Commit Graph

403 Commits

Author SHA1 Message Date
Daniel Marjamäki 5ae6234729 Fixed #5978 (false positive: Array 'm_pool_vector[-1]' accessed at index 0, which is out of bounds.) 2014-07-20 11:44:25 +02:00
Dmitry-Me 13234a7366 Shorten code by using temp variables, cleanup variable names. 2014-07-14 12:20:00 +04:00
Alexander Mai df95cd09f0 Fix compiler warnings about type mismatch 2014-07-08 21:47:22 +02:00
Daniel Marjamäki 254b6438b9 CheckBufferOverrun::checkStringArgument: sizeof string is strlen+1 2014-07-08 16:04:09 +02:00
Daniel Marjamäki 4d0189c672 CheckBufferOverrun: Fixed crash. The crash occured in ThreadHandler in the deserialize() function. Probably because " was used in error message. 2014-07-08 07:08:51 +02:00
amai2012 9b38ae73c1 Attempt to fix 2 Coverity messages.
Replace a few unsigned int by std::size_t
2014-07-07 21:25:30 +02:00
Daniel Marjamäki 3169a2d215 astyle formatting
[ci skip]
2014-07-06 17:50:21 +02:00
amai2012 0ddd7752b5 Avoid crash reported in #5943 (using the example from duplicate ticket #5971)
Replace a few size_t/unsigned int by std::size_t
2014-07-06 14:48:24 +02:00
amai2012 f1bf38004b Fix MSVC compiler warnings 2014-07-06 13:08:22 +02:00
Daniel Marjamäki 0fd334911a Fixed #5257 (Check memcpy size for string literals) 2014-07-06 08:41:39 +02:00
amai2012 77095e2b05 Add some more functions to posix.cfg which allow to enable TestBufferOverrun::buffer_overrun_1_posix_functions
Fix some compiler warnings on MSVC
2014-07-05 22:47:10 +02:00
Daniel Marjamäki a3acc3241e Library: Added <minsize> element used for buffer overrun checking 2014-07-05 20:31:43 +02:00
Daniel Marjamäki 6c8558c112 CheckBufferOverrun: Removed old for-loop handling. This is handled through ValueFlow from now on. 2014-06-27 06:46:42 +02:00
Daniel Marjamäki 036b2f8ccf CheckBufferOverrun: Added bufferOverrun2 that is based on ValueFlow/SymbolDatabase/Ast from the start. Replaced some old checking. 2014-06-26 17:36:20 +02:00
PKEuS ec1bd420a7 Refactorizations optimizing std::string usage:
1) Added global static const std::string emptyString; object:
-> Replaces some static variables in functions which might be not threadsafe
-> Avoids constructor call (std::string::string(""))
-> Even functions that return an empty string in some branches can return by reference now.
Added to config.h to ensure that it is available everywhere

2) Added overloads for TestFixture::assertEquals for the most common use cases:
-> Moves conversion from const char[] to std::string into a function, reducing code duplication in binary.
2014-06-26 11:51:02 +02:00
PKEuS feefa4c626 Speedup checking large amounts of arrays (#5615) by avoiding Token::Match calls in CheckBufferOverrun::checkScope(2).
-> Decreased entire checking time on a subset of the attached file by 66% (MSVC12, x64, non-matchcompiled)
2014-06-26 11:51:02 +02:00
PKEuS 2d54bace1b Improved performance of CheckBufferOverrun::checkScope() (#5944):
-> Speedup by 40% (MSVC12, x64, not matchcompiled) on the file attached to the ticket
2014-06-23 19:06:59 +02:00
Dmitry-Me 7692a306cd Cleanup code - reorder checks and make variable declaration scope narrower. 2014-06-06 18:58:20 +04:00
PKEuS d93d7401c6 Moved getSourceFilePath(), isC() and isCPP() from Tokenizer to TokenList
Conflicts:
	lib/tokenize.cpp
2014-06-04 18:36:25 +02:00
Simon Martin f7356dd8c7 Only fill total_size in CheckBufferOverrun::checkFunctionParameter when it's useful. 2014-05-29 23:51:13 +02:00
Simon Martin 139f87af18 Ticket #5615: Avoid calling the same function n times when once is enough. 2014-05-29 19:58:09 +02:00
Simon Martin 966491d40b Added a test for out-of-bounds character array access. 2014-05-27 16:21:13 +02:00
PKEuS effa38c322 Fixed #5863 (False positive: array index is used before limits check) 2014-05-24 17:50:01 +02:00
PKEuS 8f79dc3ff8 Cleaned up includes and forward declarations in checkers:
- Removed definitely unnecessary forward declarations (e.g. "class Token"; token.h is already included by check.h, so a definition is unnecessary)
 - Removed unused includes
2014-05-24 12:50:03 +02:00
PKEuS b0b0562247 Removed obsolete piece of code from checkbufferoverrun.cpp 2014-05-24 11:29:32 +02:00
PKEuS 5fbd58d98d Fixed messages of CheckInternal, fixed a false positive. 2014-05-18 20:39:52 +02:00
PKEuS 04fbbdb5e8 Refactorized CheckBufferOverrun::arrayIndexThenCheck() and fixed false negative 2014-05-10 13:00:44 +02:00
Daniel Marjamäki ed1d63ffc0 Fixed #5636 (FP: matrix out of bounds) 2014-05-03 18:12:06 +02:00
Dmitry-Me a7c7b00407 Reuse variable value, return earlier. 2014-04-24 12:24:40 +04:00
Dmitry-Me 9b74d43473 Rename local variable plus return a bit earlier on edge condition. 2014-04-23 11:18:09 +04:00
Philipp Kloke ddf34440b6 Refactorization: Replaced several Token::findmatch calls by symboldatabase usage 2014-04-12 23:41:46 +02:00
Alexander Mai 89dc652af9 #5631 Typo and misleading error message in negativeMemoryAllocationSize 2014-04-08 20:23:00 +02:00
Daniel Marjamäki 3c64c70ce2 ValueFlow: Added utility functions getValueLE and getValueGE to simplify usage 2014-04-02 06:49:28 +02:00
Daniel Marjamäki deef4642d4 Buffer overrun: removed some old code that is not based on valueflow 2014-03-29 20:22:35 +01:00
Daniel Marjamäki e5301b2b7a ValueFlow: Improved valueflow of for loop 'for (i=a; i<10; i++)' => unknown start value but end value is known 2014-03-29 20:20:22 +01:00
PKEuS 9b307cf8e0 Improved readability of testsuite output when ASSERT_EQUALS_MSG fails.
Fixed another true positive in checkbufferoverrun.cpp
AStyle
2014-03-27 16:06:30 +01:00
Daniel Marjamäki d22da5e683 astyle formatting
[ci skip]
2014-03-26 06:56:13 +01:00
Daniel Marjamäki fa7ae1ae5b Fixed segfault when checking libusbx (daca2) 2014-03-26 06:51:56 +01:00
Daniel Marjamäki 87daf5783e buffer overflow: clean up old checking for negative index 2014-03-25 20:37:32 +01:00
Daniel Marjamäki c8004a8d31 Buffer overruns: Use ValueFlow to detect negative index 2014-03-25 18:22:22 +01:00
PKEuS 49b25b05d9 Fixed crash in CheckBufferOverrun on garbage code (#5595) 2014-03-21 13:20:44 +01:00
Thomas Jarosch 93341f4449 Use simple match where possible
Fixes these warnings found by "--enable=internal":

[lib/checkclass.cpp:972]: (warning) Found simple pattern inside Token::Match() call: "* *"
[lib/checkbufferoverrun.cpp:635]: (warning) Found simple pattern inside Token::Match() call: "."
[lib/checkbufferoverrun.cpp:1397]: (warning) Found simple pattern inside Token::Match() call: ";"
[lib/checksizeof.cpp:299]: (warning) Found simple pattern inside Token::Match() call: "."
[lib/checksizeof.cpp:301]: (warning) Found simple pattern inside Token::Match() call: ")"
[lib/checksizeof.cpp:303]: (warning) Found simple pattern inside Token::Match() call: "]"
[lib/checksizeof.cpp:318]: (warning) Found simple pattern inside Token::Match() call: ")"
[lib/checknullpointer.cpp:413]: (warning) Found simple pattern inside Token::Match() call: "delete"
[lib/checkio.cpp:1336]: (warning) Found simple pattern inside Token::Match() call: "> ("
[lib/checkstl.cpp:1509]: (warning) Found simple pattern inside Token::findmatch() call: ";"
[lib/checkstl.cpp:1512]: (warning) Found simple pattern inside Token::findmatch() call: ";"
[lib/checkstl.cpp:1594]: (warning) Found simple pattern inside Token::Match() call: "="
[lib/checkstl.cpp:1598]: (warning) Found simple pattern inside Token::Match() call: "] ="
[lib/checkunusedvar.cpp:755]: (warning) Found simple pattern inside Token::Match() call: "goto"
[lib/checkunusedvar.cpp:793]: (warning) Found simple pattern inside Token::Match() call: "="
[lib/checkuninitvar.cpp:376]: (warning) Found simple pattern inside Token::Match() call: "> ("
[lib/checkother.cpp:86]: (warning) Found simple pattern inside Token::Match() call: "> ("
[lib/checkother.cpp:2181]: (warning) Found simple pattern inside Token::Match() call: "> {"
[lib/valueflow.cpp:54]: (warning) Found simple pattern inside Token::Match() call: "&"
[lib/valueflow.cpp:409]: (warning) Found simple pattern inside Token::Match() call: "do"
[lib/valueflow.cpp:425]: (warning) Found simple pattern inside Token::Match() call: ") {"
[lib/valueflow.cpp:487]: (warning) Found simple pattern inside Token::Match() call: ") {"
[lib/valueflow.cpp:511]: (warning) Found simple pattern inside Token::Match() call: "} else {"
[lib/valueflow.cpp:615]: (warning) Found simple pattern inside Token::Match() call: "for ("
[lib/symboldatabase.cpp:80]: (warning) Found simple pattern inside Token::Match() call: "= {"
[lib/symboldatabase.cpp:1069]: (warning) Found simple pattern inside Token::Match() call: "std ::"
[lib/tokenize.cpp:2207]: (warning) Found simple pattern inside Token::Match() call: "< >"
[lib/tokenize.cpp:2730]: (warning) Found simple pattern inside Token::Match() call: ";"
[lib/tokenize.cpp:4234]: (warning) Found simple pattern inside Token::Match() call: "try {"
[lib/tokenize.cpp:4235]: (warning) Found simple pattern inside Token::Match() call: "} catch ("
[lib/tokenize.cpp:5500]: (warning) Found simple pattern inside Token::Match() call: "INT8"
[lib/tokenize.cpp:5752]: (warning) Found simple pattern inside Token::Match() call: "}"
[lib/tokenize.cpp:5752]: (warning) Found simple pattern inside Token::Match() call: "do"
2014-03-14 16:27:47 +01:00
Daniel Marjamäki 7fa73c0d64 Merge pull request #256 from xypron/5505
5505: FP: Array accessed out of bounds
2014-03-09 08:47:18 +01:00
Heinrich Schuchardt bd67db96f1 5505: FP: Array accessed out of bounds
CheckBufferOverrun::checkFunctionParameter alreacy considered usage of a
function parameter inside an if block as a special case.

With the patch the same is done for switch statements.

A test is added.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2014-03-07 19:51:13 +01:00
Daniel Marjamäki a41a32ba8a Fixed #5469 (CheckBufferOverrun: Use nullptr) 2014-02-28 17:02:03 +01:00
Lauri Nurmi 70a67eaf85 Change some more 0 literals into nullptr. 2014-02-16 13:38:50 +02:00
Daniel Marjamäki 23efc68dd7 use nullptr 2014-02-16 10:32:10 +01:00
Daniel Marjamäki fd3a8a2a18 Update copyright 2014-02-15 07:45:39 +01:00
Lucas Manuel Rodriguez 828609bb11 Fixed two doxygen errors - http://cppcheck.sourceforge.net/devinfo/doxygen-errors.txt 2014-02-09 16:46:49 -03:00
Martin Ettl 6ca7daec10 Fixed #389: Providing negative value to memory allocation function. 2014-02-01 22:38:29 +01:00