Robert Reif
|
547a79d4fe
|
calculate array size for variable length structures with array at end in CheckBufferOverrun::checkStructVariable() when possible
|
2011-09-10 10:14:32 -04:00 |
Robert Reif
|
7451c5cece
|
warn when buffer is not zero terminated after memmove
|
2011-09-05 15:59:41 -04:00 |
Robert Reif
|
f5d71d1ac5
|
warn when buffer is not zero terminated after memcpy
|
2011-09-05 15:41:37 -04:00 |
Robert Reif
|
3c8988e7a5
|
warn when buffer is not zero terminated after strncpy
|
2011-09-05 15:19:38 -04:00 |
Robert Reif
|
8c093d0f8a
|
refactor CheckBufferOverrun::checkScope strncpy check and change experimental to inconclusive
|
2011-08-27 21:18:39 -04:00 |
Robert Reif
|
6e78b51071
|
make all functions that call reportError names in checkbufferoverrun end in Error for consisentcy
|
2011-08-24 07:11:39 -04:00 |
Robert Reif
|
8c1efe9bb6
|
improve message for #3035 (false negative: strcpy(dst, src) where src is bigger than dst)
|
2011-08-21 15:18:41 -04:00 |
Robert Reif
|
67e8731a96
|
partial fix for #3035 (false negative: strcpy(dst, src) where src is bigger than dst)
|
2011-08-21 14:44:55 -04:00 |
Daniel Marjamäki
|
ceb763f57a
|
Fixed #2956 (False negative: read array and then immediately check the index 'str[i] && i<sizeof(str)')
|
2011-08-04 11:15:14 +02:00 |
Robert Reif
|
48e6ea271a
|
start using symbol database array info for buffer overrun checks
|
2011-06-22 22:44:11 -04:00 |
Robert Reif
|
dac826d0ac
|
use a more conventional technique for accessing ArrayInfo private variables
|
2011-06-22 20:35:58 -04:00 |
Daniel Marjamäki
|
08811c8179
|
CheckBufferOverrun: Refactoring. Broke out checkScope code for parsing 'for' bodies
|
2011-02-10 21:56:06 +01:00 |
Greg Hewgill
|
be195a72c9
|
initialise Check::_name in constructor rather than relying on virtual Check::name()
|
2011-02-02 22:58:25 +13:00 |
Daniel Marjamäki
|
9d3b242cd8
|
Fixed #1952 (false negative: buffer acces out of bounds with memcpy)
|
2011-01-22 21:31:26 +01:00 |
Reijo Tomperi
|
226b605774
|
Change year 2010 -> 2011 in license texts.
|
2011-01-09 21:33:36 +02:00 |
Daniel Marjamäki
|
4ec9d418ff
|
Fixed #2215 (Improve check: Writing outside malloc bounds not detected)
|
2011-01-01 20:56:21 +01:00 |
Daniel Marjamäki
|
fa3853803b
|
gcc: fixed -Wconversion warnings
|
2010-12-31 09:30:56 +01:00 |
Daniel Marjamäki
|
38e7209d26
|
Fixed #2373 (Using XML2 in --errorlist output)
|
2010-12-29 12:43:29 +01:00 |
Daniel Marjamäki
|
6aa400fd80
|
Buffer overrun: UB when pointer arithmetic result points out of bounds. Ticket #1774
|
2010-12-26 21:23:28 +01:00 |
Daniel Marjamäki
|
9d9a5b0623
|
VS: Fixed compiler warnings. Ticket: #2200
|
2010-11-21 11:48:27 +01:00 |
Ettl Martin
|
a56f6d276a
|
fixed warning from cppcheck: [lib/checkbufferoverrun.h:129]: (style) 'operator=' should not return a const reference
|
2010-09-15 22:25:12 +02:00 |
Daniel Marjamäki
|
adc47f1820
|
Fixed #1487 (fix gcc compiler warnings)
|
2010-08-06 21:02:43 +02:00 |
Daniel Marjamäki
|
1b2f16f443
|
Buffer overflow: Fixed two TODO test cases
|
2010-08-05 11:01:47 +02:00 |
Daniel Marjamäki
|
5789eb116d
|
astyle formatting
|
2010-06-02 18:09:25 +02:00 |
Zachary Blair
|
33b4254d33
|
Fixed #568 (string functions with command line arguments may overflow buffer)
|
2010-06-01 22:41:07 -07:00 |
Zachary Blair
|
619cfbc56f
|
Fixed #168 (buffer overflow: not enough room for the null terminator)
|
2010-05-26 01:56:34 -07:00 |
Daniel Marjamäki
|
01034cd48d
|
Refactoring: Removed 'possible error' message about cin
|
2010-05-16 19:09:36 +02:00 |
Daniel Marjamäki
|
26fab24de4
|
Refactoring: Removed some inconclusive checking in CheckBufferOverrun
|
2010-05-16 15:30:39 +02:00 |
Daniel Marjamäki
|
8ccd95a643
|
Fixed #836 (buffer overrun: memmove)
|
2010-04-24 21:48:58 +02:00 |
Daniel Marjamäki
|
a3b781a181
|
Fixed #819 (array index out of bounds not detected for multidimension arrays)
|
2010-04-23 16:26:40 +02:00 |
Daniel Marjamäki
|
f9f6927e63
|
CheckBufferOverrun: Don't give false positives when reading from array with strncpy/strncat
|
2010-04-21 20:02:58 +02:00 |
Daniel Marjamäki
|
f057e127a0
|
CheckBufferOverrun: Refactoring the checking of function calls
|
2010-04-21 19:27:28 +02:00 |
Daniel Marjamäki
|
798aa84151
|
Refactoring: CheckBufferOverrun refactorings. split up the checkScope into two separate functions. The ArrayInfo usage was improved. Also broke out for-loop handling into separate functions.
|
2010-04-21 18:33:21 +02:00 |
Daniel Marjamäki
|
b6ab419a06
|
Buffer Overrun: Broke out the checking for negative array index
|
2010-04-18 20:51:39 +02:00 |
Daniel Marjamäki
|
af3f2faa41
|
Refactoring: Renamed ArrayInfo::type_size to ArrayInfo::element_size
|
2010-04-18 20:18:25 +02:00 |
Daniel Marjamäki
|
814f706329
|
BufferOverflow: Refactoring ArrayInfo
|
2010-04-18 19:46:45 +02:00 |
Daniel Marjamäki
|
a473345f18
|
Buffer overruns: First change to detect overruns in multidimensional arrays (#819)
|
2010-04-18 11:08:29 +02:00 |
Daniel Marjamäki
|
c718a7c595
|
astyle: Update to astyle 1.24
|
2010-04-15 20:08:51 +02:00 |
Reijo Tomperi
|
35d2a27b9c
|
Update copyright year in all source files
|
2010-04-13 22:23:17 +03:00 |
Daniel Marjamäki
|
5fed938f56
|
Fixed #1190 (array index out of bounds when index variable is assigned in a condition)
|
2010-04-10 21:12:00 +02:00 |
Daniel Marjamäki
|
0cad22314e
|
Reverted 'astyle fix'. Those changes are not in sync with my astyle configuration/setup.
|
2010-04-02 07:30:58 +02:00 |
Martin Ettl
|
193aa7d1d3
|
astyle fix
|
2010-04-02 02:21:53 +02:00 |
Daniel Marjamäki
|
e911d1f1df
|
doxygen updates
|
2010-03-17 22:16:18 +01:00 |
Daniel Marjamäki
|
30d3418b11
|
doxygen: added more comments for CheckNullPointer and CheckUninitVar
|
2010-03-13 21:42:59 +01:00 |
Daniel Marjamäki
|
8f4edb5e45
|
Fixed #1409 (False positive: Buffer access out-of-bounds with strncpy and an array in typedef'ed struct)
|
2010-02-21 15:23:50 +01:00 |
Daniel Marjamäki
|
9394816fcf
|
Refactoring: Use std::string instead of const char *
|
2010-02-14 19:58:17 +01:00 |
Daniel Marjamäki
|
5925b88b38
|
Robert Reif: improve check: array index out of bounds, show name of array, array size and array index
|
2009-12-25 15:25:58 +01:00 |
Daniel Marjamäki
|
d4adab3e78
|
added error info about the strncpy check
|
2009-12-18 17:33:33 +01:00 |
Daniel Marjamäki
|
0da0b5ffed
|
ericsesterhenn: Fixed #1106 (check if buffer is zero terminated after a strncpy)
|
2009-12-18 17:26:15 +01:00 |
Daniel Marjamäki
|
09859c1019
|
refactoring the folder structure
|
2009-10-25 12:49:06 +01:00 |