Commit Graph

12163 Commits

Author SHA1 Message Date
Daniel Marjamäki 4a76dbb632 Bug hunting; Avoid bailout uninit FP, stream object 2020-07-19 16:54:44 +02:00
Daniel Marjamäki fe0081496c Bug hunting; Avoid bailout uninit FP, arrays 2020-07-19 16:27:56 +02:00
Daniel Marjamäki 7e65b561f0 AST: Fix ast for 'for ((..initexpr..);;)' 2020-07-19 11:10:38 +02:00
Daniel Marjamäki 3723c708fc ImportProject; Do not fail loading a GUI project that has warning tags 2020-07-19 08:07:10 +02:00
Daniel Marjamäki e9281babc4 Bug hunting; avoid false positives for structs/classes with constructors 2020-07-18 18:54:21 +02:00
Daniel Marjamäki 7cb65b7f67 GUI: Speedup code editor when selecting another warning in the same file 2020-07-18 18:14:55 +02:00
Georgy Komarov 6bc13080ee
Simplify condition 2020-07-18 07:07:20 +03:00
Georgy Komarov 382f21a5c9
Fixed crash on garbage code: comparisson with an empty second operand
This will fix #9774.
2020-07-18 07:02:12 +03:00
Daniel Marjamäki 58638d7757 Bug hunting; Fix itc.py test 2020-07-17 13:20:31 +02:00
Daniel Marjamäki 7a4e6daecd Fix import GUI project problem 2020-07-17 11:26:03 +02:00
Daniel Marjamäki f2bd603bd3 Bug hunting; Fix TestBughuntingChecks 2020-07-17 11:02:46 +02:00
Daniel Marjamäki 592637af61 Bug hunting; Avoid uninit false positives with simple analysis 2020-07-17 09:05:38 +02:00
Daniel Marjamäki 9af288e1dd Fixed #9724 (GUI: The tags do not work anymore) 2020-07-16 23:03:54 +02:00
Paul 831690f89b Use parseDecl instead 2020-07-16 14:33:39 -05:00
Daniel Marjamäki 0632f86449 Bug hunting; avoid bailout false positives when constructor is called 2020-07-16 16:38:22 +02:00
Daniel Marjamäki 9edbec8594 astyle formatting 2020-07-16 16:36:11 +02:00
Daniel Marjamäki 118e9eb3e2 Better handling of CppcheckID suppressions 2020-07-16 15:27:23 +02:00
Daniel Marjamäki 47ff29f1c8
Merge pull request #2708 from pfultz2/multi-mutex-lock
Handle FPs: mutexes being locked at different scopes
2020-07-16 08:35:05 +02:00
Paul 423dcfd005 Fix issue 9796: False positive: lifetime, pointer item is not deallocated by pop_back 2020-07-15 12:22:36 -05:00
Daniel Marjamäki 6ab4f39f52 GUI: Suppress cppcheck-id 2020-07-15 13:03:07 +02:00
Daniel Marjamäki af0db3cc21 Add cppcheck-id for warnings. To start with it's a simple id that changes when file is changed. 2020-07-14 22:30:42 +02:00
Paul 1f74400f13 Merge branch 'revert-mutex-delete' into multi-mutex-lock 2020-07-14 13:05:14 -05:00
Paul 4373404238 Revert "Fixed #9795 (False positive: Local lock is not ineffective, mutex is locked in thread also.)"
This reverts commit 27841d6b81.
2020-07-14 13:04:59 -05:00
Daniel Marjamäki a6d70b9022 Code cleanup, __temp__ files are not needed anymore 2020-07-14 16:54:00 +02:00
Daniel Marjamäki 8d6fd4769b Bug hunting; Terminating analysis 2020-07-14 11:22:42 +02:00
Daniel Marjamäki 176826a1f5 Bug hunting; Avoid false positives 2020-07-14 11:15:26 +02:00
Daniel Marjamäki fe324aea49 Bug hunting; Detect internal error and throw exception 2020-07-14 10:25:00 +02:00
Daniel Marjamäki 6030ab72ab Bug hunting; Avoid some bailout false positives in uninit checker 2020-07-14 08:12:40 +02:00
Daniel Marjamäki e0be224f4e
Merge pull request #2709 from pfultz2/fp-duplicate-cond-this
Fix FP of duplicateCondition when modifying the this variable
2020-07-13 21:14:58 +02:00
Daniel Marjamäki b2f463dd65
Merge pull request #2707 from Ken-Patrick/fp_pointer_expressions
Fix some false positives when the same expression at different places…
2020-07-13 20:59:22 +02:00
Paul 519f2a537a Format 2020-07-13 13:55:45 -05:00
Daniel Marjamäki 33557012a1
Merge pull request #2706 from rikardfalkeborn/condition-fn-with-sizeof
Fix FN with known condition and sizeof
2020-07-13 20:54:25 +02:00
Daniel Marjamäki 36b9e545ac Bug hunting; more bailout warnings in uninit check 2020-07-13 20:23:44 +02:00
Daniel Marjamäki 8ba714373f
Merge pull request #2704 from rikardfalkeborn/9635-memleak-with-comma-operator-in-if-statement
Fix #9635 (FP: Memory leak with comma operator in if-statement)
2020-07-13 20:08:57 +02:00
Paul 450bdfedf3 Fix FP of duplicateCondition when modifying the this variable 2020-07-13 12:40:01 -05:00
Daniel Marjamäki 4465d033f6 Bug hunting; When passing uninitialized data to unknown function it is inconclusive if that would be a problem for the function or not 2020-07-13 11:43:11 +02:00
Paul caabe56f14 Handle FPs: mutexes being locked at different scopes 2020-07-12 21:31:53 -05:00
Ken-Patrick Lehrmann 61ccf888b3 Fix some false positives when the same expression at different places does not have the same value
Typically with
```
int F(int *f);
void F2(int *a, int *b) {
  int c = *a;
  F(a); // modifies *a
  if (b && c != *a) {}
}
```
we would get the following FP:
```
[test.cpp:3] -> [test.cpp:5]: (style) The comparison 'c != *a' is always false because 'c' and '*a' represent the same value.\n
```

I guess it boils down to isSameExpression only checking that the
expression is the same (in the above case, "*a" and "*a" are indeed the
same), but there's not real check on the values.
So the patch here is a bit hackish, and we still have false negatives in
cases with dereferenced pointers.
2020-07-11 14:13:18 +02:00
Rikard Falkeborn d8e7e9176b Fix FN with known condition and sizeof
cppcheck behaved differently if sizeof was to the left or right of the
comparison. In order to fix this, we cannot break the while loop until
all operands have been processed.
2020-07-10 23:39:16 +02:00
Daniel Marjamäki 27841d6b81 Fixed #9795 (False positive: Local lock is not ineffective, mutex is locked in thread also.) 2020-07-10 19:24:45 +02:00
Rikard Falkeborn 1e679cc5d1 Fix #9635 (FP: Memory leak with comma operator in if-statement)
When checking for comparisons in if-statements, if there are comma
operators in the if-statement, skip until after the last comma.
2020-07-09 21:31:43 +02:00
Daniel Marjamäki 0c6aabe444
Merge pull request #2703 from rikardfalkeborn/9652-fp-function-call-cast-config
Fix #9652 (fp memleak with function call with cast)
2020-07-08 15:10:41 +02:00
Rikard Falkeborn 4996ec190e Fix #9652 (fp memleak with function call with cast)
When the first argument was (void *)(1), at the start of the second
iteration, arg was pointing to the "1", which caused problems for
nextArgument(), which saw the ")" as the next token and returned
nullptr, signalling that there are no more arguments.

Instead, save the first token in the argument, which makes
nextArgument() do the right thing.
2020-07-08 00:02:39 +02:00
Rikard Falkeborn d5345052ab Fix #9793 (false positive, memleak with lambda)
Skip scopes with lambdas (similar to how checkleakautovar does). In
order to fix this when the lambda is inside a for loop, make
hasInlineOrLambdaFunction() recursive. This should be what all existing
users want.
2020-07-07 21:51:36 +02:00
Daniel Marjamäki 686a6c7862 Fixed compiler warning 2020-07-03 17:54:55 +02:00
Daniel Marjamäki d2b2bae7bf Fixed #7733 (False positive: scope of the variable can be reduced (variable is used in hidden code)) 2020-07-01 08:24:52 +02:00
Daniel Marjamäki f56a17bf3d Fixed #8858 (FP: identicalConditionAfterEarlyExit when there is #if) 2020-07-01 07:48:32 +02:00
Daniel Marjamäki ddd21a260f Fixed #6978 (False positive: unusedLabel shown for labels that are used in some preprocessor configurations) 2020-06-30 18:26:24 +02:00
Daniel Marjamäki 0583763cc6 Fixed #3088 (False positive: Dont report "struct or union member is never used" for structs with __attribute__((packed)) or #pragma pack(push)) 2020-06-30 11:00:40 +02:00
Daniel Marjamäki 1567ccf97b
Merge pull request #2700 from pfultz2/afterConditionFunction
Extend scope of afterCondition until end of function
2020-06-30 08:28:08 +02:00
Paul c76c03c711 Replace noreturn with macro 2020-06-29 15:54:51 -05:00
Paul 67e06c18a9 Use the already available function scope 2020-06-29 15:36:01 -05:00
Paul a412e3e1f1 Mark syntax error functions as noreturn 2020-06-29 15:33:25 -05:00
Paul 600919f624 Remove redundant conditions 2020-06-29 15:13:06 -05:00
Daniel Marjamäki f34ff9325a Fixed testrunner 2020-06-29 21:53:14 +02:00
Daniel Marjamäki a0770f05e1 Reuse 'extractForLoopValues' in ValueFlow 2020-06-29 21:01:43 +02:00
Paul 07d8cb4f01 Extend scope of afterCondition until end of function 2020-06-29 11:55:59 -05:00
Daniel Marjamäki a49d277e0d Fixed #6471 (FP functionConst - member function modifying member variable after cast (inconclusive)) 2020-06-29 13:09:01 +02:00
Daniel Marjamäki 5164d87a2e Bug hunting; Fixed false positives for containers 2020-06-28 22:49:51 +02:00
Paul d5b6d49d96 Fix issue 9578: false negative: (style) Condition '...' is always false 2020-06-28 15:28:08 -05:00
Daniel Marjamäki b5cd96cbda ExprEngine; Rename variable 2020-06-28 21:36:56 +02:00
Daniel Marjamäki ad5e4fef1f Bug hunting; improved handling of 'malloc' in uninit checker 2020-06-28 21:20:59 +02:00
Daniel Marjamäki 6c588cc3ef Library: Refactoring <alloc> init attribute 2020-06-28 21:01:43 +02:00
Daniel Marjamäki 0e736e0c29 Rename BugHuntingException to ExprEngineException 2020-06-28 17:39:14 +02:00
Daniel Marjamäki d4bd3016da ExprEngine; Improved handling of for loop, loop variable 2020-06-28 17:28:40 +02:00
Daniel Marjamäki c42c751d61 ExprEngine; Fixed testing 2020-06-28 13:41:27 +02:00
Daniel Marjamäki f85cdd3f77 ExprEngine: DataIndex update to get better debug output 2020-06-28 10:52:50 +02:00
Daniel Marjamäki bcaf792e30 Bug hunting; Fix FP for struct with uninitialized members passed to function in C 2020-06-27 22:11:12 +02:00
Daniel Marjamäki c7a8f5217f ExprEngine; Fixed Cppcheck warning 2020-06-27 21:54:38 +02:00
Daniel Marjamäki cd49eb0978 Fix Cppcheck warnings 2020-06-27 20:59:10 +02:00
Daniel Marjamäki d353a4ecba ExprEngine; copy Data => copy arrays 2020-06-27 18:09:43 +02:00
Daniel Marjamäki e6aa96d90f Bug hunting; Improved uninit checking 2020-06-27 14:59:02 +02:00
Daniel Marjamäki 303cadf99f Bug hunting; Improved uninitData warning when unknown function is not configured 2020-06-27 14:29:29 +02:00
Daniel Marjamäki e19ef6ac62 Bug hunting; Improved uninit checking for function calls with constant parameter 2020-06-27 14:15:53 +02:00
Daniel Marjamäki d303510c78 Use value temp.maxTemplateRecursion 2020-06-27 12:57:09 +02:00
Daniel Marjamäki ff5a717fc6 Bug hunting; Avoid false positives for const parameter data 2020-06-27 12:17:11 +02:00
Daniel Marjamäki 57187ef876 ImportProject: Read max template recursion configuration value 2020-06-27 10:34:02 +02:00
Daniel Marjamäki b09bcdc38c Use ValueFlow for compareBoolExpressionWithInt 2020-06-27 08:13:22 +02:00
Daniel Marjamäki 0352a5d32f astyle formatting
[ci skip]
2020-06-27 07:34:48 +02:00
Daniel Marjamäki 1ad70bbeb8
Merge pull request #2697 from pfultz2/unique_lock
Extend mutex checking for more locking patterns
2020-06-27 07:32:26 +02:00
Daniel Marjamäki c3749625f3
Merge pull request #2688 from jpyllman/fix_chklibfunc
not report locally declared functions as missing configuration of --check-library
2020-06-27 06:53:09 +02:00
Daniel Marjamäki 72bdeb9307
Merge pull request #2698 from pfultz2/const-param-casts
Fix issue 9778: False positive: constParameter when returning non-const reference cast
2020-06-27 06:45:30 +02:00
Paul cf475fab51 Fix issue 9778: False positive: constParameter when returning non-const reference cast 2020-06-26 15:47:59 -05:00
Daniel Marjamäki f5ace9ffbe SymbolDatabase; Improved ValueType when container methods items 2020-06-26 22:47:28 +02:00
Paul 82b91869ee Extend mutex checking for more locking patterns 2020-06-26 15:06:20 -05:00
Daniel Marjamäki c5f9e85ee7 GUI: Add configuration for max recursion in template instantiation 2020-06-26 17:12:02 +02:00
Daniel Marjamäki f569bc79f5
Merge pull request #2694 from pfultz2/pch
Add option to disable pch since its broken with ccache
2020-06-26 16:45:38 +02:00
Daniel Marjamäki 98bf0d41aa TemplateSimplifier; Clarify information message when max recursion limit is reached 2020-06-26 12:59:40 +02:00
Daniel Marjamäki 262f44e76a astyle formatting
[ci skip]
2020-06-26 12:56:56 +02:00
Daniel Marjamäki cb8396aaf8
Merge pull request #2696 from pfultz2/getTokenArgumentFunction-ast
Fix issue 9710 and 9767: Use AST to get function from argument
2020-06-26 09:50:18 +02:00
Paul 1bef6ed268 Another check for null 2020-06-25 19:12:01 -05:00
Paul 263a0364cc Avoid null pointer dereference 2020-06-25 17:23:42 -05:00
Paul 720d882b69 Remove known arg 2020-06-25 17:20:20 -05:00
Paul 60c42b17a6 Fix known conditions 2020-06-25 15:46:30 -05:00
Daniel Marjamäki af6e76d623 Fixed #9787 (Better handling of user defined literals) 2020-06-25 22:06:34 +02:00
Paul 1676ad5f45 Fix issue 9710 and 9767: Use AST to get function from argument 2020-06-25 12:54:46 -05:00
Daniel Marjamäki ec8fbb1580
Merge pull request #2682 from pfultz2/check-mutexes
Add new check for incorrect usage of mutexes and lock guards
2020-06-25 16:21:36 +02:00
Paul 18a8b5bc65 Add option to disable pch since its broken with ccache 2020-06-24 18:41:16 -05:00
Paul 3c10a9c659 Update message 2020-06-24 18:09:30 -05:00
Daniel Marjamäki 34468f3c1a Template simplifier; Write information message when recursion limit is reached. 2020-06-24 20:30:03 +02:00
Daniel Marjamäki 693b24d30a Fix testrunner 2020-06-22 14:31:34 +02:00
Daniel Marjamäki ab14d2bc0f exceptRethrowCopy: Fixed FP in Cppcheck 2020-06-22 12:26:41 +02:00
Daniel Marjamäki 9b5986505e AST; Improved ast for variable declaration with assignment 2020-06-22 08:34:31 +02:00
Daniel Marjamäki f792cabc2b ExprEngine; better handling of containers 2020-06-21 21:48:36 +02:00
Daniel Marjamäki 5497e8ed67 ExprEngine; Improved handling of stream read 2020-06-21 20:05:26 +02:00
Daniel Marjamäki 11e2b5ea14 Bug hunting; Timeout 2020-06-21 18:28:07 +02:00
Daniel Marjamäki 65498b5e9a Bug hunting; Fixed hang when there is recursion 2020-06-21 15:16:05 +02:00
Daniel Marjamäki 8ec5605bac
Merge pull request #2689 from Ken-Patrick/9769
9769: Improve value flow for ternary operator
2020-06-21 13:04:43 +02:00
Daniel Marjamäki ff445f9ca2 Bug hunting; Make cve.py happy again 2020-06-21 08:50:27 +02:00
Daniel Marjamäki f270ca1909 ExprEngine; Better handling of function calls 2020-06-20 23:00:39 +02:00
Ken-Patrick Lehrmann 5a3789a23f 9769: Improve value flow for ternary operator
In some cases, the condition of the ternary operator is assigned a known
value after the two possible results, and in such cases, we would not
take the opportunity to assign a value to the ternary operator (and to
the other parents in the ast).
This patch adds this capability.
2020-06-20 10:29:28 +02:00
Ken-Patrick Lehrmann 7065c5598b Try to fix compilation with cppcheck.vcxproj 2020-06-20 09:47:35 +02:00
Daniel Marjamäki af45148e58 ExprEngine; Refactor and improve code. Add tests for increments. 2020-06-19 20:40:20 +02:00
Daniel Marjamäki 06aeac75dc Bug hunting; Fix false negatives 2020-06-19 18:38:02 +02:00
Daniel Marjamäki b4443aa5a0 Suppress exceptRethrowCopy false positive 2020-06-19 18:15:04 +02:00
Daniel Marjamäki 8653c4b3a9 ExprEngine; Fix uninitialized value FP in subfunction when argument is passed by value 2020-06-19 18:05:56 +02:00
Daniel Marjamäki 6ec15b6d7b ExprEngine; Simple handling of increment/decrement 2020-06-19 17:35:35 +02:00
Daniel Marjamäki a5a3738df4 Fixed cve.py 2020-06-19 17:13:35 +02:00
orbitcowboy f60e805798 Running astyle [ci skip] 2020-06-19 16:36:09 +02:00
Daniel Marjamäki c62e345340 Fix Cppcheck warning 2020-06-19 14:11:49 +02:00
Daniel Marjamäki f516bde744 ExprEngine; Fix TODO assertion 2020-06-19 14:05:19 +02:00
Daniel Marjamäki d0ac583b97 Add 'bughuntingchecks' 2020-06-19 13:16:48 +02:00
Daniel Marjamäki cbe038e694 ExprEngine: execute functions in same TU 2020-06-19 10:27:59 +02:00
Jens Yllman 08b0fa21a7 do not report locally declared functions as missing configuration for --check-library 2020-06-18 14:49:19 +02:00
Daniel Marjamäki 542158d0f4 Bug hunting; checking uninitialized struct member 2020-06-18 13:49:11 +02:00
Jens Yllman 9320ac287a only report on functions in --library files 2020-06-18 11:42:07 +02:00
Paul f7029e62ac Check for mor FPs 2020-06-17 17:06:06 -05:00
Daniel Marjamäki 3f8218af1b Removed CheckClass::operatorEq: does not 'belong' 2020-06-17 20:35:43 +02:00
Ken-Patrick Lehrmann c297ed8204 Better handle noreturn or throwing functions in valueflow
Teaching cppcheck about `BOOST_THROW_EXCEPTION` and
`boost::throw_exception`, and using noreturn information from libraries
in value flow.

This fixes false positive nullPointerRedundantCheck with the following
code:
```
void throwexception(int * buf)
{
    if (!buf)
        boost::throw_exception(std::bad_alloc());
    *buf = 0;
}
```
2020-06-17 19:06:14 +02:00
Paul 21f76d62a1 Merge branch 'main' into check-mutexes 2020-06-17 10:45:43 -05:00
Daniel Marjamäki 51a6af299f
Merge pull request #2683 from Ken-Patrick/cast_expandTemplate
Fix handling of c++ casts in template expansion
2020-06-17 09:21:01 +02:00
Daniel Marjamäki 94f92f00fe
Merge pull request #2684 from firewave/precompiled
use precompiled headers if CMake supports it
2020-06-17 07:53:51 +02:00
Daniel Marjamäki d26593321d Fixed Visual Studio compile error 2020-06-16 22:56:01 +02:00
Daniel Marjamäki 4947a3b7ab Bug hunting; review and improve handling of multi dimensional arrays 2020-06-16 22:50:45 +02:00
firewave a49d60f0b3 use precompiled headers if CMake supports it 2020-06-16 19:56:53 +02:00
Ken-Patrick Lehrmann 5c1a2db434 Fix handling of c++ casts in template expansion
Cast were not expanded properly: the `<` was not taken into account in
typeindentlevel, so we would then miss a `>`, resulting in syntaxError.
2020-06-16 19:36:04 +02:00
Paul 18225ee27e Update text and change to warnings 2020-06-16 10:32:39 -05:00
Paul 7c9144ea47 Add to classInfo 2020-06-15 19:43:33 -05:00
Paul 172537807b Add check for incorrect usage of mutexes and lock guards 2020-06-15 19:40:54 -05:00
Daniel Marjamäki 6faad9cd90 Bug hunting; better handling when assigning multidimensional array in for loop 2020-06-15 22:42:45 +02:00
Daniel Marjamäki b36c85d8fd Rename VerifyException to BugHuntingException 2020-06-15 22:07:32 +02:00
Daniel Marjamäki f5fe5ca2dd
9768: Fix ast with throw in the middle of return (#2678)
* 9768: Fix ast with throw in the middle of return

```
int f(bool x)
{
    return x ? 0 : throw 0;
}
```

The `throw` part was not included in the ast, leading to an invalid
ternary operator.

* 8526: Fix ast construction for ternary operator

This tries to decide a bit more properly when ':' can be part of a
ternary operator. More precisely, there are some times when we want to
delay the construction of the ast for ':', so that it is place
accordingly to the matching '?'.

Typically, this fixes an issue with
`return val < 0 ? throw 1 : val;`,
where the ast for ':' would be constructed during as part of the
`throw`, and the ast for `?` would be invalid.

This patch is a bit of a hardcode, stating that we don't expect ':'
inside a throw, unless there is a complete ternary operator in there
(there can't be a range based for loop, a case in a switch). When we
reach ':', we know we are and the end of the `throw`.
2020-06-15 10:36:02 +02:00
Daniel Marjamäki 2b0e4926bc valueFlowAfterAssign: variable initialization 2020-06-14 21:14:05 +02:00
Ken-Patrick Lehrmann 7ddb7aef7d 8526: Fix ast construction for ternary operator
This tries to decide a bit more properly when ':' can be part of a
ternary operator. More precisely, there are some times when we want to
delay the construction of the ast for ':', so that it is place
accordingly to the matching '?'.

Typically, this fixes an issue with
`return val < 0 ? throw 1 : val;`,
where the ast for ':' would be constructed during as part of the
`throw`, and the ast for `?` would be invalid.

This patch is a bit of a hardcode, stating that we don't expect ':'
inside a throw, unless there is a complete ternary operator in there
(there can't be a range based for loop, a case in a switch). When we
reach ':', we know we are and the end of the `throw`.
2020-06-14 18:57:18 +02:00
Ken-Patrick Lehrmann 4023a487ff 9768: Fix ast with throw in the middle of return
```
int f(bool x)
{
    return x ? 0 : throw 0;
}
```

The `throw` part was not included in the ast, leading to an invalid
ternary operator.
2020-06-14 14:49:10 +02:00
orbitcowboy f69ce02c90 Running astyle [ci skip] 2020-06-14 10:06:54 +02:00
Daniel Marjamäki 97fd51edd1 Set version to 2.1.99 / 2.2 dev 2020-06-14 07:16:14 +02:00
Daniel Marjamäki 026bbac975 2.1: Set version 2020-06-13 17:04:26 +02:00
Daniel Marjamäki 37245a8179 Update copyright year 2020-06-13 16:37:12 +02:00
Paul Fultz II 06ed088bd0
Fix issue 9751: Wrong lifetime caused by std::function (#2676) 2020-06-13 10:26:54 +02:00