555563223ca in Tokenizer::simplifyTokens1 (this=0x7fffffffc2d0, configuration="") at ../lib/tokenize.cpp:2286
#10 0x00005555563235c8 in Tokenizer::tokenize (this=0x7fffffffc2d0, code=..., FileName=0x555556fda9a0 "test.cpp", configuration="") at ../lib/tokenize.cpp:2345
#11 0x00005555569410ea in TestSimplifyTypedef::tok[abi:cxx11](char const*, bool, cppcheck::Platform::PlatformType, bool) (this=0x555557728580 <(anonymous namespace)::instance_TestSimplifyTypedef>,
code=0x7fffffffcb70 "class c {\n typedef char foo[4];\n foo _a;\n constexpr operator foo &() const noexcept { return _a; }\n};", simplify=false, type=cppcheck::Platform::Native, debugwarnings=true) at ../test/testsimplifytypedef.cpp:192
#12 0x000055555697239e in TestSimplifyTypedef::simplifyTypedef129 (this=0x555557728580 <(anonymous namespace)::instance_TestSimplifyTypedef>) at ../test/testsimplifytypedef.cpp:2599
#13 0x000055555694092c in TestSimplifyTypedef::run (this=0x555557728580 <(anonymous namespace)::instance_TestSimplifyTypedef>) at ../test/testsimplifytypedef.cpp:167
#14 0x00005555569cab84 in TestFixture::run (this=0x555557728580 <(anonymous namespace)::instance_TestSimplifyTypedef>, str="simplifyTypedef129") at ../test/testsuite.cpp:306
#15 0x00005555569cb445 in TestFixture::runTests (args=...) at ../test/testsuite.cpp:329
#16 0x000055555687bdfb in main (argc=2, argv=0x7fffffffd988) at ../test/testrunner.cpp:44
```
* Replace some ASSERT_EQUALS with TODO_ASSERT_EQUALS when the actual result is still wrong
* Remove invalid code from simplifyTypedef129
* Properly skip parentheses
* Fix#9389 ("debug: Executable scope 'x' with unknown function." with "using namespace")
* use static rather than anonymous namespace for new functions
Previously, cppcheck discarded the `extern "C"` specifier. This patch modifies cppcheck to parse each as a Scope in the symbol database, then uses that scope to avoid false positives when making recommendations about changing a function argument to be a reference (since variable references is a C++ feature, unavailable in C, and thus unavailable in `extern "C"`).
* Use lifetimes to check for returning reference to temporaries
* Check for dangling temporaries
* Check for unknown types for returining by reference
* Remove old returnTemporary check
* Format
* Check for deref op
* Ternary operator return an lvalue reference
* Warn when returning temporaries from member functions
* Improve handling of pointer to function
* Extend lifetimes of const references
* Fix false negatives in checkBitwiseOnBoolean
Use AST-based tests in favor of token-based tests for greater coverage.
* Travis: add suppressions for bitwiseOnBool
I fixed the AST enough to pass testrunner but I don't believe it is
correct.
This code:
void Foo4(int&&b);
has this AST:
( 'void'
|-Foo4
`-&& 'bool'
|-int
`-b 'signed int'
but I don't believe && should have `bool`.
* Add valueFlowForwardExpression function to forward values of an expression
* Use token for expression
* Fix name in bailout message
* Handle expressions
* Add more tests for more expressions
* Add more tests
* Solve the expression if possible
* Formatting
For c++14, shifting a variable with a value larger than or equal to the
number of bits in the variable is undefined. Left-shifting with a value
equal to the number of bits of the variable is implementation defined.
See also trac ticket #9306.
* use range loops
* removed redundant string initializations
* use nullptr
* use proper boolean false
* removed unnecessary continue from end of loop
* removed unnecessary c_str() usage
* use emplace_back()
* removed redundant void arguments
TODO:
Somehow Cppcheck fails to print an ignoredReturnValue message when the
return value is not used (see ticket
https://trac.cppcheck.net/ticket/9369 )
* Fix memleak FP with return with parenthesis
Fix FPs pointed out by daca@home on the following form:
void* f(void) {
void* x = malloc(1);
return(x);
}
Fix it by only skipping tokens if there is an actual match with a
variable. This allows to remove the special casing of "return;".
* Add testcase with cast
This fixes crashes found by daca where valueType() is NULL. Also,
somewhat related, it removes warnings when casting to a type that is
unknown to cppcheck, for example, there is no longer a warning for the
following code:
void* f() {
void *x = malloc(1);
return (mytype)x;
}
* Fix false negatives in checkAssignBoolToFloat
Detect assignments to expressions involving pointer dereferences, array
element accesses, etc.
* Pass assignment token to assignBoolToFloatError
Pass assignment token rather than boolean token to make error reporting
consistent between checkAssignBoolToFloat and checkAssignBoolToPointer,
as well as with other assignment checks in the code base.
* Make checkAssignBoolToPointer check consistent with checkAssignBoolToFloat
This was most likely introduced when the checks were changed to run on
the full tokenlist instead of the simplified one.
Take care to warn about cases where casts destroy the pointer, such as
uint8_t f() {
void* x = malloc(1);
return (uint8_t)x;
}
* Add impossible category
* Replace values
* Try to adjust known values
* Add ! for impossible values
* Add impossible with possible values
* Remove contradictions
* Add values when the branch is not dead
* Only copy possible values
* Dont bail on while loops
* Load std lib in valueflow
* Check for function calls
* Fix stl errors
* Fix incorrect impossible check
* Fix heap-after-use error
* Remove impossible values when they are lowered
* Show the bound and remove overlaps
* Infer conditions
* Dont push pointer values through dynamic_cast
* Add test for dynamic_cast issue
* Add shifttoomanybits test
* Add test for div by zero
* Add a test for issue 9315
* Dont make impossible value inconclusive
* Fix FP with shift operator
* Improve handleKnownValuesInLoop for impossible values
* Fix cppcheck warning
* Fix impossible values for ctu
* Bailout for streams
* Check equality conditions
* Fix overflows
* Add regression test for 9332
* Remove duplicate conditions
* Skip impossible values for invalid value
* Check for null
* Rename bound to range
* Formatting
Is not allowed to define a type in an alias template definition.
This code:
template<int N>
using A1 = struct B1 { static auto constexpr value = N; };
A1<0> a1;
produces this output:
2: } ;
3: struct B1 { static const auto value = 0 a1 ;
test.cpp:2:57: error: Analysis failed. If the code is valid then please
report this failure. [cppcheckError]
using A1 = struct B1 { static auto constexpr value = N; };
^
because it tries to instantiate the invalid alias template definition
and generates garbage code.
This will now warn when doing something like this:
```cpp
template <class T, class K, class V>
const V& get_default(const T& t, const K& k, const V& v) {
auto it = t.find(k);
if (it == t.end()) return v;
return it->second;
}
const int& bar(const std::unordered_map<int, int>& m, int k) {
auto x = 0;
return get_default(m, k, x);
}
```
The lifetime warning is considered inconclusive in this case.
I also updated valueflow to no tinject inconclusive values unless `--inconclusive` flag is passed. This creates some false negatives because library functions are not configured to not modify their input parameters, and there are some checks that do not check if the value is inconclusive or not.
* make ellipsis ... a single token
Using cppcheck -E to preprocess code with ellipsis produces output that
can't be compiled because ... is split into 3 tokens.
* try to fix addon
This fixes the issue by making `ProgramMemory` keep track of values based on the conditions.
It also removes the `deadpointer` check since it duplicates the `invalidLifetime` check.
* Try harder to track ref lifetimes
* Dont add lifetimes for references
* Use correct token
* Check for front and back as well
* Improve handling of addresses
* Formatting
* Fix FP
* Add missing Qt macros
Add two Qt macros that were missing
* Fix issue with __declspec and final
This change is a bit naive but it fixes the issues I was having when combining __declspec(dllexport) and final classes. Without the fix I get errors along the line of "The code 'class x final :' is not handled. You can use -I or --include to add handling of this code. "
There seems to be no reason for stopping checking the scope if a call to
free() is seen (or fclose() or realloc()), so just continue checking.
Also, if there are multiple arguments, check all, perhaps there are more
memory leaks to warn about.
This fixes the FP in cases like this:
```cpp
void f() {
bool b;
bool * x = &b;
if (x != nullptr)
x = 1;
}
```
It tracks the indirection of the uninit value in valueflow.
-Add iterator end patterns
-Add/fix size and access functions
-Remove marking QList and QStringList as std-like strings
-QStringList configuration now inherits from QList like it is actually the case
-Add tests
Use the AST a little bit more to improve the check. In order to do so,
rewrite the check to work from the outer function first and then check
the arguments, instead of the other way around.
It also fixes Trac ticket #9252, no warning is now given for
void* malloc1() {
return(malloc1(1));
}
This FP seems to be common in daca results.
It also makes it possible to improve handling of casts, for example
cppcheck now warns about
void f() {
strcpy(a, (void*) strdup(p));
}
But not for
char* f() {
char* ret = (char*)strcpy(malloc(10), "abc");
return ret;
}
These FP/FN were introduced when the check was switched to use the
simplified token list.
This fixes false positives from daca@home where freopen is used to
reopen a standard stream. There is no longer a warning for
void f() {
assert(freopen("/dev/null", "r", stdin));
}
It is hard to find good references, one that describes it a bit can
be found here:
https://manpages.ubuntu.com/manpages/bionic/man3/xmalloc.3pub.html
xfree() can be used instead of free().
A check, to verify that a memory leak is found if the memory allocated
via xmalloc() is not freed, has also been added.
* Fix#9225 (Crash on valid C++14 code)
This only fixes the crash. Specialization of nested templates is still
broken.
* fix cppcheck warnings
* fixed another cppcheck warning
* Use library for memleak checks
Change memleakOnRealloc and leakReturnValNotUsed to use library
configuration instead of hardcoding "realloc".
In order to do so, some care needs to be taken when matching for a
reallocation function, since it can no longer be assumed that the input
to be allocated is the first argument of the function. This complicates
getReallocationType() and checkReallocUsage() but is necessary in order
to handle for example freopen() properly.
Also, refactor memleakOnRealloc check to reduce duplicated code when
checking "a" and "*a". When doing so, extending the check to look for
arbitrary number of "*" can be done for free (just change an if
statement to a while statement). Most likely, this is an unusual case in
real world code.
* Remove redundant whitespace in Token::Match()
* Run on simplified checks
* Fix cppcheck warning
* Fix FP memory leak with unknown function call in condition
This was introduced in 8513fb81d2 when
fixing memory leaks for global variables allocated in condition. The
refactored code had an inconsistency where c and c++ code behaved
slightly differently when `var` is NULL. This seemed to not have an
impact as the code was written prior to 8513fb81d2,
but when the same code was used for conditions, FPs were introduced.
The introduced FPs were memleak warnings when there should have been an
information message about missing configurations for code like
void f() {
char *p = malloc(10);
if (set_data(p)) {}
}
Fix this by always returning true if varTok->Variable() is NULL for
both c and c++ code.
* Improve function name
This will diagnose more issues such as:
```cpp
void f(std::vector<int> &v) {
auto v0 = v.begin();
v.push_back(123);
std::cout << *v0 << std::endl;
}
```
* Improve configuration of g_try_realloc and g_try_realloc_n
* Mark g_realloc and similar functions as realloc functions
* Remove g_new, g_new0, etc as <alloc> functions, these are defined as
macros and handled as the functions they're expanded to.
* Add tests. TODO tests will be resolved by using the library
configuration in the checker.
* Fix adding unescaped slash token when splitting gcc case range.
Construction like case '!'...'~' converted to a list of separate case
tokens. When slas '\' symbol appears as a part of this list it was added
"as is", but it should be escaped like '\\' to be valid c++ code.
* Add test for switch-case range with slash
* Fix#9097 (Crash on thousands of "else ifs"s in gcc-avr package)
* increase recursion count maximum to 512 because cppcheck was hitting the 256 limit
* 512 was too much for windows
* Refactor Tokenizer::simplifyUsing to use continue to reduce indentation
added function findTemplateDeclarationEnd to skip template declarations
to reduce duplicate code
* fix travis build
This switches to use lifetime analysis to check for assigning to non-local variables:
```cpp
class test
{
public:
void f()
{
int x;
this->ptr = &x;
}
protected:
int *ptr;
};
```
* Partial fix for #9191 (simplifyTypedef: Problem when namespace is used)
This fixes simplifyUsing which has the same problem as simplifyTypedef.
simplifyUsing was designed to support using namespace but it was never
implemented. The changes are minor to add it.
simplifyTypedef requires much more work to support using namespace.
* reduce scope of variable
* make idx const
* Allow to configure realloc like functions
* memleakonrealloc: Bring back tests.
The old memleak checker was removed, and the tests for it was removed in
commit 9765a2dfab. This also removed the
tests for memleakOnRealloc. Bring back those tests, somewhat modified
since the checker no longer checks for memory leaks.
* Add realloc to mem leak check
* Add tests of realloc buffer size
* Configure realloc functions
* Add test of freopen
* Allow to configure which element is realloc argument
* Fix wrong close in test
cppcheck now warns for this
* Update manual
* Update docs
* Rename alloc/dalloc/realloc functions
Naming the member function realloc caused problems on appveyor. Rename
the alloc and dealloc functions as well for consistency.
* Change comparisson order
* Remove variable and use function call directly
* Create temporary variable to simplify
* Throw mismatchError on mismatching allocation/reallocation
* Refactor to separate function
* Fix potential nullptr dereference
As pointed out by cppcheck.
* Overlapping sprintf, improve handling of casts
If there is a cast of the argument buffer, cppcheck would print out the
expression including the cast, which looks a bit strange to talk about
Variable (char*)buf is used as...
Instead, only print the variable name without the cast.
Also, handle arbitrary many casts (the previous code only handled one).
Multiple casts of the input arguments is probably an unusual case in
real code, but can perhaps occur if macros are used.
* Fix printing of variable
... and add a test.
* Simplify testcase
* Update symbol database such that the override keyword implies that the function is also virtual
* Add test case for implicit override
* change isVirtual to hasVirtualSpecifier
* fix method documentation for getVirtualFunctionCalls and getFirstVirtualFunctionCallStack
* Fix isImplicitlyVirtual to consider the override keyword and document logic
* Fix getFirstVirtualFunctionCallStack and getVirtualFunctionCalls to use isImplicitlyVirtual instead of isVirtual so new test case passes
* Fix#9047 (c-style casts before malloc)
Note that there are still no warnings for c++-style casts
* Fix memleak check with casts of assignments in if-statements
* Fix possible null pointer dereference
As pointed out by cppcheck.
* Add check of astOperand2 when removing casts
This is similar to how it is done in other checks.
Further to pull request #1938. Changes were missed in previous commit.
Resolve warnings `warning: zero as null pointer constant` in code by
using C++ 11 recommended `nullptr`.
Building with enhanced clang warnings indicated a large number of
instances with the warning:
`warning: zero as null pointer constant`
Recommended practice in C++11 is to use `nullptr` as value for
a NULL or empty pointer value. All instances where this warning
was encountered were corrected in this commit.
Where warning was encountered in dependency code (i.e. external library)
no chnages were made. Patching will be offered upstream.
* fix adding instantiation of first argument to an instantiation
* add support for function pointer template variables
* fix more cases where templates ending in ">>" are changed to end in "> >"
* fix travis build
* standard types can't be a template parameter name
* remove redundant level == 0 checks
* fix lambda in template variable
* fix a test
This reverts commit 2a4be5ae1c.
When I look at daca@home now there are still lots of false negatives. So this bailout did not cause as much false negatives as I thought.
strdup() allocates the string length plus one for a terminating null
character. Add one to compensate for this.
Fixes false positive buffer out of bounds on code like this:
void f() {
const char *a = "abcd";
char * b = strdup(a);
printf("%c", b[4]); // prints the terminating null character
free(b);
}
Also, add a testcase for valueFlowDynamicBufferSize() and add tests for
strdup(), malloc() and calloc().
* Add non const version of some methods of Token
The aim is to reduce the (ab)use of const_cast.
* Cleanup some more const_cast in valueflow
* Remove useless const_cast
* Remove some const_cast from templatesimplifier
* Remove some const_cast from valueflow
* template simplifier: add 2 new template parameter simplifications
int{} -> 0
decltype(int{}) -> int
This fixes reduced test cases like #9153. I'm not sure they will help
real world code that much.
It was necessary to increase the pass count to 4 to get #9153 completly
simplified.
* relax decltype(type{}) simplification to any type
Refactored simplifyTemplateAliases to iterate over template type aliases
rather than instantiations. This fixed template type aliases that were
not templates.
Don't instantiate templates in template type aliases. They will get
instantiated once the type alias is instantiated. This required
increasing the template simplifier pass count to 3 so one of the
existing tests continued to work.
Specialized member classes declared outsize the class were not
recognized. This caused the the member class to be instantiated rather
than the specialized class. We already had a test for this but it was
wrong so it went unnoticed.
With the following code
int f(int x, int y) {
if (!!(x != 0)) {
return y/x;
}
cppcheck would wrongly warn that there might be a division by zero in
"return y/x;".
* template simplifier: fix instantiation of variadic template with no arguments
* fix white space change
* add support for <class...>
* add variadic template flag
* Fix issue 8890: AST broken calling member function from templated base class
* Format
* Check for double bracket
* Add test to createLinks2
* Remove extra test
* Reduce test case for links
This will warn for cases where searching in an associative container happens before insertion, like this:
```cpp
void f1(std::set<unsigned>& s, unsigned x) {
if (s.find(x) == s.end()) {
s.insert(x);
}
}
void f2(std::map<unsigned, unsigned>& m, unsigned x) {
if (m.find(x) == m.end()) {
m.emplace(x, 1);
} else {
m[x] = 1;
}
}
```
In the case of the map it could be written as `m[x] = 1` as it will create the key if it doesnt exist, so the extra search is not necessary.
I have this marked as `performance` as it is mostly concerning performance, but there could be a copy-paste error possibly, although I dont think thats common.
A common pattern is to have a function like similar to this:
bool isFlagSet(uint32_t f) {
return f & 0x4;
}
Warning that the function returns a non-boolean in this case is too
noisy, it would be better suited for a Misra check, so remove the
warnings in the most obvious cases.
Change the astStringVerbose() recursion to extend a string instead of
returning one. This has the benefit that for tokens where the recursion
runs deep (typically large arrays), the time savings can be substantial
(see comments on benchmarks further down).
The reason is that previously, for each token, the astString of its
operands was constructed, and then appended to this tokens astString.
This led to a lot of unnecessary string copying (and with that
allocations). Instead, by passing the string by reference, the number
of temporary strings is greatly reduced.
Another way of seeing it is that previously, the string was constructed
from end to beginning, but now it is constructed from the beginning to
end. There was no notable speedup by preallocating the entire string
using string::reserve() (at least not on Linux).
To benchmark, the changes and master were tested on Linux using the
commands:
make
time cppcheck --debug --verbose $file >/dev/null
i.e., the cppcheck binary was compiled with the settings in the
Makefile. Printing the output to screen or file will of course take
longer time.
In Trac ticket #8355 which triggered this change, an example file from the
Wine repository was attached. Running the above cppcheck on master took
24 minutes and with the changes in this commmit, took 22 seconds.
Another test made was on lib/tokenlist.cpp in the cppcheck repo, which is
more "normal" file. On that file there was no measurable time difference.
A synthetic benchmark was generated to illustrate the effects on dumping
the ast for arrays of different sizes. The generate code looked as
follows:
const int array[] = {...};
with different number of elements. The results are as follows (times are
in seconds):
N master optimized
10 0.1 0.1
100 0.1 0.1
1000 2.8 0.7
2000 19 1.8
3000 53 3.8
5000 350 10
10000 3215 38
As we can see, for small arrays, there is no time difference, but for
large arrays the time savings are substantial.
Before this fix, the code:
```
class A {
A(int, int x=3){
x;
}
};
```
Was considered OK.
But explicit keyword is still needed
I'm still new to open-source contributions, so I will gladly take advice.
This fixes simplifyUsing to remove 'typename' and 'template' from type
aliases of the form: using T3 = typename T1::template T3<T2>;
This lets the template simplifier instantiate the type alias which will
then remove the using type alias.
The crash will still happen if there is no instantiation because the
type alias will not be removed. The type alias is what cppcheck is
crashing on after the template simplifier and that still needs fixing.
* Fixed#8889 (varid on function when using trailing return type.)
Don't set varid for trailing return type.
* Add a test for #9066 (Tokenizer::setVarId: varid set for trailing return type)
* Handle 'arguments' sections in compile_commands.json
Previous code assumes 'commands' exists and ill assert if t does not.
* Correct typo checking for "arguments" rather than "commands"
* Use ostringstring rather than stringstream
* Add test deominstrating graceful degradation
* Add test for parsing "arguments" rather than "commands"
This is trying to fix the issue by fixing the ast and symbol database. First, the ast nodes will be created for the init list and the symbol database will not mark it as a scope. I am not sure if this is the correct approach as I dont really understand how the AST part works.
It did change the AST for `try {} catch (...) {}` but that is because it incorrectly treats `try {}` as an initializer list.
Improve the internal check for redundant null pointer check before
calling Token::Match() (and friends). Now, warn about code snippets like
if (a && tok && Token::Match(tok, "foo"))
Also, extend the check for the inverted case.
There is still no warning for
if (tok && a && Token::Match(tok, "foo"))
since that would require checking if a is independent of tok.
* teststring.cpp: Fix ternary syntax in tests
* stringLiteralWrite: Add tests wide character and utf16 strings
* suspiciousStringCompare: Add test with wide character string
* strPlusChar: Handle wide characters
* incorrectStringCompare: Add test with wide string
* Suspicious string compare: suggest wcscmp for wide strings
* deadStrcmp: Extend to handle wide strings
* sprintfOverlappingData: Print name of strcmp function
* Conversion of char literal to boolean, add wide character tests
* Conversion of char literal to boolean, fix ternary
This only fixes the crash. It does not fix the underlying problem of
template using with templates of templates causing the use of deleted
instantiations.
This fixes issue 8996 by improving the alias checking by using lifetime analysis. It also extends the lifetime checker to handle constructors and initializer lists for containers and arrays.
Some POSIX and Windows functions require buffers of at least some
specific size. This is now possible to configure via for example this
minsize configuration: `<minsize type="value" value="26"/>`.
The range for valid buffer size values is 1 to LLONG_MAX
(9223372036854775807)
- Remove redundant function configurations for the same function since
it is not (yet) possible to configure overloaded functions. Instead mark
the optional arguments with `default="0"` so the configuration works
with a different number of arguments.
- Add documentation to boost.cfg (links and function declarations).
- Rearranged configurations so functions, defines, ... are together now.
- Add `direction` for function arguments where applicable.
- Add some tests to boost.cpp.
There are important TODOs still; for instance adding CTU support using our CTU infrastructure, add handling of pointers (maybe I'll use FwdAnalysis for this), add handling of multidimensional arrays, etc..
This handles concatenated strings and characters from simplecpp.
Previously, L'c' would be preprocessed to the tokens "L" and "'c'".
cppcheck would then remove the "L" token and set "'c'" to be a wide
character literal. Now, it needs to remove the prefix instead.
When doing this, add handling of utf32 encoded literals (U) and UTF-8
encoded literals (u8).
CheckUninitVar::isMemberVariableAssignment uses argument direction "out"
now also to check for assignment when the member variable is handed over
to a function by reference.
testuninitvar.cpp: Improve tests, use a test library configuration.
strcpy_s belongs to the standard so it must be in std.cfg instead of
windows.cfg.
Configuration for strcpy_s has been improved and tests were added.
Found by daca@home
* std.cfg: Add further argument directions (in, out, inout).
* testlibrary.cpp: Add test for function argument direction configuration.
* std.cfg: runastyle and add some more direction configurations.
* library.h: Add documentation for function argument direction enum.
* Do not use "direction" library information for pointer arguments.
Also fix further unmatched uninitvar messages in std configuration
tests.
* std.cfg: Add more argument direction configurations.
* test/cfg/std.c: Add test for argument direction configuration.
* astutils.cpp: Only ignore pointer arguments for out/inout arguments.
* library.h: Use suggested documentation for argument direction enum.
For now, only print the ways of running testrunner and the few options
that are available.
Also, refactor to remove an unneeded const_cast and use a range for loop.
Partially fixes#8514.
* template simplifier: make sure all instantiations are found and expanded in #5097
* template simplifier: check output on another test
* template simplifier: add output to another test
* template simplifier: instantiate template class when something inside class instantiated.
* template simplifier: add output to another test that now works
This uses the lifetime analysis to check when comparing pointer that point to different objects:
```cpp
int main(void)
{
int foo[10];
int bar[10];
int diff;
if(foo > bar) // Undefined Behavior
{
diff = 1;
}
return 0;
}
```
This will now warn for cases like this:
```cpp
auto& f() {
std::vector<int> x;
return x[0];
}
```
It also improves the handling of address of operator, so it can now warn across some function calls, like this:
```cpp
int& f(int& a) {
return a;
}
int* hello() {
int x = 0;
return &f(x);
}
```
Even if `ptr` is a local variable, the object `ptr->item` might be not.
So taking address of `ptr->item` is definitely not unsafe in general.
This commit fixes false positives triggered by commit
1.85-249-gf42648fe2 on the following code of sssd:
https://github.com/SSSD/sssd/blob/d409df33/src/sbus/request/sbus_request.c#L359
This reworks constStatement to find more issues. It catches issue [8827](https://trac.cppcheck.net/ticket/8827):
```cpp
extern void foo(int,const char*,int);
void f(int value)
{
foo(42,"test",42),(value&42);
}
```
It also catches from issue [8451](https://trac.cppcheck.net/ticket/8451):
```cpp
void f1(int x) {
1;
(1);
(char)1;
((char)1);
!x;
(!x);
~x;
}
```
And also:
```cpp
void f(int x) {
x;
}
```
The other examples are not caught due to incomplete AST.
Add a call to simplifyPlatformTypes() in
SymbolDatabase::setValueTypeInTokenList() to simplify return types of
library configured functions. This fixes the FN in #8141. Regression
tests are added, both for the original issue and another FN in the comments.
In order to do that, move simplifyPlatformTypes() to TokenList from Tokenizer.
This is a pure refactoring and does not change any behaviour. The code was
literally copy-pasted from one file to another and in two places
'list.front()' was changed to 'front()'.
When adding the call to simplifyPlatformTypes(), the original type of
v.size() where v is a container is changed from 'size_t' to 'std::size_t'.
Tests are updated accordingly. It can be noted that if v is declared as
'class fred : public std::vector<int> {} v', the original type of 'v.size()'
is still 'size_t' and not 'std::size_t'.
* Fixed#8962 ("(debug) Unknown type 'T'" with template typename parameter)
Only simple one parameter template functions with one function parameter
are supported.
* Added TODO test case for FIXME.
* Fixed#8971 ("(debug) Unknown type 'x'." using alias in class members)
* template simplifier: partial fix for #8972
Add support for multi-token default template parameters.
* template simplifier: fix for #8971
Remove typename outside of templates.
Qt defines `Q_NULLPTR` with `nullptr` if it is available, otherwise with `NULL`.
Since there seems to be no (sane) way to configure it the same way in the library configuration it is just defined with `NULL`.
* Fixed#8960 ("(debug) Unknown type 'x'." with alias in template class alias)
This commit adds non-template type alias support to the template
simplifier. Only relatively simple type aliases are supported at this
time. More complex types will be added later.
--debug-warnings will show unsupported type aliases.
Type alias support will be removed from the symbol database in the
future. Type alias tests have been removed from the symbol database
tests.
* Add the changes.
* Fix codacy warning.
* Fix travis warnings.
* template simplifier: fix crash on windows
Use right token when searching for template type alias to delete.
* template simplifier: fix a cppcheck warning
* Remove newlines after check(
* Remove unneeded statements after if-statements
As an example, the previous test case
check(
"bool foo(int x) {\n"
" if (x < 0)"
" return true;\n"
" return false;\n"
"}");
is changed to
check("void foo(int x) {\n"
" if (x < 0) {}\n"
"}");
This has basic handling of GUI projects. But further work will be needed to handle addons etc, the plan is that we will be able to run addons from the command line soon.
The unsigned less than zero checker looked for patterns like "<= 0".
Switching to use valueflow improves the checker in a few aspects.
First, it removes false positives where instead of 0, the code is using
0L, 0U, etc. Instead of having to hard code the different variants of 0,
valueflow handles this automatically. This fixes FPs on the form
uint32_t value = 0xFUL;
void f() {
if (value < 0u)
{
value = 0u;
}
}
where 0u was previously not recognized by the checker. This fixes#8836.
Morover, it makes it possible to handle templates properly. In commit
fa076598ad, all warnings inside templates
were made inconclusive, since the checker had no idea if "0" came from
a template parameter or not.
This makes it possible to not warn for the following case which was
reported as a FP in #3233
template<int n> void foo(unsigned int x) {
if (x <= n);
}
foo<0>();
but give a warning for the following case
template<int n> void foo(unsigned int x) {
if (x <= 0);
}
Previously, both these cases gave inconclusive warnings.
Finally, it makes it possible to give warnings for the following code:
void f(unsigned x) {
int y = 0;
if (x <= y) {}
}
Also, previously, the checker for unsigned variables larger than 0, the
checker used the string of the astoperand. This meant that for code like
the following:
void f(unsigned x, unsigned y) {
if (x -y >= 0) {}
}
cppcheck would output
[unsigned-expression-positive.c] (style) Unsigned variable '-' can't be negative so it is unnecessary to test it.
using expressionString() instead gives a better error message
[unsigned-expression-positive.c] (style) Unsigned expression 'x-z' can't be negative so it is unnecessary to test it.
Use `--check-library` for all tests as it was done before.
Re-enable all tests in runtests.sh again.
The regressions where runtests.sh would fail are disabled via "FIXME"
comment in the inline suppression comment.
* Add regression test for #6906
Ticket #6906 was fixed in f65cf220ba.
Add a test to make sure there are no regressions.
* Add regression test for #7284
Ticket #7284 was fixed in 5d1fdf7958.
Add tests to avoid regressions.
This will use the lifetime checker for dangling references. It will find these cases for indirectly assigned reference:
```cpp
int &foo()
{
int s = 0;
int& x = s;
return x;
}
```
This will also fix issue 510 as well:
```cpp
int &f( int k )
{
static int &r = k;
return r;
}
```
As discussed in https://trac.cppcheck.net/ticket/8931 a regression test is added
to the test/cfg/runtests.sh script to make sure that unmatchedSuppression messages result in an Cppcheck exit code that signals a failure.
On linux systems (like travis) Qt often seems to be built with the option "reduce_relocations" which requires an application using it to specify the option "-fPIC".
* fix for CMake compile_commands.json input - director does not include trailing / which makes include directories wrong - so add it if it doesnt exist
* fix the bugfix for trailing / in the directory name of CMAKE JSON file, add also new test case to see if it works in both cases (with and without trailing /)
* revert adding accidental new line
To be able to use real Qt-Code in "test/cfg/qt.cpp" and still do a
syntax check the Qt settings are read out via pkg-config now if it is
available. This way the test now can contain Qt macros and functions and
the syntax check can still be used.
Additionally the same options as for the other tests are used now for
the Qt config tests.
Installing the package "qtbase5-dev" should be enough to enable the
syntax checks (already installed for travis tests).
This fixes valueflow to have a value for `||` operator here:
```cpp
bool f()
{
bool a = (4 == 3); // <-- 0
bool b = (3 == 3); // <-- 1
return a || b; // <-- 1
}
```
When comparing if the shift is large enough to make the result zero, use
an unsigned long long to make sure the result fits. Also, a check that
avoids setting the value if the shift is equal to or larger than the
number of bits in the operand (this is undefined behaviour). Finally,
add a check to make sure the calculated value is not too large to store.
Add test cases to cover this.
This was detected by an MSVC warning.
valueflow.cpp(1350): warning C4334: '<<' : result of 32-bit shift implicitly
converted to 64 bits (was 64-bit shift intended?)
This fixes issue in:
```cpp
void f()
{
char stack[512];
RGNDATA *data;
if (data_size > sizeof (stack))
data = malloc (data_size);
else
data = (RGNDATA *)stack;
if ((char *)data != stack)
free (data); // <- data is not stack
}
```
It seems the `ProgramMemory` can't handle two known values(such as int and tok) together. So instead `ValueFlowAfterAssign` runs `ValueFlowForward` with tok values and then runs it with the other values.
I sometimes find myself wondering which test cases I have broken when I fiddle with some check (since I then can try running these specific tests in the debugger, or make a small change and see if the tests pass). This PR adds the testclass and the test case names to the file and line number. I took special care to cover the case where an assert would be placed directly in the ```run()```-function, i.e., not inside a test case (from what I could see, no such case exists). If there is no need to handle this case, the code can be simplified (there wouldn't be need for the ```teardownTest()```-function for example).
The exact format for how to print the test name is very much up for discussion.
This makes arrays non-null in valueflow, so it can catch comparisons against null that is always true:
```cpp
void f(void) {
int buf[42];
if( buf != 0) {;} // << always true
}
```
Add a check for function arguments that can be constant:
```cpp
extern void bar(int);
void f(int x) {
bar((x & 0x01) >> 7); // function 'bar' is always called with a '0'-argument
}
```
* Implement hexadecimal float conversion in MathLib::toDoubleNumber independent of C99/C++17
* Refactor MathLib::isFloatHex and cure some false results
So this unifies the `valueFlowAfterCondition` so it re-uses more code between checking for integers and container sizes. This should make valueFlowContainer more robust.
It also extends valueflow to support container comparisons such as `if (v.size() < 3)` or `if (v.size() > 3)` using the same mechanism that is used for integers.
* Modify template simplifier to add forward declarations of some template functions so symbol database can make sense of the expanded templates.
* Fix travis.
This fixes several FPs in the lifetime checker. It also fixes issue [8846](https://trac.cppcheck.net/ticket/8846):
```cpp
int * f(int a[])
{
return a;
}
```
* Use lifetime analysis for pointers as well
* Fix issue 1143: Pointer to local array
* Update message when using pointers
* Avoid infinite loop in tracing lifetimes
* Inital valueflow lifetime checker
* Forward values
* Add initial tests
* Fix deplicate messages
* Fix traversing nested lambdas
* Turn test case into a todo
* Skip if returning a container
* Fix FP when using references
* Add missing header
* Fix FP from broken scopes
* Fix FP with static variable
* Add test for more FPs
* Parse lambda functions
* Check for capture by value
* Add tests for using a container and lambda together
* Fix cppcheck errors
* Add test for nextAfterAstRightmostLeaf
* Add valueflow tests
* Update error message
* Check for correct lambda token
* Improve error path reporting
* Fix hang when parsing arrays that look almlost like lambdas
* Add valueflow for terminating conditions
* Add valueflow test
* Dont check for same expressions for now to avoid double diagnostics
* Check nesting
* Add more tests
* Ensure conditions happen in order
* Check for null
* Add error path
* Support same expression check as well
* Use early continue
* Skip checking the same token
* Avoid double condtion diagnosis
* Fix FP when in switch statements
* Fix FP when time function
* Skip conditional escapes
* Use simpleMatch
* Fix naming
* Fix typo
* Add check for return value of boolean function
The rule for converting an integer to a boolean is that 0 is mapped to
false and everything else is mapped to true. There is nothing wrong with
the following code (according to the standards):
bool f()
{
return -1;
}
and neither gcc nor clang will warn about it. However, it's a bit
confusing. This commit adds a check that warns when a value other than 0
or 1 is returned from a boolean function (similar to the existing check
that functions with boolean arguments are only passed 0 or 1). Since the
code is perfectly legal, set the severity to "Style".
* Use early continue and remove some braces
* Add testcase with multiple returns
* Avoid null pointer dereference in case of return without operand
* Skip lambdas
Add TODO-test cases that shows FPs when the return type of lambdas are
specified explicitly (this is a problem with findLambdaEndToken).
* Enable testcases
* findLambdaEndToken: Add tests
* Add handling of explicit return in findLambdaEndToken()
* Use AST in findLambdaEndToken()
* Fix ast when lambda is mutable
The checker does not care if it's a header or source file. So I guess these tests were added to test
some parsing problem. Nowadays, #line is removed by simplecpp::preprocess, but there is no proper
testing for it in simplecpp.. I will add some testing for #line asap.
It is possible to define default template parameter values in forward
declarations and not define any in the actual declaration. Cppcheck
ignores forward declarations and only uses the default values in the
actual declaration so default values in forward declarations are copied
to the actual declaration when necessary.
* insecureCmdLineArgs: Fixed FN in case strdup() copies argv[].
* Formatted the code. There are no functional changes intended.
* Changes due to review comments from Daniel.
* Identify return conditions in multiconditions
* Improve error messages
* Check return statements are always true or false
* Add more tests for FPs
* Fix FP when returning const like variables
* Fix FP when returning pointers or classes
* Fix FP with member variable access
* Check non-local variables
* Use simplematch
* Check for null
* Improve STL interators checking
* Improve error messages for container iterators from different scopes
* Mini refactoring
* Replace hardcoded pattern to ValueType::Type::ITERATOR
* Error messages improvements, more tests and refactoring
* Refactoring after code review
* Put getting operand data into separate function
* Update getErrorMessages and iterator errors ids
* Refactoring
* Fix error
* Refactoring, early return implementation
* Delete redundant code
* Tiny changes in comments
* Fix specialized template regression.
Only check for instantiation of template being processed rather than
count of all instantiations.
* Add 2 more tests.
* insecureCmdLineArgs: Fixed false negatives in case arguments are const.
* Formatted the code, there are functional changes.
* Simplified matching as suggested by Daniel.
* #4241: Check for address of single character passed as string
Add a check that address of a single character is not passed as argument
to argument marked as strings (using strz). The check does not warn if
the address of a character with known value '\0'.
Since ValueFlow currently does not handle global constants (see #7597),
do not warn if the variable is global to avoid FPs when the address of
a global variable assigned to '\0' is passed to a function expecting a
string.
Remove comment in docs saying strz is unused.
* Change asdf to Hello world
* Add test of address to first element in string
* Add error reporting function to getErrorMessages
* Fix strings in test
* Fixed#8693 (Template specialization: Constructor detected as normal function (functionStatic error))
Refactor template simplifier to remove the existing full specialization
function expandSpecialized and allow full specializations to use the
existing function expandTemplate. The function expandTemplate was
modified to either expand the template like it originally did by copying
it or to modify the template in place. Both instantiated and
uninstantiated full specializations are modified in place. This also
fixes#8692 and probably other related tickets as well.
The function simplifyTemplates now tries twice to simplify templates so
more templates can be simplified. We should try as many times as
necessary to find all possible templates. We can't do that now because
uninstantiated templates are left unchanged. It is relatively straight
forward to have the new code also expand in place uninstantiated
templates with their symbolic types but namespaces are not handled
properly (ticket #8671) and it would introduce regressions.
* Fix travis warnings.
The while part of a do-while loop looks almost like a function call, so
extend the check for function calls to ignore while-statements.
Note that there was only an FP when checking c-code, since the check is
disabled for c++-code. Therefore, make sure the test cases are run on a
c-file.
isVariableDeclaration did not handle pointer to const pointer, or
pointer to volatile pointer. This resulted in FPs in examples like the
following:
class Fred {
public:
const char *const *data;
const char *const *getData() { return data; };
}
where cppcheck would say getData could be static, since it didn't
recognize const char *const *data as a variable declaration.
* Fixed#8683 (Using deleted token with multiple template instantiations.)
* Fixed#8321 (heap use after free: templatesimplifier)
* Add a flag to Token indicating that it has a pointer to it.
* Run dmake
* Fix one source of list pointers to deleted tokens.
Refactor TemplateSimplifier class to get access to template lists.
Remove many function parameters now that they are class variables.
Fix one source of list pointers to deleted tokens.
Add tests with no output to catch crashes.
* Run dmake again.
* Make 2 more functions private.
* Make requested changes.
* Missed one change request.
* Use TokenList rather than Tokenizer.
* Move TokenAndName constructor to cpp file so token.h is not needed in header file.
* Check if member function modifies the variable
* Check for const pointer
* Add test for const condition
* Add more null checking
* Add todo assert for FN
* Allow syntax "typedef 'typename' unsigned 'typename' (functon_name)()" for some old libraries
https://trac.cppcheck.net/ticket/7792
* Unnecessary check of "tokOffset", match-function already checks if it is null
* add testcase ticket #7792: simplifyTypedef124
* Follow variables when comparing same expression
* Remove assert include
* Dont follow function arguments
* Improve the checking to check more cases
* Add more tests
* Check if the variable is used inside a loop
* Follow both variables
* Only skip loops when variable is modified in scope
* Fix FP when followed variable is modified
* Dont follow arrays
* Skip pointer indirection
* Make recursive
* Improve checking more variables
* Fix test with sizeof
* Skip following operators
* Fix test when using sizeof
* Dont check every step
* Use early returns
* Update test to use a loop instead of conditional
* Add static
* Check variables are global
* Check local variables in another scope
* Fix issue with const pointers
* Distinguish between pointer indirection and multiply
* Use simple match
* Prevent crash with uniform initialization
* Use unary op and ast to detect pointer indirection
* Expand error message when expression do not match exactly
* Add errorpath to issameexpression
* Revert "Clarify warning message for 'Same expression on both sides of operator'"
This reverts commit 0e491b41a8.
* Check if the tokens are the same
* Report the operator and not the expressions
* Fix issue 6856: add checks in isOppositeCond when using == and < or >
* Move tests to testcondition
* Fix some more tests
* Fix test messages
* Remove the float check
* Add tests for log10{,f,l} valid arguments
* Add log2{,f,l} to checkfunctions
* Add log1p{,f,l} to checkfunctions
* checkfunctions: Simplify check for log function limit out of range
The conditions for negative and non-negative int and float were
identical so the call to isNegative can be removed and the if-statements
be simplified.
* Set values in else branch even when the first branch modifies the value
* Move tests
* Add check for goto
* Remvoe todo
* Also check scope is noreturn
* Use isEscapeScope when variables are changed
* Fix issue 470: Condition is always true or false on logical operators
* Dont warn on literals
* Compute logical operators using valueflow
* Fix FP when using literals
* Always warn on subconditions that are always true
* Use percent matches first
* Add test for logical operators
* Check if parent is null
* Add tests for invalid ranges
* Refactor loadLibErrors
This reduces the amount of code slightly and will simplify adding
more tests.
* Handle empty valid field
Before this change, the sequence <valid></valid> in a config file would
result in a segmentation fault. Now an empty field results in the error
message:
cppcheck: Failed to load library configuration file 'mycfg.cfg'. Bad attribute value '""'
* Add support for valid for floating point arguments
Previously, it was not possible to add valid ranges to floating point
arguments since it only handled integers. This made ranges not work well
for floating point arguments since arguments were cast to integers
before the ranges were handled.
Fix this by using doubles instead of integers if the argument is a float.
Add some tests for this and make sure errors are printed with enough
precision (somewhat arbitrarily chosen).
Note that it is still only possible to add integer ranges (i.e. -1:1).
* Add support for floats in configuration valid range
Now that it is possible to handle decimal arguments, there is no reason
to not allow non-integer ranges. Take care to not allow broken
configurations.
* Move check to within if-clause
* Move asin{,f,l} and acos{,f,l} input checks to config file
Commit 5cc8da2db4 introduced syntax checking of xml-files. This broke
running the file directly in the test/cfg folder since it assumed the
config files to check were located in cfg in the current working
directory. Fix this by adding a variable that holds the correct path.
* Added declaration for deletePrevious function
* Added definition for deletePrevious function
* Fixed crash from deleteThis invalidating pointers
The crash was caused by deleteThis() invalidating the pointer to a constant variable usage. This happened when a usage followed an assignment. This fixes bug #8579.
* Added tokensFront to match tokensBack
This means deletePrevious can set the list's front if necessary.
* Initialised tokensFront in appropriate places
* Switched to using default Token constructor
* Switched to using Token default constructor
* Switched to using default constructor for Token
* Added missing argument to Token constructor
* Changed to use default constructor for Tokens
* Switched to using default constructor for Tokens
* Switched to using default constructor for Token
* Added new test for deleting front Token
Also made sure to use the correct constructor for Token in other tests.
* Syntax error
* Replaced tokensFront and tokensBack with a struct
This decreases the size of the Token class for performance purposes.
* Replaced tokensFront and tokensBack with a struct
* Added tokensFrontBack to destructor
* Reworked to use TokensBackFront struct
Also ran astyle.
* Reworked to use TokenList's TokensFrontBack member
* Reworked to use TokensFrontBack struct
* Reworked to use TokensFrontBack struct
* Reworked to work with TokensFrontBack struct
* Removed unnecessary scope operator
* Added missing parentheses
* Fixed syntax error
* Removed unnecessary constructor
* Default constructor now 0-initialises everything
This is safer for not using a temporary TokensFrontBack object, and doesn't use delegating constructors which aren't supported yet.
* Fixed unsafe null check
* Added missing explicit keyword
* Fixing stylistic nits
Removed default constructor as it has been superseded by the single-argument constructor with a default argument value.
Renamed listEnds to tokensFrontBack.
Fixed if statement that was supposed to be adding safety but would actually cause a crash if tokensFrontBack was null.
* Fixing stylistic nits
Removed default constructor and replaced it with a single-argument constructor with a default value.
* Fixing stylistic nits
Renamed _listEnds to _tokensFrontBack.
* Fixing stylistic nits
Renamed _listEnds to _tokensFrontBack.
* Remove duplicate namespace aliases so they don't produce syntax errors.
DACA2 results showed new SymbolDatabase syntax errors when duplicate
namespace aliases were simplified improperly. The solution is to remove
them in the tokenizer when found.
* Add tests for deleting namespace aliases at end of token list.
* Use eraseTokens to delete multiple tokens at once.
* Don't remove the volatile keyword so we can properly overload functions.
I fixed all the checks that had tests that use volatile. There will
probably be more changes needed due to lack of test coverage for
volatile in some checks.
* Fix unused private function warning.
* Add support for namespace aliases and C++17 nested namespaces.
These are implemented as tokenizer simplifications so changes are not
needed to the tokenizer and symbol database.
* Fix codacy warning.
Make the names of uninitvar_* functions consistent and fix typos.
Remove completely redundant functions/tests. Combine according tests if
they are not completely redundant.
* SymbolDatabase: improve checking of uninstantiated templates
* Add bailout and debug warning for '>' token without a link in SymbolDatabase::findFunction()..
Don't crash on bad code simplification from tokenizer.
minsize with argvalue for arg 2 which is a char pointer makes no sense.
Changing it to minsize with strlen for arg 2 results in false positives
(and i think false negatives too).
In std.c a test with a valid vsprintf usage is added that would result
in a FP when minsize with strlen for arg 2 would be used.
* Check for double frees when using smart pointers
* Some updates from feedback
* Add test for mismatch allocation
* Constants
* Check smart pointer deleter
* Switch order
* Use next
* Add owned state
* Fix handling of leaks
* Use ast for checking addressof operator
* Remove stray character
* Add a test for mismatch allocator
* Add another test for deallocating with custom function
Remove TEXT() macro from windows.cfg and handle it internally where it
can be correctly simplified (Ansi vs. Unicode).
Also add handling of _TEXT() macro which is just a synonym for _T().
Add tests to verify correct function and macro simplification.
* Check for duplicate assignments
* Improve checking of expression
* Add more tests
* Use simple match
* Improve robustness of check
* check for null
* Reduce side effects by checking for side effects
* Improve verbose message
* Reword the error message
* Improve valeflow analysis with comparison operators
* Use simple match
* Dont add 0 on comparisons
* Check reverse comparisons
* Use nullptr
* Remove duplicate code tests
Add configuration and tests for LocalAlloc, LocalFree and some other
Local* functions.
LocalReAlloc is currently not configured as an alloc/dealloc function
(like realloc is not configured in std.cfg), i am not sure how to
correctly configure it.
* Check for functions calls in sizeof calculations
* Use seperate message and id for sizeofFunction
* Check for overloads
* Using decltype with a function should not be an error
* Fix warning
* Fix false positives when running pass the close paren
* Fix test error
* Try to fix more false positives
* Traverse using astOperand2
* Only check first argument
* Update fixes from feedback from PR
Enhance *Equal/*Compare/*Copy/*Move/*Zero/*Fill memory functions to
catch buffer access out of bounds errors and ignored return values.
Replaced some function configuration by according defines as it is done
in windows to avoid redundant (and error prone) configurations.
Add configuration for G_UNLIKELY and G_LIKELY to avoid syntax errors
when these macros are used as condition without enclosing brackets.
Add test file to verify Gtk library configuration. Syntax check for the
test file is only done when Gtk+2.0 or Gtk+3.0 is found and working.
Tested on Cygwin and on Ubuntu 16.04.
Add Windows Socket 2 type/function configuration. There are still many
(microsoft specific) socket functions that are not yet configured.
Add configuration for GetUserName(), GetWindowText() and _fileno().
On Windows __wchar_t is a synonym for wchar_t, so an according define is
added.
wxDebugContext is only defined if wxUSE_DEBUG_CONTEXT is 1, so otherwise
just skip it for syntax checking because it will fail.
Change wxT to wxT_2 and add wxT_2 to the config to remove a warning
during syntax check and be more compatible with newer/older wxwidgets
versions.
Be more precise when replacing function like macros, fix redundant macro
definition for "_".
* Fix#8382 (Syntax error when scanning code with template and attribute)
This commit only addresses #8382. There are issues concerning which
versions of C++ should be supported and also generic C++ 14 attribute
support which can be revisited later.
* Remove all C++ style attributes.
Remove all C++ style attributes when C++ version is 11 or greater.
Rename simplify function to simplifyCPPAttributes.
Handle more cases of roreturn function attribute.
First resolved TODO in std.c is obsolete since the "res" variable is used later
and there is therefore no warning issued.
Second resolved TODO in std.c: A warning for uninit variables is issued by
cppcheck, so this check can be enabled. Since assert() has no noreturn configuration
(currently a useful configuration is not really possible, see ticket 8329) the
check-library message is suppressed.
Add equivalent tests for the wide character string functions like they
are already done for the normal string functions.
Fixed some issues with the configuration of the wide character string
functions that arised through the tests and were already fixed for the
normal string functions.
For the syntax check g++ needs to know the wxWidgets include paths which
are retrieved via wx-config. If includes are missing or not working the
syntax check is skipped.
wxwidgets.cpp: Fixed syntax, includes and added code so the syntax check
does not fail if some special features are not present.
Add test file for wxwidgets configuration, fix found issues and enhance
the cfg a bit:
Fix declarations in comments for wxLog* functions.
Merge the two wxTextFile::Create overloaded function configurations into
one that works for both now.
Removed use-retval attribute from wxBoxSizer::AddSpacer and
wxButton::SetDefault configuration since the functions have side effects
and there is no need to use the return value.
Add some function configurations, the macro _(str) and POD wxLogLevel.
The following snippet triggerd the error:
template<typename DerivedT>
template<typename T>
auto ComposableParserImpl<DerivedT>::operator|( T const &other ) const -> Parser {
return Parser() | static_cast<DerivedT const &>( *this ) | other;
}
Whenever simplifyFunctionParameters was called on a templated class'
templated member function (and probably any nested template), the
tokenizer would recognise it as a syntax error, assuming that return
type *must* come after a template<> token.
Add function configurations with tests for:
GetLocalTime, GetSystemTime, GetLastError, SetLastError,
AllocateAndInitializeSid, FreeSid, HeapAlloc, HeapReAlloc, HeapFree,
HeapSize, HeapValidate and GetProcessHeap.
test/cfg/runtests.sh: Enable --inconclusive for the windows tests to
avoid some issues in the future.
Add configuration for the deprecated strlwr/strupr functions with
according warning.
test/cfg/windows.cpp: Added tests for strlwr and strupr. Moved function
call that does not return (FreeLibraryAndExitThread) to the end of the
function to fix analysis that was silently aborted at that point
(reported as issue #8378).
* posix library: Add strtok tests
In the posix library there is the same configuration for strtok but a
warning is added.
* posix.cfg: Remove redundant configuration for strtok, add comment.
* checkio: Fixed potential usage of invalid iterator.
* formatted the code.
A ticket about FN (invalidIterator1) is created at https://trac.cppcheck.net/ticket/8373
* Fixes issue with case inside switch that is not a compound statement was treated as garbage
This fixes an issue with the check for case keywords outside of switch
detection that would treat a case statement inside a switch that is not
a compound statement as garbage, but this is perfectly valid C++. This
construct is used in several libraries, i.e. Google Test.
* Tweak check and handle missing semicolon
Tweaks the check with feedback from danmar.
Handle the case where there is no semicolon and document it with a unit
test.
Implemented tests for the following windows configurations (more will
follow):
-Semaphore usage
-lstrcat function configuration
-_countof macro configuration
-Mutex usage
-Library usage (LoadLibrary, GetProcAddress, ...)