PKEuS
32e2fb2f78
Refactorization: Prefer Token::simpleMatch over Token::Match also for non-const patterns.
2015-12-03 13:04:55 +01:00
Daniel Marjamäki
9c3f25603e
CheckBufferOverrun: Remove old checking of strings and use new ValueFlow-based checking instead ( #6973 )
2015-11-30 16:36:52 +01:00
PKEuS
ac17541ca9
Refactorizations:
...
- Fixed a few more MSVC warnings by using correct types
- Store severity as enum instead of string in Settings::Rule
2015-11-28 12:30:21 +01:00
Daniel Marjamäki
6b124a37d8
Cleanup some casts
2015-11-28 10:11:07 +01:00
Daniel Marjamäki
0f9d90d2be
Changed Copyrights. Removed my name.
2015-11-18 20:04:50 +01:00
Daniel Marjamäki
5074c11b53
CheckBufferOverrun: Fixed FP when accessing string that contains '\0'. Refactoring address-of.
2015-11-09 10:30:39 +01:00
Daniel Marjamäki
ef5be435c7
Fixed #7113 (False positive arrayIndexOutOfBounds - using pointer alias with cast)
2015-11-08 17:21:32 +01:00
Daniel Marjamäki
fc564d779e
Fixed #7112 (crash: CheckBufferOverrun::checkGlobalAndLocalVariable (invalid code))
2015-11-08 14:21:12 +01:00
Daniel Marjamäki
48da1d5396
Refactoring CheckBufferOverrun
2015-11-08 12:39:08 +01:00
Daniel Marjamäki
7d6e1974eb
Fixed #7104 (False positive arrayIndexOutOfBounds)
2015-11-08 09:30:23 +01:00
Daniel Marjamäki
35ed902e3f
Try to fix crash when using getMaxValue()
2015-11-07 19:59:48 +01:00
Daniel Marjamäki
32627dc558
try to fix internal errors detected by Travis
2015-11-07 19:47:30 +01:00
Daniel Marjamäki
9c7271a5e9
CheckBufferOverrun: The simplifyKnownVariables() has been reduced, use ValueFlow instead
2015-11-07 18:12:01 +01:00
Daniel Marjamäki
d0ab3aea70
CheckBufferOverrun: Minor fixes for strings
2015-11-07 15:05:56 +01:00
Daniel Marjamäki
be7bca385d
avoid some fixes for noisy signedness warnings
2015-10-11 12:50:46 +02:00
Dmitry-Me
139ead15ef
Merge overlapping patterns
2015-09-01 16:17:17 +03:00
PKEuS
ab8afec3eb
Refactorizations:
...
- Avoid unnecessary loop iterations
- Avoid unnecessary condition checking
- Reduced code duplication in symboldatabase.cpp
2015-08-16 14:23:07 +02:00
PKEuS
4d80df2f4a
Added pointer to Type to Token (similar to Token::Variable() and Token::function()):
...
- Accessible via Token::type()
- Renamed former Token::type() to Token::tokType()
- Removed SymbolDatabase::isClassOrStruct()
2015-08-15 11:19:21 +02:00
Daniel Marjamäki
6790d91fbb
Improve error messages for conditional values. make valueFlowSwitchVariable values conditional that depend on the case. Partial fix for #6884 .
2015-07-29 19:54:57 +02:00
Daniel Marjamäki
c5bbea2994
Fixed #6816 (FP: buffer overflow, checkminsizes of array with string value)
2015-07-27 16:39:41 +02:00
Daniel Marjamäki
fef251ac76
negative array size: fixed noise when array is not vla
2015-07-04 09:42:42 +02:00
amai2012
11538c84f6
Refactoring: Distinguish between C and C++ code
...
Refactoring: Replace CheckNonReentrantFunctions::initNonReentrantFunctions by static initialization
2015-06-29 21:17:15 +02:00
Martin Ettl
b8e08ca5d8
Code cleanup.
2015-06-28 19:27:23 +02:00
Martin Ettl
7ff4d10c43
Astyle formatting, no functional changes.
2015-06-28 19:25:13 +02:00
amai2012
5814c3b84c
Fix some compiler warnings with VS
...
Minor refactoring on Windows SEH code.
2015-06-28 19:20:16 +02:00
Alexander Mai
0b225fa02f
2nd attempt to fix crash in CheckUnusedFunctions::check. CheckBufferOverrun::checkBufferAllocatedWithStrlen: Don't check for 'new' in C code.
2015-06-28 18:34:09 +02:00
Alexander Mai
02a3a01eca
Fix compiler warnings
2015-06-28 18:07:31 +02:00
Alexander Mai
2c73518e29
Fix platform-dependent test result, formatting and crash in whole program analysis
2015-06-28 17:54:48 +02:00
Daniel Marjamäki
0ca410a4d7
Fixed #6668 (False positive bufferAccessOutOfBounds on sprintf() - regression)
2015-06-07 14:01:20 +02:00
Martin Ettl
d5d6d7fbb8
Running astyle, no functional changes.
2015-05-29 20:20:05 +02:00
amai2012
5b347c537b
Fix #6720 and #6721 (Crashes on garbage code)
...
Local fixes to avoid access to NULL-token
2015-05-29 19:30:55 +02:00
PKEuS
3ce4e68ca6
Refactorization: Make use of do-loops to avoid redundant Token::Match() calls
2015-05-13 13:40:40 +02:00
Daniel Marjamäki
baa1ae079d
New check: negative size in array declaration. Ticket #1760
2015-05-03 15:00:47 +02:00
Daniel Marjamäki
88f59ad7e8
Partial fix for #6656 (Allow that CWE is mapped for error message)
2015-04-25 17:48:11 +02:00
Matthias Krüger
42f0955e3f
Move more setting checks out of loops and use const bools instead. Reorder a few related checks.
...
Follow up to eedcb6abcb
.
2015-04-10 14:31:19 +02:00
Dmitry-Me
d735918a8a
Constructor parameter type need not be a number
2015-03-25 14:56:45 +03:00
Dmitry-Me
9398fa810b
Avoid value truncation
2015-03-25 10:39:09 +03:00
Dmitry-Me
c9cdba5865
Remove duplicate check
2015-03-24 15:58:03 +03:00
Dmitry-Me
4fcbe00913
Omit unnecessary operations
2015-03-19 15:14:07 +03:00
Dmitry-Me
2b50e73aa9
Misleading comment
2015-03-14 15:18:29 +03:00
PKEuS
cb4bf73749
Merge pull request #530 from Dmitry-Me/doChecksEarlier
...
Don't run the checks which will be silenced later anyway
2015-02-25 19:22:00 +01:00
Dmitry-Me
938b84903f
Remove redundant casts
2015-02-24 15:15:22 +03:00
Dmitry-Me
24d2b0368f
Don't run the checks which will be silenced later anyway
2015-02-24 10:20:43 +03:00
Dmitry-Me
19d05979ee
Remove C4189 in release builds
2015-02-20 11:00:34 +03:00
Alexander Mai
6a7605271a
Fix compiler warning. Add interfaces of POSIX passwd.h and pwd.h to posix.cfg
2015-02-18 20:56:44 +01:00
Daniel Marjamäki
2d21eb07ba
Cleaned up snprintf hardcoding in CheckBufferOverrun
2015-02-13 06:44:38 +01:00
Daniel Marjamäki
9aad4fa8ca
CheckBufferOverrun: Remove hardcoding for sprintf and rely on cfg configuration instead
2015-02-12 17:29:36 +01:00
Daniel Marjamäki
a24cbc448a
CheckBufferOverrun: loop through all arguments in checkFunctionCall
2015-02-11 16:24:25 +01:00
Daniel Marjamäki
d9deabe2ce
TestBufferOverrun: clean up
2015-02-10 17:29:36 +01:00
PKEuS
18b0e14590
Refactorizations: Fixed a pattern in checkbufferoverrun.cpp, simplified one in checkclass.cpp
2015-01-31 12:32:05 +01:00
PKEuS
b2835051df
Refactorization: Renamed Token::Match pattern %var% to %name%, implement new pattern %var% which is true if varId > 0.
2015-01-31 12:32:04 +01:00
PKEuS
03e44d4aa0
CheckMemoryLeakInFunction: Don't treat delete as delete operator for C code
...
Fixed GCC message in checkbufferoverrun.cpp
2015-01-30 20:55:53 +01:00
PKEuS
98e33a189f
Enhanced CheckBufferOverrun:
...
- Fixed bug in library: manual and existing libraries use "size", but library.cpp reads "sizeof" as podtype attribute
- Fixed a couple of bugs in handling unknown size in checkbufferoverrun.cpp, get size from library if available.
2015-01-30 20:27:48 +01:00
Dmitry-Me
e7bb43fc6b
Cache and reuse token pointer
2015-01-27 10:23:58 +03:00
Thomas Jarosch
fd01cafb1b
Clean up redundant pointer operations
2015-01-17 16:29:50 +01:00
PKEuS
fd2f93bb80
Two small refactorizations:
...
- Avoid leaving and entering again critical section without doing anything
- Use isPointer() in checkbufferoverrun.cpp instead of string comparison
2015-01-10 21:03:21 +01:00
Daniel Marjamäki
2375f1c46d
CheckBufferOverrun: Fix FN when multifile checking is used.
2015-01-08 21:01:22 +01:00
Daniel Marjamäki
6a8293a8b7
Library: More strict matching of functions
2015-01-08 19:31:41 +01:00
Robert Reif
ba1c24ee65
Fixed #6422 (symbol database: put function flags into a single flag variable)
2015-01-08 05:45:31 +01:00
Daniel Marjamäki
6c3b7c1d0e
CheckBufferOverrun: only report warnings when --enable=warning has been used
2015-01-06 15:14:15 +01:00
Daniel Marjamäki
ff11ba9847
Updated copyright year to 2015
2015-01-03 12:14:58 +01:00
Thomas Jarosch
69b31a0743
Fix up extra whitespaces in match patterns
...
Detected by new internal check.
2014-12-30 14:53:43 +01:00
Daniel Marjamäki
208761f0c3
Fixed #6361 (crash: CheckBufferOverrun)
2014-12-28 10:05:08 +01:00
PKEuS
8b59c39c42
Refactorization: Removed whitespaces at the end of Token::Match patterns
2014-12-27 11:09:54 +01:00
Daniel Marjamäki
6194a4eefd
Fixed #6357 (Improve check: pointer arithmetic 'p+x' overrun, conditional x)
2014-12-26 09:12:00 +01:00
Daniel Marjamäki
7ab12cea63
Improved pointer arithmetic message
2014-12-25 14:31:46 +01:00
Daniel Marjamäki
bc594d52c8
Fixed #6349 (Pointer arithmetic: clarify message)
2014-12-25 10:05:55 +01:00
Daniel Marjamäki
7cfa54f0e0
Fixed #6353 (False positive: CheckBufferOverrun checking reassigned array function parameter)
2014-12-24 14:03:52 +01:00
Daniel Marjamäki
90bd38a972
Renamed isCasted to isCast
2014-12-24 10:35:40 +01:00
Daniel Marjamäki
1b2a23b3fe
Fixed #6350 (Tokenizer::simplifyCast: set Token::isCasted when cast is removed)
2014-12-23 16:16:14 +01:00
Daniel Marjamäki
e16a934fb3
CheckBufferOverrun: Added comment in code to clarify why severity is portability for pointerOutOfBounds message.
2014-12-22 15:41:46 +01:00
Daniel Marjamäki
10ae551fef
CheckBufferOverrun: Use portability warning for pointer arithmetic UB. It can be used by intention and usually works as intended.
2014-12-22 10:56:17 +01:00
Daniel Marjamäki
93ac5a41cd
Fixed #6346 (pointer calculation overflow)
2014-12-22 09:38:00 +01:00
Daniel Marjamäki
a95e5bff2b
Fixed #6344 (false positive: out of bounds access when array size is unknown)
2014-12-20 18:50:08 +01:00
Daniel Marjamäki
a1537e1a6e
Fixed #6339 (false negative: array index out of bounds on allocated buffer using valueflow)
2014-12-17 16:23:48 +01:00
Alexander Mai
c2584aa635
#6303 crash in CheckBufferOverrun. Add check on loop variable in CheckBufferOverrun::checkScope().
2014-12-04 20:49:58 +01:00
Daniel Marjamäki
0b9d80c95d
Refactoring CheckUnusedFunctions so it uses new infrastructure for multifile analysis
2014-12-02 06:41:18 +01:00
Dmitry-Me
cf3f8c2f38
Refactoring: Replace names with underscores with camelCase names
2014-12-01 16:22:56 +01:00
Daniel Marjamäki
a002654c47
Reverted refactoring 828417c
for now. It caused a major slowdown in the unused functions checking.
2014-11-24 06:37:08 +01:00
Daniel Marjamäki
828417c934
CheckUnusedFunction: Refactorings to use same infrastructure for whole program analysis as CheckUninitVar and CheckBufferOverrun
2014-11-15 18:44:23 +01:00
Daniel Marjamäki
de7e9223b8
Fixed #6272 (Improve check: multifile checking in checkbufferoverrun)
2014-11-15 10:43:49 +01:00
Frank Zingsheim
71c5d4bd60
Ticket #6232 (cppOut of bounds array access)
...
--HG--
extra : rebase_source : 79ed3533a12a486ea3ed3f09f9bc55b1a4771161
2014-10-21 22:56:53 +02:00
orbitcowboy
f36aaae732
Fixed a typo in a comment. No functional changes.
2014-09-30 14:54:59 +02:00
PKEuS
68b26f8faa
Fixed subsequent false negatives in CheckBufferOverrun::checkInsecureCmdLineArgs() ( #5835 )
2014-09-29 15:38:33 +02:00
Alexander Mai
ccd80e3407
#6141 FP: Unknown type is assumed to have size 0.
2014-09-27 21:51:11 +02:00
Dmitry-Me
7c4b9bed9e
Move declaration, run check earlier
2014-09-16 13:34:16 +04:00
Dmitry-Me
e050fba414
Move declaration closer to where it is used
2014-09-11 11:26:35 +04:00
PKEuS
117e45f8af
Merge pull request #395 from Dmitry-Me/fixBufferOverrun
...
Fix potential buffer overrun
2014-09-06 23:03:02 +02:00
Dmitry-Me
7342a81ea7
Minor refactorings. rename token. cleanup if/else.
2014-09-02 16:10:51 +02:00
PKEuS
7f2be2f57c
Fixed template bracket linkage in while loop simplification
...
Ran AStyle
2014-08-23 12:28:54 +02:00
Daniel Marjamäki
b6355b991f
Fixed #6070 (false positive: Array 'array[8192]' accessed at index 8192, which is out of bounds)
2014-08-19 07:03:00 +02:00
Dmitry-Me
406239dfc7
Fix potential buffer overrun
2014-08-12 17:44:20 +04:00
Daniel Marjamäki
47a2b35e98
BufferOverrun: Use ValueFlow string values more
2014-08-04 08:25:10 +02:00
Daniel Marjamäki
79fc549de0
ValueFlow: start adding valueflow handling of strings and pointer aliases
2014-08-03 20:11:22 +02:00
PKEuS
6d3cb86d2a
Merge pull request #382 from Dmitry-Me/bringDeclarationsCloserToWhereTheyAreNeeded
...
Bring variable declarations closer to where they're first used.
2014-08-02 11:12:34 +02:00
Daniel Marjamäki
f2e3700142
Merge pull request #383 from moshekaplan/patch-1
...
Updated message for strncat usage
2014-08-02 11:10:16 +02:00
Daniel Marjamäki
7237b01979
Fixed Cppcheck warning
2014-08-02 10:07:23 +02:00
Daniel Marjamäki
544a5957e1
Token: Added utility function getStrSize as a complement to getStrLength
2014-08-01 13:12:18 +02:00
Moshe Kaplan
e881495eaf
Updated message for strncat usage
2014-07-31 13:51:29 -04:00
Daniel Marjamäki
5de1e35350
CheckBufferOverrun: Fixed minsize checking of string literals. Check sizeof string instead of strlen.
2014-07-30 20:35:21 +02:00