a3acc3241e
Library: Added <minsize> element used for buffer overrun checking
2014-07-05 20:31:43 +02:00
6c8558c112
CheckBufferOverrun: Removed old for-loop handling. This is handled through ValueFlow from now on.
2014-06-27 06:46:42 +02:00
036b2f8ccf
CheckBufferOverrun: Added bufferOverrun2 that is based on ValueFlow/SymbolDatabase/Ast from the start. Replaced some old checking.
2014-06-26 17:36:20 +02:00
ec1bd420a7
Refactorizations optimizing std::string usage:
...
1) Added global static const std::string emptyString; object:
-> Replaces some static variables in functions which might be not threadsafe
-> Avoids constructor call (std::string::string(""))
-> Even functions that return an empty string in some branches can return by reference now.
Added to config.h to ensure that it is available everywhere
2) Added overloads for TestFixture::assertEquals for the most common use cases:
-> Moves conversion from const char[] to std::string into a function, reducing code duplication in binary.
2014-06-26 11:51:02 +02:00
feefa4c626
Speedup checking large amounts of arrays ( #5615 ) by avoiding Token::Match calls in CheckBufferOverrun::checkScope(2).
...
-> Decreased entire checking time on a subset of the attached file by 66% (MSVC12, x64, non-matchcompiled)
2014-06-26 11:51:02 +02:00
2d54bace1b
Improved performance of CheckBufferOverrun::checkScope() ( #5944 ):
...
-> Speedup by 40% (MSVC12, x64, not matchcompiled) on the file attached to the ticket
2014-06-23 19:06:59 +02:00
7692a306cd
Cleanup code - reorder checks and make variable declaration scope narrower.
2014-06-06 18:58:20 +04:00
d93d7401c6
Moved getSourceFilePath(), isC() and isCPP() from Tokenizer to TokenList
...
Conflicts:
lib/tokenize.cpp
2014-06-04 18:36:25 +02:00
f7356dd8c7
Only fill total_size in CheckBufferOverrun::checkFunctionParameter when it's useful.
2014-05-29 23:51:13 +02:00
139f87af18
Ticket #5615 : Avoid calling the same function n times when once is enough.
2014-05-29 19:58:09 +02:00
966491d40b
Added a test for out-of-bounds character array access.
2014-05-27 16:21:13 +02:00
effa38c322
Fixed #5863 (False positive: array index is used before limits check)
2014-05-24 17:50:01 +02:00
8f79dc3ff8
Cleaned up includes and forward declarations in checkers:
...
- Removed definitely unnecessary forward declarations (e.g. "class Token"; token.h is already included by check.h, so a definition is unnecessary)
- Removed unused includes
2014-05-24 12:50:03 +02:00
b0b0562247
Removed obsolete piece of code from checkbufferoverrun.cpp
2014-05-24 11:29:32 +02:00
5fbd58d98d
Fixed messages of CheckInternal, fixed a false positive.
2014-05-18 20:39:52 +02:00
04fbbdb5e8
Refactorized CheckBufferOverrun::arrayIndexThenCheck() and fixed false negative
2014-05-10 13:00:44 +02:00
ed1d63ffc0
Fixed #5636 (FP: matrix out of bounds)
2014-05-03 18:12:06 +02:00
a7c7b00407
Reuse variable value, return earlier.
2014-04-24 12:24:40 +04:00
9b74d43473
Rename local variable plus return a bit earlier on edge condition.
2014-04-23 11:18:09 +04:00
ddf34440b6
Refactorization: Replaced several Token::findmatch calls by symboldatabase usage
2014-04-12 23:41:46 +02:00
89dc652af9
#5631 Typo and misleading error message in negativeMemoryAllocationSize
2014-04-08 20:23:00 +02:00
3c64c70ce2
ValueFlow: Added utility functions getValueLE and getValueGE to simplify usage
2014-04-02 06:49:28 +02:00
deef4642d4
Buffer overrun: removed some old code that is not based on valueflow
2014-03-29 20:22:35 +01:00
e5301b2b7a
ValueFlow: Improved valueflow of for loop 'for (i=a; i<10; i++)' => unknown start value but end value is known
2014-03-29 20:20:22 +01:00
9b307cf8e0
Improved readability of testsuite output when ASSERT_EQUALS_MSG fails.
...
Fixed another true positive in checkbufferoverrun.cpp
AStyle
2014-03-27 16:06:30 +01:00
d22da5e683
astyle formatting
...
[ci skip]
2014-03-26 06:56:13 +01:00
fa7ae1ae5b
Fixed segfault when checking libusbx (daca2)
2014-03-26 06:51:56 +01:00
87daf5783e
buffer overflow: clean up old checking for negative index
2014-03-25 20:37:32 +01:00
c8004a8d31
Buffer overruns: Use ValueFlow to detect negative index
2014-03-25 18:22:22 +01:00
49b25b05d9
Fixed crash in CheckBufferOverrun on garbage code ( #5595 )
2014-03-21 13:20:44 +01:00
93341f4449
Use simple match where possible
...
Fixes these warnings found by "--enable=internal":
[lib/checkclass.cpp:972]: (warning) Found simple pattern inside Token::Match() call: "* *"
[lib/checkbufferoverrun.cpp:635]: (warning) Found simple pattern inside Token::Match() call: "."
[lib/checkbufferoverrun.cpp:1397]: (warning) Found simple pattern inside Token::Match() call: ";"
[lib/checksizeof.cpp:299]: (warning) Found simple pattern inside Token::Match() call: "."
[lib/checksizeof.cpp:301]: (warning) Found simple pattern inside Token::Match() call: ")"
[lib/checksizeof.cpp:303]: (warning) Found simple pattern inside Token::Match() call: "]"
[lib/checksizeof.cpp:318]: (warning) Found simple pattern inside Token::Match() call: ")"
[lib/checknullpointer.cpp:413]: (warning) Found simple pattern inside Token::Match() call: "delete"
[lib/checkio.cpp:1336]: (warning) Found simple pattern inside Token::Match() call: "> ("
[lib/checkstl.cpp:1509]: (warning) Found simple pattern inside Token::findmatch() call: ";"
[lib/checkstl.cpp:1512]: (warning) Found simple pattern inside Token::findmatch() call: ";"
[lib/checkstl.cpp:1594]: (warning) Found simple pattern inside Token::Match() call: "="
[lib/checkstl.cpp:1598]: (warning) Found simple pattern inside Token::Match() call: "] ="
[lib/checkunusedvar.cpp:755]: (warning) Found simple pattern inside Token::Match() call: "goto"
[lib/checkunusedvar.cpp:793]: (warning) Found simple pattern inside Token::Match() call: "="
[lib/checkuninitvar.cpp:376]: (warning) Found simple pattern inside Token::Match() call: "> ("
[lib/checkother.cpp:86]: (warning) Found simple pattern inside Token::Match() call: "> ("
[lib/checkother.cpp:2181]: (warning) Found simple pattern inside Token::Match() call: "> {"
[lib/valueflow.cpp:54]: (warning) Found simple pattern inside Token::Match() call: "&"
[lib/valueflow.cpp:409]: (warning) Found simple pattern inside Token::Match() call: "do"
[lib/valueflow.cpp:425]: (warning) Found simple pattern inside Token::Match() call: ") {"
[lib/valueflow.cpp:487]: (warning) Found simple pattern inside Token::Match() call: ") {"
[lib/valueflow.cpp:511]: (warning) Found simple pattern inside Token::Match() call: "} else {"
[lib/valueflow.cpp:615]: (warning) Found simple pattern inside Token::Match() call: "for ("
[lib/symboldatabase.cpp:80]: (warning) Found simple pattern inside Token::Match() call: "= {"
[lib/symboldatabase.cpp:1069]: (warning) Found simple pattern inside Token::Match() call: "std ::"
[lib/tokenize.cpp:2207]: (warning) Found simple pattern inside Token::Match() call: "< >"
[lib/tokenize.cpp:2730]: (warning) Found simple pattern inside Token::Match() call: ";"
[lib/tokenize.cpp:4234]: (warning) Found simple pattern inside Token::Match() call: "try {"
[lib/tokenize.cpp:4235]: (warning) Found simple pattern inside Token::Match() call: "} catch ("
[lib/tokenize.cpp:5500]: (warning) Found simple pattern inside Token::Match() call: "INT8"
[lib/tokenize.cpp:5752]: (warning) Found simple pattern inside Token::Match() call: "}"
[lib/tokenize.cpp:5752]: (warning) Found simple pattern inside Token::Match() call: "do"
2014-03-14 16:27:47 +01:00
7fa73c0d64
Merge pull request #256 from xypron/5505
...
5505: FP: Array accessed out of bounds
2014-03-09 08:47:18 +01:00
bd67db96f1
5505: FP: Array accessed out of bounds
...
CheckBufferOverrun::checkFunctionParameter alreacy considered usage of a
function parameter inside an if block as a special case.
With the patch the same is done for switch statements.
A test is added.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2014-03-07 19:51:13 +01:00
a41a32ba8a
Fixed #5469 (CheckBufferOverrun: Use nullptr)
2014-02-28 17:02:03 +01:00
70a67eaf85
Change some more 0 literals into nullptr.
2014-02-16 13:38:50 +02:00
23efc68dd7
use nullptr
2014-02-16 10:32:10 +01:00
fd3a8a2a18
Update copyright
2014-02-15 07:45:39 +01:00
828609bb11
Fixed two doxygen errors - http://cppcheck.sourceforge.net/devinfo/doxygen-errors.txt
2014-02-09 16:46:49 -03:00
6ca7daec10
Fixed #389 : Providing negative value to memory allocation function.
2014-02-01 22:38:29 +01:00
9aa9530e0d
Fixed #5426 (crash: btrfs-progs cmds-inspect.c)
2014-01-31 06:19:36 +01:00
abe8439917
Fixed #5416 (False positive: Array accessed at index, which is out of bounds.)
2014-01-28 16:55:10 +01:00
0dbb86f0cb
Cleanup ExecutionPath from CheckBufferOverrun
2014-01-22 21:25:37 +01:00
20b73747e0
value flow: refactor. added Token::getMaxValue()
2014-01-21 16:58:23 +01:00
77f3f6c21a
valueflow: added setTokenValue that perform calculations using set value
2014-01-18 19:30:44 +01:00
3e23e243f6
BufferOverflow: Updated message for out of bounds array index or redundant condition
2014-01-17 19:44:45 +01:00
18d6285ad2
BufferOverrun: Improved error message when array index is used before checking that its in limits
2014-01-17 18:56:46 +01:00
0b4de97e2b
value flow: Use ValueFlow in CheckBufferOverrun
2014-01-16 19:23:14 +01:00
a1b0d190df
Fixed #3688 (false positive: (inconclusive, posix) (warning) The buffer 'cBuffer' is not zero-terminated after the call to readlink().)
2014-01-02 10:46:19 +01:00
fe75686595
Ticket #5203 : Don't crash when checking buffer overrun for invalid code.
2013-11-30 07:40:32 +01:00
3bf415fa2b
checkbufferoverrun: improved constness of local variables. checkbufferoverrun:array_index(): added a bailout if the function is called with tok=NULL and added a NULL pointer check after a dynamic_cast.
2013-11-10 05:05:31 +01:00
4eba02d901
Checkbufferoverrun: improved constness of local variables, no functional changes.
2013-11-03 04:48:41 +01:00
c95b153700
Refactorizations:
...
- Removed some redundant operator=, copy-ctor and dtor implementations
- use operator[] instead of at() in library loading code
2013-10-27 13:55:13 +01:00
93bdf45313
Fix typo in error message.
2013-10-23 09:05:39 +03:00
946722faf0
Fixed #4968 (False positive: Structure with 'read' member is confused with read() function.)
2013-10-05 18:25:44 +02:00
894f537eba
Remove warnings emitted by clang's -Wsign-conversion
2013-09-22 13:22:52 +02:00
450442287c
Fixed #4974 (CheckBufferOverrun::writeOutsideBufferSize() too strict)
2013-08-25 18:46:07 +02:00
f8f3f0d384
astyle formatting
2013-08-24 07:37:21 +02:00
5ce7189bc0
Merge pull request #166 from last5bits/ticket4213
...
Fixing #4213 arrayIndexThenCheck and adding tests
2013-08-23 22:36:30 -07:00
d24a321ba2
Fixing #4213 arrayIndexThenCheck and adding tests
2013-08-23 19:04:01 +04:00
9c67af058a
SymbolDatabase: Renamed Variable::varId() to Variable::declarationId() to make it more clear how it works.
2013-07-20 12:31:04 +02:00
d6be4559cd
Fixed #4840 (false negative: buffer access out of bounds)
2013-06-25 06:37:51 +02:00
a861817a01
Fixed #4751 (CheckBufferOverrun: better handling when struct member instance doesn't have same varid as struct member declaration)
2013-05-28 16:52:23 +02:00
ea60c5b14b
CheckBufferOverrun: Code cleanup
2013-05-05 08:14:19 +02:00
c487ea843d
Better fix for #4706 : Use Token::nextArgument() properly. Removed redundant ' in message
2013-04-09 08:30:53 -07:00
ba8cca8fa9
#4706 fix crash when a struct member is used as first argument. Replaced Token::nexArgument with %any% in Token::Match call. Added unittests in testing Token::nexArgument.
2013-04-04 15:12:18 +02:00
99fc5f6203
checkbufferoverrun.cpp: fix a /W4 MSVC warning
2013-03-30 19:06:13 +01:00
a08083a342
#4664 : using Token::nextArgument() and std::string &
2013-03-20 11:53:25 +01:00
ff826d7c62
#4664 : new check: (POSIX) write outside buffer size.
2013-03-19 08:22:48 +01:00
fe046a3350
CheckBufferOverrun: Fixed Cppcheck warning 'variable scope can be reduced' (found by travis)
2013-03-14 18:25:28 +01:00
096fa2f771
Fixed #4380
2013-03-14 10:18:48 -07:00
4b9b87e310
Fixed #4646 (false positive: (style, inconclusive) Technically the member function 'C<T>::operator+=' can be const.)
2013-03-14 06:34:12 +01:00
d78c06dc3f
Replaced _settings->isEnabled("style") by _settings->isEnabled("warning") wherever warnings are issued
2013-03-03 02:41:59 -08:00
f899e6ca30
Changed behaviour of %op% pattern accordingly to changes to Token::isOp(). Added %cop% as replacement for old %op%
2013-03-01 02:43:59 -08:00
27f7917349
Changed severity and message formatting of argumentSize message.
2013-02-16 00:52:27 -08:00
42588e9729
Fixed #4535 (Simplify checks by caching symbol database Variable pointer in Token)
2013-02-06 06:39:58 +01:00
94c953931d
Simplify checks by caching symbol database Variable pointer in Token
2013-01-31 20:08:48 +01:00
ec1c86c152
Symbol database: more function/variable cleanup. Ticket: #4494
2013-01-31 06:41:18 +01:00
859793731d
SymbolDatabase: Refactor findFunction handling. Ticket: #4494
2013-01-28 06:47:48 +01:00
4a73c93750
Fix compiler warnings and comment/string typos
...
- fix g++ warning:
> lib/checkother.cpp:3779: warning: comparison between signed and unsigned integer expressions
- fix suncc warning (see [everything2](http://everything2.com/title/C%252B%252B%253A+static+extern+%2522C%2522 )):
> "lib/checkmemoryleak.cpp", line 578: Warning (Anachronism): Formal argument __compar of type extern "C" int(*)(const void*,const void*) in call to bsearch(const void*, const void*, unsigned long, unsigned long, extern "C" int(*)(const void*,const void*)) is being passed int(*)(const void*,const void*).
- prefer empty() / isEmpty() over "size() > 0" (cases not caught by stlSize)
- fix word misspellings (mostly comments, a few output lines)
- Parenthesis => Parentheses (both variations were used in the codebase)
- fix typo and wording ("never alwayw") in gui/test/data/benchmark/simple.cpp's CheckOther::unsignedPositive():
```
- "An unsigned variable will never alwayw be positive so it is either pointless or "
+ "An unsigned variable can't be negative so it is either pointless or "
```
2013-01-16 07:37:07 -07:00
5d5f7085bf
Updating year 2012 -> 2013 to .cpp and .h files and man page.
2013-01-01 18:29:08 +02:00
78316f02b6
Fix comment about wrong magic number
2012-12-28 11:31:50 +01:00
4708be09f5
Fixed #4444 (segmentation fault)
2012-12-28 11:15:18 +01:00
ce380301fd
Fixed #4432 (Crash on parsing PHP interpreter)
2012-12-26 08:29:10 +01:00
7f6a10599b
Fixed #4262 (Small Request/Suggestion for checks on array size of args (bounty offer))
2012-12-22 09:23:34 +01:00
365a260ddc
Fixed #4398 (False negative: out of bounds (for loop))
2012-12-22 08:00:05 +01:00
5101f3c029
Use the new pattern: '%comp%' where possible.
...
Change also the description comment of the Token::Match by adding the new pattern and the forgotten '%op%'.
2012-12-01 01:31:35 +01:00
031adef6ea
Array index checking: Fixed TODO comment (false negatives when using ?:)
2012-11-30 09:01:15 +01:00
1c4afbce8c
Cleanup: Removed += and -= patterns from the checks. These should be simplified.
2012-11-30 07:08:16 +01:00
0f8db28d30
speed up checks by caching commonly looked up stuff in the symbol database (CheckBufferOverrun, CheckBoost)
2012-10-13 11:16:48 +02:00
68240fffc6
Fixed #4228 ((error) Internal error. Token::Match called with varid 0 (multiple declarations in for loop))
2012-09-23 17:15:39 +02:00
ec01cc811e
Second fix for #4207 (Internal error. Token::Match called with varid 0)
2012-09-23 13:25:28 +02:00
a17f37c67d
CheckBufferOverrun: Better handling of functions with variable arguments
2012-09-22 16:19:19 +02:00
508e9394d3
Added some nullpointer-checks and removed some redundant ones based on VS2012 code analysis results.
2012-09-17 15:22:51 +02:00
6e4e3dfbfb
lib: tabs to spaces, remove trailing spaces and extra empty lines at the end of files
2012-09-17 13:51:23 +02:00
547d3e94b2
Fixed some sign conversion messages from clang.
2012-09-16 16:41:15 +02:00
22a8e3f4e6
Replaced Tokenizer::getFunctionTokenByName() by SymbolDatabase::findFunctionByName(), which handles scopes slightly better.
2012-09-11 18:03:47 +02:00
64faa780fe
Fixed #4087 (div by zero check is invalid for floats)
2012-09-11 16:50:42 +02:00
6b56b4a9d3
Show that inconclusive message is inconclusive
2012-09-07 16:11:15 +02:00
a4b5824dec
New internal check: checkRedundantNextPrevious().
...
Fixed findings by new internal check
2012-09-07 12:36:40 +02:00
e4a693eaab
Refactorizations:
...
- Fixed several findings of CheckInternal.
- Removed some debug code from CheckOther::checkRedundantAssignment().
2012-09-07 11:59:20 +02:00
8c70778b70
Refactorization: Fixed several messages when self-checking cppcheck
2012-09-04 15:29:51 +02:00
4202866100
Fixed #4096 (Improve check: Buffer overrun in for loop, postfix increment in array access)
2012-09-01 19:17:28 +02:00
8afdde0b5e
Fixed #3931 (FP: Buffer access out-of-bounds)
2012-08-12 17:06:54 +02:00
c8773b891d
Refactorization: Make use of Token::scope() replacing certain indentation counters
2012-08-12 03:13:07 -07:00
fae40c4782
Change every C version of 'size_t' to C++ 'std::size_t'.
2012-07-09 13:30:18 +02:00
639f15645a
Message refactorization: checkbufferoverrun.cpp (2), checkclass.cpp, checkexceptionsafety.h
2012-07-09 02:11:05 -07:00
ed7e950671
Message refactorization: checkbufferoverrun.cpp
2012-07-08 06:51:24 -07:00
848fd59cbd
Fixed #3913 (boundcheck, false positive continue in loop)
2012-07-08 14:34:47 +02:00
5de82c1c42
Updated arrayIndexOutOfBounds error message. Thank you Kimmo for the suggestion.
2012-06-23 09:51:32 +02:00
4e98cb3ed9
Fixed #3907 (improve check: detect buffer overrun when using && or || in for loop)
2012-06-23 09:23:14 +02:00
ac524c56ad
Reviewed handling of unknown types in ExecutionPathBufferOverrun
2012-06-23 08:15:59 +02:00
7d59d86ed6
Fixed #3893 (Improve check: Array index out of bounds not detected when down conting)
2012-06-16 17:44:51 +02:00
9dc8123151
Refactorizations:
...
- Use const string references instead of const strings copies when possible
- Fixed cppcheck warning about postfix increment in CheckIO
- Use symbolDatabase to detect pointers in CheckOther::checkAssignBoolToPointer
2012-05-25 03:09:41 -07:00
dc64ac2918
Removed unnecessary variable Function::start - The value is already stored in Function::functionScope->classStart.
2012-05-22 12:58:46 -07:00
12c5980c01
Fix compiler warning about initialization order
2012-05-18 13:59:19 -04:00
de79a4c84f
Fixed initialization list usage according to cppcheck results
...
Fixed comments mentioning nonexistent parameters
2012-05-18 07:57:11 -07:00
ec00824fd3
Fixed #3357 :
...
- Print "inconclusive" tag in cli
- Fixed inconclusive handling in checkbufferoverrun.cpp
- Merged reportInconclusiveError into reportError by adding an additional parameter "bool inconclusive" which is false per default
2012-05-06 10:37:41 -07:00
1a5fbd61d2
Splitted class TokenList from Tokenizer
2012-05-05 09:33:26 -07:00
bb8342fbb4
fixed misspelled word 'Comparision' --> 'Comparison'
2012-04-26 23:04:55 +02:00
dd5e9aa454
Make use of recently implemented Token::type() functionality
2012-04-25 09:56:07 +02:00
b37cf11d20
Refactorizations:
...
- Increased encapsulation by making some functions private
- Removed redundant function CheckBufferOverrun::ArrayInfo::declare
- Avoided copy of ArrayInfo object
- Removed unnecessary and suspicious "if(sizeof(int) == 4)"
2012-03-27 19:40:39 +02:00
e3b3b7b62f
Refactorizations on buffer overrun check:
...
- Replaced a few indendation counters by smaller and faster code
- Make use of safer nextArgument() function instead of some local implementations
- Replaced some simple patterns by direct function calls
- Made a strncpy/strncat search pattern more generic
- Replaced offset variable by incrementation of Token* to avoid subsequent calls to tokAt
- Increased data encapsulation in header
2012-03-17 21:55:08 +01:00
4f3878eb1e
Fixed #3569 (false negative: buffer access out of bounds)
2012-03-13 21:30:03 +01:00
a9480ca0c1
CheckBufferOverrun: move condition before loop
2012-03-13 21:19:10 +01:00
1747813a8b
Added check for invalid pointer casts ( #1255 )
...
Detect sign extension problems when variable is a reference (#3637 )
Refactorizations:
- Tokenizer::getFiles returns a reference instead of a pointer, because its guaranteed that no nullpointer is returned
- Remove signed/unsigned in one step for "%type% signed|unsigned"
- Fixed recently introduced compiler warning in symboldatabase.cpp
2012-02-26 11:56:32 +01:00
5c2af0b2e3
- initialising std::string with 0 in initialisation list is partially detected in nullpointer check ( #3520 )
...
- executionpath checking makes use of symboldatabase
- CheckExceptionSafety::checkRethrowCopy makes use of symboldatabase
2012-01-26 16:50:59 +01:00
194327048a
Add InternalError and change MathLib to throw it in case of an error.
...
- Previously MathLib errors did not provide a filename, but after this change at least source file name should be printed
and if token is provided, also line number should be printed.
- Change also Token to use InternalError
- Modify Cppcheck-class to catch InternalError instead of Token
- Run dmake to update Makefile
2012-01-08 22:19:44 +02:00
8cae17fda8
Update year to 2012
2012-01-01 01:05:37 +02:00
8f2ad53332
Add testcase for previous commit.
2011-12-30 18:47:42 +01:00
dca03c3ce2
Remove unnecessary includes
...
Also add a unit test related to #3427
Also improve the description text in checkclass and remove unused variable.
2011-12-23 23:31:48 +02:00
1ba1be4b8d
Fixed #3428 (false negative: array bounds errors not found when duplicate class names present)
2011-12-18 16:35:51 +01:00
772b8cc37d
Array index out of bounds: Avoid false positives when there are duplicate names for structs
2011-12-18 08:12:42 +01:00
5f712cc213
Array index out of bounds: Fixed false positive when taking address beyond array using calculated array index
2011-12-17 21:35:12 +01:00
f306246c7f
Improved support for references and pointers in SymbolDatabase
...
Replaced several isPointer functions by Variable::isPointer function
Refactorizations & Make use of symbolDatabase more often
2011-12-17 19:04:03 +01:00
95123854ba
Array index out of bounds: Fixed false positive when size is not known.
2011-12-17 13:20:42 +01:00
ffb5d107be
CheckNullPointer::isPointerDeRef: Tweaks to reduce false warnings when inconclusive is used.
2011-12-11 08:48:55 +01:00
497c54a1a7
Fixed #3168 (false negative: buffer overflow in subfunction)
2011-12-11 08:16:58 +01:00
ee39f6402c
reverted fix for #3168 , I'll rewrite it
2011-12-10 20:46:10 +01:00
897e8637b4
Fixed #3168 (false negative: buffer overflow in subfunction)
2011-12-10 19:26:12 +01:00
51c1e2303f
CheckBufferOverrun::checkInsecureCmdLineArgs(): Remove recently unused variable 'pattern'.
2011-12-09 23:24:08 +01:00
91a0a071d0
Take symbol database into use or improve its usage in some checks.
2011-12-09 23:28:10 +02:00
60d828e778
C++ Builder: Fixed compiler error
2011-12-08 22:09:03 +01:00
167a7e3e51
Various code cleanups
2011-12-08 21:28:34 +01:00
344d7e2f34
Fixed #3283 (False negative: array index out of bounds not found for constant string and known array index value)
2011-11-30 19:17:09 -08:00
e0b50719f4
Fixed #909 (improve check: out of bounds of memchr function and out of bounds check)
2011-11-27 07:54:52 +01:00
71c8669261
Fixed #3311 , #3313 and #3339 (printf format string false positives)
2011-11-27 07:29:09 +01:00
6b6f780057
code cleanups and refactorings
2011-11-26 21:02:04 +01:00
b26811cdf5
astyle formatting
2011-11-20 16:50:41 +01:00
a32b05197d
Change every 'tokAt(1)' to 'next()' and every 'tokAt(-1)' to 'previous()'.
...
Added a safety check to ensure that a 'previous()' call doesn't crash (not sure if it's needed or not).
2011-11-20 15:59:37 +01:00
11dd3c09ce
Change every 'tokAt(1)->' to 'next()->' because 'tokAt(1) == 0' is equivalent to 'next() == 0', hence the equivalent cppcheck crash.
2011-11-20 15:09:57 +01:00
42e369a4b4
Change every 'tokAt(..)->link()' to 'linkAt(..)'.
2011-11-20 14:24:27 +01:00
2a5b4b1842
Fixed #3328 (False negative: out of bounds)
2011-11-19 15:28:06 +01:00
2c64d299ca
Change every 'tokAt(...)->str()' to 'strAt(...)'.
2011-11-13 13:10:59 +01:00
ba5909ef1d
General code tweaking, nothing strange.
2011-10-31 02:24:59 +01:00
433f4640a9
Fix some GCC warnings regarding the sign conversion.
2011-10-30 18:34:49 +01:00
0d1046eeeb
Merge pull request #51 from richq/explicit
...
Explicit constructors
2011-10-30 01:38:26 -07:00
d7be62a6f9
Fixed #3221 (FP: Array 'arr[2147483648]' index 0 out of bounds in loop when size unknown to cppcheck)
2011-10-29 20:26:24 +02:00
a0a5b36667
Ensure single-argument constructors are explicit
2011-10-29 18:24:30 +02:00
2b8da1241b
Add missing percent end character
2011-10-29 12:08:36 +02:00
434fb933a8
Implement Token::findsimplematch und use it for simple patterns
2011-10-27 15:59:22 +02:00
54adb910ec
Use Token::simpleMatch instead of Token::Match for simple patterns
2011-10-27 15:59:22 +02:00
a076b24dc6
astyle formatting
2011-10-24 21:57:49 +02:00
3413ffef3e
Refactor readlink() buffer check to also handle readlinkat()
2011-10-24 21:23:18 +02:00
cdfe0d74e4
Make checkSprintfCall using nextArguments()
2011-10-23 17:47:48 +02:00
b332ea8222
Fixed #3204 (Refactor standards support in Settings)
2011-10-22 09:45:48 +02:00
7ae39f13cc
Fixed #3198 (Add check for readlink())
2011-10-14 19:45:51 +02:00
6f8e42a5af
changed the astyle formatting flags
2011-10-13 20:53:06 +02:00
74c0468a18
astyle formatting
2011-10-12 22:06:19 +02:00
b73896bcc5
Fixed #3163 (Out of bounds pointer arithmetic not reset)
2011-10-12 20:54:39 +02:00
abd2525339
Fixed #3161 (Show buffers size info for snprintf() buffer overruns)
2011-10-05 20:17:57 +02:00
65b0fb4519
fix #3153 (false positive buffer access out-of-bounds)
2011-09-30 17:28:59 -04:00
ac070b90f2
fix for loop false positives when zero length arrays present
2011-09-22 21:23:40 -04:00
b349d36c50
fix #3124 (FP: Buffer access out-of-bounds when memset two dimension array (a[5][6]))
2011-09-19 20:32:50 -04:00
3f517b5f23
partial fix for #2960 (false negative: buffer access out of bounds)
2011-09-11 21:51:05 -04:00
40009d091d
add multi-dimension array support to second checkScope and use it for member arrays
2011-09-11 20:42:57 -04:00
0d6592dd2e
use correct checkScope function in CheckBufferOverrun for single dimension member arrays
2011-09-11 19:21:13 -04:00
19928e26d1
refactor to unify functionally identical code in CheckBufferOverrun::checkScope()
2011-09-11 14:00:53 -04:00
e18fe56d56
refactor CheckBufferOverrun to only use multi-dimension array error messages and remove single dimension array message
2011-09-11 09:54:26 -04:00
a9b4e21f60
refactor CheckBufferOverrun::checkScope to take an ArrayInfo parameter
2011-09-10 11:21:52 -04:00
547a79d4fe
calculate array size for variable length structures with array at end in CheckBufferOverrun::checkStructVariable() when possible
2011-09-10 10:14:32 -04:00
b0eab2587d
better detection of variable sized structure in CheckBufferOverrun::checkStructVariable()
2011-09-09 08:37:24 -04:00
27bfa2a346
fix some CheckBufferOverrun::checkStructVariable() flase negatives for possible variable length structs
2011-09-09 07:46:06 -04:00
16924c7c7a
fix #3094 (Buffer access out-of-bounds in struct variable)
2011-09-09 07:16:39 -04:00
812a17f294
fix one of the TODO testcases added for #3094 (Buffer access out-of-bounds in struct variable)
2011-09-08 22:44:25 -04:00
cbbdd55177
fix some -Wconversion -Wsign-conversion warnings in checkbufferoverrun.cpp
2011-09-05 19:02:26 -04:00
7451c5cece
warn when buffer is not zero terminated after memmove
2011-09-05 15:59:41 -04:00
f5d71d1ac5
warn when buffer is not zero terminated after memcpy
2011-09-05 15:41:37 -04:00
3c8988e7a5
warn when buffer is not zero terminated after strncpy
2011-09-05 15:19:38 -04:00
fe85b8779e
fix #2528 (false negative: buffer access out of bounds)
2011-09-04 21:39:52 -04:00
50688b28fd
fix #2889 (false negative: buffer access out of bounds on local struct member)
2011-09-04 19:54:57 -04:00
e782d98241
final fix for #3063 (false negative: multi dimensional arrays not well supported)
2011-09-03 21:51:00 -04:00
7cb5c97e7d
move member variable lookup code from a check to the symbol database so it can be reused by other checks
2011-09-03 12:22:13 -04:00
d23c58d387
enable: break out 'performance' and 'portability' from the 'style' id. Ticket: #3074
2011-09-03 15:30:30 +02:00
d749e28dc0
another partial fix for #3063 (false negative: multi dimensional arrays not well supported)
2011-09-02 21:07:29 -04:00
d85410de8c
partial fix for #3063 (false negative: multi dimensional arrays not well supported)
2011-09-02 19:35:09 -04:00
ef30da51bf
Fixed #3034 (Cppcheck crash on specific file (truecrypt).)
2011-08-29 19:16:52 +02:00
d643397a7e
better message for strncpy zero-terminated check
2011-08-28 09:06:51 -04:00
8c093d0f8a
refactor CheckBufferOverrun::checkScope strncpy check and change experimental to inconclusive
2011-08-27 21:18:39 -04:00
9539d22a1a
partial fix for #3050 (strncpy zero termination check behaving flaky)
2011-08-25 23:48:32 -04:00
6e78b51071
make all functions that call reportError names in checkbufferoverrun end in Error for consisentcy
2011-08-24 07:11:39 -04:00
Daniel Marjamäki
PKEuS
Dmitry-Me
Simon Martin
PKEuS
Philipp Kloke
Alexander Mai
Thomas Jarosch
Heinrich Schuchardt
Lauri Nurmi
Lucas Manuel Rodriguez
Martin Ettl
XhmikosR
Alexey Zhikhartsev
Robert Reif
Andrew C. Martin
Reijo Tomperi
Edoardo Prezioso
Deepak Gupta
Daniel Marjamäki
Andy Maloney
Zachary Blair
Marek Zmysłowski
Richard Quirk