Commit Graph

195 Commits

Author SHA1 Message Date
Oliver Stöneberg 75b6e8d258
inline visitAstNodes() calls (#3828) 2022-02-13 20:46:01 +01:00
Oliver Stöneberg 6e57cc4323
small utils.h cleanup (#3821) 2022-02-11 19:44:08 +01:00
Daniel Marjamäki 3989408738 Update copyright year 2022-02-05 11:45:17 +01:00
Armin Müller 5a05631c84
Typos found by running "codespell" (#3702) 2022-01-13 17:24:26 +01:00
Oliver Stöneberg 0ba9cb4e64
fixed some unusedFunction warnings (#3618) 2022-01-04 15:48:08 +01:00
Oliver Stöneberg 54b54567cf
astutils.cpp: optimized isSameExpression() a bit - reduces average Ir from 294 to 213 when analyzing test folder (#3528) 2021-12-11 15:10:15 +01:00
Paul Fultz II 12e731ad49
Fix 10605: FP containerOutOfBounds with empty() check (#3572) 2021-11-25 22:34:00 +01:00
Daniel Marjamäki f701a9361d chmod; Use 644 for source files 2021-11-17 08:25:25 +01:00
Paul Fultz II a0d3c2c719
Handle for loop conditions in afterCondition (#3561) 2021-11-14 18:30:36 +01:00
Paul Fultz II c057dcce0f
Fix 10592: False positive: returnDanglingLifetime (#3557) 2021-11-11 08:00:05 +01:00
Paul Fultz II 035c70c441
Fix 10578: Value not impossible after check (#3549) 2021-11-07 18:19:56 +01:00
Paul Fultz II 48fc70b810
Dont stop analysis when an unrelated class variable is changed (#3518) 2021-10-23 14:47:10 +02:00
Paul Fultz II 89515600e4
Fix 10538: FN: nullPointer (std::swap pointers) (#3504) 2021-10-15 10:58:16 +02:00
Paul Fultz II 8668d445c7
Add support for string_view (#3480) 2021-10-05 08:28:19 +02:00
chrchr-github 428144c53c
Fix #10513: vector constructed from pointers (#3473) 2021-10-04 07:55:17 +02:00
Daniel Marjamäki f3d9755e65 UninitVar: too many warnings (pointer dereference) 2021-10-03 18:12:29 +02:00
chrchr-github 609e20d9d8
ValueFlow: string can be constructed from init list (#3459) 2021-10-02 23:09:49 +02:00
Paul Fultz II 0335671b35
Fix 10450: regression, FP : Iterator 'iter' from different container 'l' are used together (#3436) 2021-09-05 07:35:33 +02:00
Paul Fultz II 865163b2ba
Add library configurations for free functions like std::size, std::empty, etc (#3410) 2021-08-23 09:03:48 +02:00
Paul Fultz II 59a1c1a9d8
Refactor: Remove variable analyzer (#3339) 2021-07-18 07:46:31 +02:00
Paul Fultz II 3e78e76fe8
Fix issue 10076: ValueFlow: False positive after address of var is taken 'T t = {{{&var}}};' (#3283) 2021-06-03 07:31:46 +02:00
Daniel Marjamäki d549770b5b updated extracttests.py. fix syntax errors in test cases. 2021-05-13 20:21:02 +02:00
Oliver Stöneberg 6397e29f84
cleaned up includes based on include-what-you-use (#3141) 2021-04-03 21:30:50 +02:00
Paul Fultz II 5077663684
Fix issue 9979: false positive: containerOutOfBounds with conditional resize (#3136) 2021-03-30 14:02:28 +02:00
Daniel Marjamäki 42437277dc Update Copyright year 2021-03-21 20:58:32 +01:00
Paul Fultz II 0e871c178f
Fix issue 10141: Errors with ref assignment (duplicateValueTenary and knownEmptyContainer) (#3093) 2021-02-09 15:27:46 +01:00
IOBYTE 4e1ff86bb2
use nonneg int for varid and exprid (#3085) 2021-01-27 19:49:13 +01:00
Ken-Patrick Lehrmann 00707455be
10110: Fix FP knownConditionTrueFalse (#3053) 2021-01-25 17:23:47 +01:00
Paul Fultz II c860de8565
Fix issue 8143: valueFlowCondition: before and inside while (#3045) 2021-01-23 17:52:01 +01:00
Paul Fultz II b1c56d33ac
Fix issue 9133: Invalid iterator; vector::push_back, functions (#3008) 2021-01-11 18:47:38 +01:00
Daniel Marjamäki b8f45a5c65 Replace and fix findBreakScope with findNextTokenFromBreak 2020-12-25 08:43:14 +01:00
Daniel Marjamäki 8bd783f820 Refactoring; Added findBreakScope and Scope::isLoopScope() 2020-12-24 22:58:31 +01:00
Paul Fultz II 904d52acac
Fix issue 10004: ValueFlow: pointer value, wrongly set known value (#2931) 2020-12-03 07:15:31 +01:00
Paul Fultz II bd7e915c20
Add generic reverse valueflow (#2878) 2020-11-10 16:00:55 +01:00
Paul Fultz II 857722f859
Fix issue 9711: FP knownConditionTrueFalse for variable modified via pointer (#2813) 2020-09-20 14:27:09 +02:00
Paul Fultz II 94850fec3f
Fix issue 9897: False positive: nullPointerRedundantCheck (#2805) 2020-09-14 09:17:29 +02:00
Daniel Marjamäki df99d8aa0a
Merge pull request #2719 from pfultz2/fp-unreachable-alias
Fix issue 9807: False positive: ValueFlow in unreachable code, || lhs is true
2020-07-23 09:52:54 +02:00
Paul dbb410cdae Merge branch 'main' into condition-in-expr 2020-07-21 13:28:59 -05:00
Paul e2a81a382f Track reading aliases during valueflow forward 2020-07-19 23:25:35 -05:00
Daniel Marjamäki e0be224f4e
Merge pull request #2709 from pfultz2/fp-duplicate-cond-this
Fix FP of duplicateCondition when modifying the this variable
2020-07-13 21:14:58 +02:00
Paul 519f2a537a Format 2020-07-13 13:55:45 -05:00
Paul 450bdfedf3 Fix FP of duplicateCondition when modifying the this variable 2020-07-13 12:40:01 -05:00
Daniel Marjamäki f34ff9325a Fixed testrunner 2020-06-29 21:53:14 +02:00
Daniel Marjamäki a0770f05e1 Reuse 'extractForLoopValues' in ValueFlow 2020-06-29 21:01:43 +02:00
Paul d5b6d49d96 Fix issue 9578: false negative: (style) Condition '...' is always false 2020-06-28 15:28:08 -05:00
Daniel Marjamäki c42c751d61 ExprEngine; Fixed testing 2020-06-28 13:41:27 +02:00
Paul Fultz II eb4754b7d9
Fix issue 9587: False positive: parameter can be declared with const (#2667) 2020-05-31 10:10:10 +02:00
Oliver Stöneberg 37bc0483a4
made check.h less heavy (#2633) 2020-05-23 07:16:49 +02:00
Daniel Marjamäki 08ddd84780 Update copyright year 2020-05-10 11:16:32 +02:00
Daniel Marjamäki 3e0218299b Revert "Update copyright year"
This reverts commit 6eec6c4bd5.
2020-05-10 11:13:05 +02:00
Daniel Marjamäki 6eec6c4bd5 Update copyright year 2020-05-10 11:11:34 +02:00
Oliver Stöneberg 2c1e36e63e
cleaned up includes based on include-what-you-use (#2600)
* cleaned up includes based on include-what-you-use

* check.h: trying to work around Visual Studio 2012 bug

* fixed Visual Studio compilation
2020-04-13 13:44:48 +02:00
Paul Fultz II 921887a281
Use valueFlowGeneric for valueFlowForwardExpression (#2537) 2020-02-16 16:02:22 +01:00
Paul Fultz II 7368a54629
Add generic valueflow forward analysis (#2511) 2020-02-13 16:27:06 +01:00
Paul Fultz II d858bfc338
Fix issue 9599: False positive: Using object that points to local variable that may be invalid (#2530)
* Fix issue 9599: False positive: Using object that points to local variable that may be invalid

* Improve tests

* Skip else
2020-02-11 11:45:10 +01:00
Paul Fultz II 8fa7dd0fe0
Fix issue 9595: False positive: Using pointer to temporary doesn't account for const ref extended temporary lifetimes (#2525) 2020-02-10 18:01:11 +01:00
Rikard Falkeborn b1c6f2946a
Fix redundant FP assignment with unsigned zero (#2521)
* Refactor isNullOperand out of FwdAnalysis

* Improve isNullOperand

* Fix redundantAssignment FP with unsigned zero

* isNullValue check number

* Enhance isNullOperand to handle c++ casts

Also handle cast of NULL.
2020-02-09 11:16:08 +01:00
Paul Fultz II dd05839a7e Fix false positives in knownConditionTrueFalse when using expressions with const variables (#2469) 2020-01-03 19:35:28 +01:00
Paul Fultz II c75bbbe253 Fix issue 9404: False positive: Either the condition 'if(x)' is redundant or there is possible null pointer dereference: a->x (#2322)
* Fix issue 9404: False positive: Either the condition 'if(x)' is redundant or there is possible null pointer dereference: a->x

* Use simpleMatch

* Add a test case for the FP

* Check if expression is changed

* Check for no return scope

* Use simpleMatch
2019-11-08 08:11:41 +01:00
Paul Fultz II d1f225b8ee Fix issue 9201: FP: returnDanglingLifetime on pointer to variable of static struct (#2303)
* Fix issue 9201: FP: returnDanglingLifetime on pointer to variable of static struct

* Fix capture of non-local variables in lambdas
2019-11-05 07:10:32 +01:00
Paul Fultz II c38bbb75e4 Fix issue 9448: Check for temporaries from library function calls (#2312) 2019-11-03 22:02:10 +01:00
Daniel Marjamäki 28182084f2 Fix crash when there are too many nested scopes. Bail out after 1000 nested scopes. The crash was in gcc and was seen with daca@home. 2019-11-02 18:23:10 +01:00
Paul Fultz II 694d147097 Refactor ProgramMemory and PathAnalysis (#2311)
* Traverse conditions for container size

* Move program memory to seperate file

* Revert "Traverse conditions for container size"

This reverts commit 914783769f.

* Move pathanalysis to seperate files
2019-10-30 17:57:46 +01:00
Paul Fultz II 4eb4762d95 Extend lifetime checking to temporaries (#2242)
* Use lifetimes to check for returning reference to temporaries

* Check for dangling temporaries

* Check for unknown types for returining by reference

* Remove old returnTemporary check

* Format

* Check for deref op

* Ternary operator return an lvalue reference

* Warn when returning temporaries from member functions

* Improve handling of pointer to function

* Extend lifetimes of const references
2019-10-08 09:28:39 +02:00
Paul Fultz II 166bd2bafc Fix issue 2153: valueFlowAfterCondition: struct member (#2228)
* Fix issue 2153: valueFlowAfterCondition: struct member

* Fix null pointer dereference

* Formatting

* Check for another null pointer

* Initialize variables

* Remove redundant condition

* Format

* Add missing initialization to copy constructor

* Format
2019-09-30 21:04:43 +02:00
Paul Fultz II 597d0fa35b Support expression in valueFlowAfterCondition (#2219)
* Add valueFlowForwardExpression function to forward values of an expression

* Use token for expression

* Fix name in bailout message

* Handle expressions

* Add more tests for more expressions

* Add more tests

* Solve the expression if possible

* Formatting
2019-09-26 10:32:25 +02:00
Paul Fultz II ba037837c9 Track lifetime across multiple returns
This will now warn when doing something like this:

```cpp
template <class T, class K, class V>
const V& get_default(const T& t, const K& k, const V& v) {
    auto it = t.find(k);
    if (it == t.end()) return v;
    return it->second;
}
const int& bar(const std::unordered_map<int, int>& m, int k) {
    auto x = 0;
    return get_default(m, k, x);
}
```

The lifetime warning is considered inconclusive in this case.

I also updated valueflow to no tinject inconclusive values unless `--inconclusive` flag is passed. This creates some false negatives because library functions are not configured to not modify their input parameters, and there are some checks that do not check if the value is inconclusive or not.
2019-09-11 19:25:09 +02:00
Paul Fultz II dc0b3527ad Fix issue 9311: False positive duplicateCondition "same if condition" with pointer inside array of struct (#2166)
* Check for typeOf through an array

* Handle array constructors

* Format

* Fix compile error on gcc 4.8
2019-09-10 19:41:35 +02:00
Paul Fultz II 27ebff7ae4 Add deeper analysis of when a function changes a containers size (#2149)
* Add deeper analysis of when a function changes a containers size

* Fix issues

* Track addressOf
2019-09-06 21:18:45 +02:00
Paul Fultz II 0b9e823fc8 Fix issue 9305: False positive uninitvar - struct initialized via function (#2123) 2019-08-30 18:32:45 +02:00
Paul Fultz II 03fe6795bf Fix issue 9302: FP uninitvar - struct accessed via pointer (#2121) 2019-08-29 08:38:50 +02:00
Paul Fultz II c0a8d628b9 Fix issue 6010: Uninitialized inner struct (#2098)
* Fix issue 6010: Uninitialized inner struct

* Show to root variable that is unitialized

* Warn on pointer dereferences
2019-08-23 06:23:20 +02:00
Paul Fultz II 3aef0c9bd3 Fix issue 8715: regression uninitvar not detected (#2092) 2019-08-16 07:48:54 +02:00
Paul Fultz II ef714225bb Use library to track container lifetimes 2019-08-15 21:14:54 +02:00
Paul Fultz II af214e8212 Fix issue 8825: ValueFlow: uninitialized struct member (#2087)
* Pass uninit value across pointers

* Add more testing
2019-08-15 10:44:55 +02:00
Paul Fultz II bd02ca5ccb Fix issue 9207: Not detected 'always true' and unreachable code 2019-08-08 07:46:47 +02:00
amai2012 f02636e995 Refactoring: Convert enums to enum classes 2019-08-02 21:14:29 +02:00
Paul Fultz II ee28a45db4 Fix issue 9235: new crash in astutils isVariableChanged from endless recursion (#2040) 2019-07-26 07:03:21 +02:00
versat 641b350cf7 astutils.h: Remove conflicting function declaration for isAliased()
This function was made static with commit 6c82685fbf
2019-07-24 13:23:54 +02:00
Paul Fultz II bb52a63c4e Add check for const variables
When a local reference is declared, this will check if that local reference can be declared as `const`.
2019-07-24 09:59:01 +02:00
Paul Fultz II a08a9c1349 Switch to use lifetime analysis for iterators and pointers to invalid containers
This will diagnose more issues such as:

```cpp
void f(std::vector<int> &v) {
    auto v0 = v.begin();
    v.push_back(123);
    std::cout << *v0 << std::endl;
}
```
2019-07-18 10:56:44 +02:00
Daniel Marjamäki 0014fe880e Mark members and arguments with 'nonneg' 2019-07-14 12:22:33 +02:00
Daniel Marjamäki 5d853bcb58 Avoid 'unsigned' in astutils 2019-07-13 16:13:21 +02:00
Paul Fultz II b0d10273ed Fix issue 3695: Handle class pointers
This switches to use lifetime analysis to check for assigning to non-local variables:

```cpp
class test
{
public:

  void f()
  {
    int x;
    this->ptr = &x;
  }

protected:
  int *ptr;
};
```
2019-07-07 10:16:19 +02:00
Ken-Patrick d6f6e68fa2 Fix false positive 9167 (#1904)
Skip returns from local class/struct definition in FwdAnalysis.
2019-07-03 08:17:06 +02:00
Scott Furry 1994b21ae5 Minor Corrections to Doxygen data (#1935)
Increasing the verbosity in Clang, warnings were produced that identified
differences in code and doxygen-formatted comments.

Corrections applied to silence warnings yet still convey intent of original comments.
2019-06-30 09:17:42 +02:00
Daniel Marjamäki 9c3c2d785b Fixed Cppcheck warning 2019-06-29 07:46:25 +02:00
Paul Fultz II 108cdaa485 Fix FP with unreadVariable (#1859) 2019-05-31 08:06:36 +02:00
Paul Fultz II a90caa7e5a Fix issue 9006: False positive: Return value of function std::move() is not used.
This is trying to fix the issue by fixing the ast and symbol database. First, the ast nodes will be created for the init list and the symbol database will not mark it as a scope. I am not sure if this is the correct approach as I dont really understand how the AST part works.

It did change the AST for `try {} catch (...) {}` but that is because it incorrectly treats `try {}` as an initializer list.
2019-04-15 06:37:27 +02:00
Daniel Marjamäki bd7790fd8c Update copyright year 2019-02-09 07:24:06 +01:00
Paul Fultz II d7c20b15e7 Fix FP with const argument when doing a variable and cast (#1649) 2019-02-07 14:59:09 +01:00
Daniel Marjamäki 115be7dfc8 ValueFlow: better FwdAnalysis for complex expressions 2019-01-01 18:23:47 +01:00
Daniel Marjamäki ed514644b8 Renamed FwdAnalysisAllPaths to FwdAnalysis 2018-12-31 18:00:47 +01:00
Daniel Marjamäki 141ce7cd63 ValueFlow: Use FwdAnalysisAllPaths in ValueFlow to track complex expressions 2018-12-31 17:05:46 +01:00
Daniel Marjamäki ddbe5c129c Clarify FwdAnalysis. It is useful for checks that need data flow analysis of ALL paths. 2018-12-25 11:56:06 +01:00
Paul Fultz II 9b973e652c Issue 8830: New check: Function argument evaluates to constant value
Add a check for function arguments that can be constant:

```cpp
extern void bar(int);
void f(int x) {
   bar((x & 0x01) >> 7); // function 'bar' is always called with a '0'-argument
}
```
2018-12-17 06:04:24 +01:00
Daniel Marjamäki 1f27cd56c0 FwdAnalysis; Code cleanup, isNullOperand 2018-12-13 21:01:33 +01:00
Daniel Marjamäki 0b4e08cac9 Use FwdAnalysis in UnusedVar. This is still work-in-progress. Merging to master branch so it can be tested. 2018-12-13 18:52:56 +01:00
Daniel Marjamäki 452318dfa4 Remove FwdAnalysis::reads: It is not finished 2018-12-04 18:46:23 +01:00
Daniel Marjamäki c03c262058 Preparing FwdAnalysis for ValueFlow usage where we want to fetch read locations 2018-12-02 18:29:16 +01:00