Commit Graph

554 Commits

Author SHA1 Message Date
PKEuS 32e2fb2f78 Refactorization: Prefer Token::simpleMatch over Token::Match also for non-const patterns. 2015-12-03 13:04:55 +01:00
Daniel Marjamäki 9c3f25603e CheckBufferOverrun: Remove old checking of strings and use new ValueFlow-based checking instead (#6973) 2015-11-30 16:36:52 +01:00
PKEuS ac17541ca9 Refactorizations:
- Fixed a few more MSVC warnings by using correct types
- Store severity as enum instead of string in Settings::Rule
2015-11-28 12:30:21 +01:00
Daniel Marjamäki 6b124a37d8 Cleanup some casts 2015-11-28 10:11:07 +01:00
Daniel Marjamäki 0f9d90d2be Changed Copyrights. Removed my name. 2015-11-18 20:04:50 +01:00
Daniel Marjamäki 5074c11b53 CheckBufferOverrun: Fixed FP when accessing string that contains '\0'. Refactoring address-of. 2015-11-09 10:30:39 +01:00
Daniel Marjamäki ef5be435c7 Fixed #7113 (False positive arrayIndexOutOfBounds - using pointer alias with cast) 2015-11-08 17:21:32 +01:00
Daniel Marjamäki fc564d779e Fixed #7112 (crash: CheckBufferOverrun::checkGlobalAndLocalVariable (invalid code)) 2015-11-08 14:21:12 +01:00
Daniel Marjamäki 48da1d5396 Refactoring CheckBufferOverrun 2015-11-08 12:39:08 +01:00
Daniel Marjamäki 7d6e1974eb Fixed #7104 (False positive arrayIndexOutOfBounds) 2015-11-08 09:30:23 +01:00
Daniel Marjamäki 35ed902e3f Try to fix crash when using getMaxValue() 2015-11-07 19:59:48 +01:00
Daniel Marjamäki 32627dc558 try to fix internal errors detected by Travis 2015-11-07 19:47:30 +01:00
Daniel Marjamäki 9c7271a5e9 CheckBufferOverrun: The simplifyKnownVariables() has been reduced, use ValueFlow instead 2015-11-07 18:12:01 +01:00
Daniel Marjamäki d0ab3aea70 CheckBufferOverrun: Minor fixes for strings 2015-11-07 15:05:56 +01:00
Daniel Marjamäki be7bca385d avoid some fixes for noisy signedness warnings 2015-10-11 12:50:46 +02:00
Dmitry-Me 139ead15ef Merge overlapping patterns 2015-09-01 16:17:17 +03:00
PKEuS ab8afec3eb Refactorizations:
- Avoid unnecessary loop iterations
- Avoid unnecessary condition checking
- Reduced code duplication in symboldatabase.cpp
2015-08-16 14:23:07 +02:00
PKEuS 4d80df2f4a Added pointer to Type to Token (similar to Token::Variable() and Token::function()):
- Accessible via Token::type()
- Renamed former Token::type() to Token::tokType()
- Removed SymbolDatabase::isClassOrStruct()
2015-08-15 11:19:21 +02:00
Daniel Marjamäki 6790d91fbb Improve error messages for conditional values. make valueFlowSwitchVariable values conditional that depend on the case. Partial fix for #6884. 2015-07-29 19:54:57 +02:00
Daniel Marjamäki c5bbea2994 Fixed #6816 (FP: buffer overflow, checkminsizes of array with string value) 2015-07-27 16:39:41 +02:00
Daniel Marjamäki fef251ac76 negative array size: fixed noise when array is not vla 2015-07-04 09:42:42 +02:00
amai2012 11538c84f6 Refactoring: Distinguish between C and C++ code
Refactoring: Replace CheckNonReentrantFunctions::initNonReentrantFunctions by static initialization
2015-06-29 21:17:15 +02:00
Martin Ettl b8e08ca5d8 Code cleanup. 2015-06-28 19:27:23 +02:00
Martin Ettl 7ff4d10c43 Astyle formatting, no functional changes. 2015-06-28 19:25:13 +02:00
amai2012 5814c3b84c Fix some compiler warnings with VS
Minor refactoring on Windows SEH code.
2015-06-28 19:20:16 +02:00
Alexander Mai 0b225fa02f 2nd attempt to fix crash in CheckUnusedFunctions::check. CheckBufferOverrun::checkBufferAllocatedWithStrlen: Don't check for 'new' in C code. 2015-06-28 18:34:09 +02:00
Alexander Mai 02a3a01eca Fix compiler warnings 2015-06-28 18:07:31 +02:00
Alexander Mai 2c73518e29 Fix platform-dependent test result, formatting and crash in whole program analysis 2015-06-28 17:54:48 +02:00
Daniel Marjamäki 0ca410a4d7 Fixed #6668 (False positive bufferAccessOutOfBounds on sprintf() - regression) 2015-06-07 14:01:20 +02:00
Martin Ettl d5d6d7fbb8 Running astyle, no functional changes. 2015-05-29 20:20:05 +02:00
amai2012 5b347c537b Fix #6720 and #6721 (Crashes on garbage code)
Local fixes to avoid access to NULL-token
2015-05-29 19:30:55 +02:00
PKEuS 3ce4e68ca6 Refactorization: Make use of do-loops to avoid redundant Token::Match() calls 2015-05-13 13:40:40 +02:00
Daniel Marjamäki baa1ae079d New check: negative size in array declaration. Ticket #1760 2015-05-03 15:00:47 +02:00
Daniel Marjamäki 88f59ad7e8 Partial fix for #6656 (Allow that CWE is mapped for error message) 2015-04-25 17:48:11 +02:00
Matthias Krüger 42f0955e3f Move more setting checks out of loops and use const bools instead. Reorder a few related checks.
Follow up to eedcb6abcb .
2015-04-10 14:31:19 +02:00
Dmitry-Me d735918a8a Constructor parameter type need not be a number 2015-03-25 14:56:45 +03:00
Dmitry-Me 9398fa810b Avoid value truncation 2015-03-25 10:39:09 +03:00
Dmitry-Me c9cdba5865 Remove duplicate check 2015-03-24 15:58:03 +03:00
Dmitry-Me 4fcbe00913 Omit unnecessary operations 2015-03-19 15:14:07 +03:00
Dmitry-Me 2b50e73aa9 Misleading comment 2015-03-14 15:18:29 +03:00
PKEuS cb4bf73749 Merge pull request #530 from Dmitry-Me/doChecksEarlier
Don't run the checks which will be silenced later anyway
2015-02-25 19:22:00 +01:00
Dmitry-Me 938b84903f Remove redundant casts 2015-02-24 15:15:22 +03:00
Dmitry-Me 24d2b0368f Don't run the checks which will be silenced later anyway 2015-02-24 10:20:43 +03:00
Dmitry-Me 19d05979ee Remove C4189 in release builds 2015-02-20 11:00:34 +03:00
Alexander Mai 6a7605271a Fix compiler warning. Add interfaces of POSIX passwd.h and pwd.h to posix.cfg 2015-02-18 20:56:44 +01:00
Daniel Marjamäki 2d21eb07ba Cleaned up snprintf hardcoding in CheckBufferOverrun 2015-02-13 06:44:38 +01:00
Daniel Marjamäki 9aad4fa8ca CheckBufferOverrun: Remove hardcoding for sprintf and rely on cfg configuration instead 2015-02-12 17:29:36 +01:00
Daniel Marjamäki a24cbc448a CheckBufferOverrun: loop through all arguments in checkFunctionCall 2015-02-11 16:24:25 +01:00
Daniel Marjamäki d9deabe2ce TestBufferOverrun: clean up 2015-02-10 17:29:36 +01:00
PKEuS 18b0e14590 Refactorizations: Fixed a pattern in checkbufferoverrun.cpp, simplified one in checkclass.cpp 2015-01-31 12:32:05 +01:00
PKEuS b2835051df Refactorization: Renamed Token::Match pattern %var% to %name%, implement new pattern %var% which is true if varId > 0. 2015-01-31 12:32:04 +01:00
PKEuS 03e44d4aa0 CheckMemoryLeakInFunction: Don't treat delete as delete operator for C code
Fixed GCC message in checkbufferoverrun.cpp
2015-01-30 20:55:53 +01:00
PKEuS 98e33a189f Enhanced CheckBufferOverrun:
- Fixed bug in library: manual and existing libraries use "size", but library.cpp reads "sizeof" as podtype attribute
- Fixed a couple of bugs in handling unknown size in checkbufferoverrun.cpp, get size from library if available.
2015-01-30 20:27:48 +01:00
Dmitry-Me e7bb43fc6b Cache and reuse token pointer 2015-01-27 10:23:58 +03:00
Thomas Jarosch fd01cafb1b Clean up redundant pointer operations 2015-01-17 16:29:50 +01:00
PKEuS fd2f93bb80 Two small refactorizations:
- Avoid leaving and entering again critical section without doing anything
- Use isPointer() in checkbufferoverrun.cpp instead of string comparison
2015-01-10 21:03:21 +01:00
Daniel Marjamäki 2375f1c46d CheckBufferOverrun: Fix FN when multifile checking is used. 2015-01-08 21:01:22 +01:00
Daniel Marjamäki 6a8293a8b7 Library: More strict matching of functions 2015-01-08 19:31:41 +01:00
Robert Reif ba1c24ee65 Fixed #6422 (symbol database: put function flags into a single flag variable) 2015-01-08 05:45:31 +01:00
Daniel Marjamäki 6c3b7c1d0e CheckBufferOverrun: only report warnings when --enable=warning has been used 2015-01-06 15:14:15 +01:00
Daniel Marjamäki ff11ba9847 Updated copyright year to 2015 2015-01-03 12:14:58 +01:00
Thomas Jarosch 69b31a0743 Fix up extra whitespaces in match patterns
Detected by new internal check.
2014-12-30 14:53:43 +01:00
Daniel Marjamäki 208761f0c3 Fixed #6361 (crash: CheckBufferOverrun) 2014-12-28 10:05:08 +01:00
PKEuS 8b59c39c42 Refactorization: Removed whitespaces at the end of Token::Match patterns 2014-12-27 11:09:54 +01:00
Daniel Marjamäki 6194a4eefd Fixed #6357 (Improve check: pointer arithmetic 'p+x' overrun, conditional x) 2014-12-26 09:12:00 +01:00
Daniel Marjamäki 7ab12cea63 Improved pointer arithmetic message 2014-12-25 14:31:46 +01:00
Daniel Marjamäki bc594d52c8 Fixed #6349 (Pointer arithmetic: clarify message) 2014-12-25 10:05:55 +01:00
Daniel Marjamäki 7cfa54f0e0 Fixed #6353 (False positive: CheckBufferOverrun checking reassigned array function parameter) 2014-12-24 14:03:52 +01:00
Daniel Marjamäki 90bd38a972 Renamed isCasted to isCast 2014-12-24 10:35:40 +01:00
Daniel Marjamäki 1b2a23b3fe Fixed #6350 (Tokenizer::simplifyCast: set Token::isCasted when cast is removed) 2014-12-23 16:16:14 +01:00
Daniel Marjamäki e16a934fb3 CheckBufferOverrun: Added comment in code to clarify why severity is portability for pointerOutOfBounds message. 2014-12-22 15:41:46 +01:00
Daniel Marjamäki 10ae551fef CheckBufferOverrun: Use portability warning for pointer arithmetic UB. It can be used by intention and usually works as intended. 2014-12-22 10:56:17 +01:00
Daniel Marjamäki 93ac5a41cd Fixed #6346 (pointer calculation overflow) 2014-12-22 09:38:00 +01:00
Daniel Marjamäki a95e5bff2b Fixed #6344 (false positive: out of bounds access when array size is unknown) 2014-12-20 18:50:08 +01:00
Daniel Marjamäki a1537e1a6e Fixed #6339 (false negative: array index out of bounds on allocated buffer using valueflow) 2014-12-17 16:23:48 +01:00
Alexander Mai c2584aa635 #6303 crash in CheckBufferOverrun. Add check on loop variable in CheckBufferOverrun::checkScope(). 2014-12-04 20:49:58 +01:00
Daniel Marjamäki 0b9d80c95d Refactoring CheckUnusedFunctions so it uses new infrastructure for multifile analysis 2014-12-02 06:41:18 +01:00
Dmitry-Me cf3f8c2f38 Refactoring: Replace names with underscores with camelCase names 2014-12-01 16:22:56 +01:00
Daniel Marjamäki a002654c47 Reverted refactoring 828417c for now. It caused a major slowdown in the unused functions checking. 2014-11-24 06:37:08 +01:00
Daniel Marjamäki 828417c934 CheckUnusedFunction: Refactorings to use same infrastructure for whole program analysis as CheckUninitVar and CheckBufferOverrun 2014-11-15 18:44:23 +01:00
Daniel Marjamäki de7e9223b8 Fixed #6272 (Improve check: multifile checking in checkbufferoverrun) 2014-11-15 10:43:49 +01:00
Frank Zingsheim 71c5d4bd60 Ticket #6232 (cppOut of bounds array access)
--HG--
extra : rebase_source : 79ed3533a12a486ea3ed3f09f9bc55b1a4771161
2014-10-21 22:56:53 +02:00
orbitcowboy f36aaae732 Fixed a typo in a comment. No functional changes. 2014-09-30 14:54:59 +02:00
PKEuS 68b26f8faa Fixed subsequent false negatives in CheckBufferOverrun::checkInsecureCmdLineArgs() (#5835) 2014-09-29 15:38:33 +02:00
Alexander Mai ccd80e3407 #6141 FP: Unknown type is assumed to have size 0. 2014-09-27 21:51:11 +02:00
Dmitry-Me 7c4b9bed9e Move declaration, run check earlier 2014-09-16 13:34:16 +04:00
Dmitry-Me e050fba414 Move declaration closer to where it is used 2014-09-11 11:26:35 +04:00
PKEuS 117e45f8af Merge pull request #395 from Dmitry-Me/fixBufferOverrun
Fix potential buffer overrun
2014-09-06 23:03:02 +02:00
Dmitry-Me 7342a81ea7 Minor refactorings. rename token. cleanup if/else. 2014-09-02 16:10:51 +02:00
PKEuS 7f2be2f57c Fixed template bracket linkage in while loop simplification
Ran AStyle
2014-08-23 12:28:54 +02:00
Daniel Marjamäki b6355b991f Fixed #6070 (false positive: Array 'array[8192]' accessed at index 8192, which is out of bounds) 2014-08-19 07:03:00 +02:00
Dmitry-Me 406239dfc7 Fix potential buffer overrun 2014-08-12 17:44:20 +04:00
Daniel Marjamäki 47a2b35e98 BufferOverrun: Use ValueFlow string values more 2014-08-04 08:25:10 +02:00
Daniel Marjamäki 79fc549de0 ValueFlow: start adding valueflow handling of strings and pointer aliases 2014-08-03 20:11:22 +02:00
PKEuS 6d3cb86d2a Merge pull request #382 from Dmitry-Me/bringDeclarationsCloserToWhereTheyAreNeeded
Bring variable declarations closer to where they're first used.
2014-08-02 11:12:34 +02:00
Daniel Marjamäki f2e3700142 Merge pull request #383 from moshekaplan/patch-1
Updated message for strncat usage
2014-08-02 11:10:16 +02:00
Daniel Marjamäki 7237b01979 Fixed Cppcheck warning 2014-08-02 10:07:23 +02:00
Daniel Marjamäki 544a5957e1 Token: Added utility function getStrSize as a complement to getStrLength 2014-08-01 13:12:18 +02:00
Moshe Kaplan e881495eaf Updated message for strncat usage 2014-07-31 13:51:29 -04:00
Daniel Marjamäki 5de1e35350 CheckBufferOverrun: Fixed minsize checking of string literals. Check sizeof string instead of strlen. 2014-07-30 20:35:21 +02:00