Commit Graph

233 Commits

Author SHA1 Message Date
Robert Reif 6043a27065 Fixed (%h and %hh printf type size specifiers not supported) 2016-08-24 12:47:11 +02:00
Robert Reif 28e14f0b94 Fixed (QString::asprintf format string checking.) 2016-08-24 12:44:57 +02:00
Robert Reif 4d157af61f Fixed (QString::sprintf format string checking) 2016-08-20 08:47:52 +02:00
Daniel Marjamäki 789aef7fde Fixed (Microsoft ATL/MFC CString::Format argument checking) 2016-08-19 17:36:27 +02:00
Daniel Marjamäki f2e49b4db4 Fixed (Defect: False positive due to mistake in return type of function pointer.) 2016-08-14 17:19:14 +02:00
Robert Reif 768c26805c Fixed false positive: %Ld in format string (no. 1) requires 'long long' but the argument type is 'long long' (). 2016-07-16 10:33:46 +02:00
Simon Martin 12a298b9cd Ticket : Properly represent integer types smaller than int in CheckIO::ArgumentInfo. 2016-05-28 15:36:13 +02:00
PKEuS 373ac52480 Mention exact function name in invalidscanf message () 2016-05-26 21:11:33 +02:00
PKEuS 851c6e0ed5 Improved buffer overflow checking for scanf: %c with a width () 2016-05-22 14:00:26 +02:00
orbitcowboy b1b0c920e3 Removed sprintf_s from windows.cfg. 2016-05-19 08:22:40 +02:00
orbitcowboy 46adf180d7 cfg: Added support for fopen_s and sprintf_s functions. Fixed a wrong tests. 2016-05-18 09:31:26 +02:00
Robert Reif 0fc59d0228 False positive invalidPrintfArgType_uint - %lu with 0ul 2016-02-19 10:12:47 +01:00
PKEuS cae19cadd3 ValueType: Added support for static member variables and simplified code 2016-02-04 20:49:13 +01:00
Daniel Marjamäki 988918c9bc ValueType: Use signed as default sign for short/int/long/longlong 2016-01-31 14:34:26 +01:00
Daniel Marjamäki e660c55d39 TestIO: Refactoring macros 2016-01-31 13:49:17 +01:00
PKEuS 6d0c2f7253 Fixed false positive useClosedFile when noreturn function is called () 2016-01-31 10:39:35 +01:00
Robert Reif 966d078dcc CheckIO: Fix FN when using '%x' as format specifier for a 'signed int' variable 2016-01-15 09:29:29 +01:00
Daniel Marjamäki 5214406771 Try to readd refactorings in testio. 2016-01-14 09:00:03 +01:00
Daniel Marjamäki 9c8ff5b89c TestIO: Use std::strcmp() to compare strings instead of std::string() 2016-01-13 19:04:30 +01:00
Daniel Marjamäki dd3dd397b5 try to fix travis and appveyor by reverting my changes 2016-01-13 18:31:57 +01:00
Daniel Marjamäki a6ac22f735 Attempt to fix travis and appveyor 2016-01-13 16:39:09 +01:00
Daniel Marjamäki 075c479bff TestIO: Refactoring, split up test cases 2016-01-13 11:34:37 +01:00
Daniel Marjamäki 647f3fc619 Refactoring TestIO 2016-01-13 10:13:24 +01:00
Daniel Marjamäki 610326e37f Refactoring TestIO macros 2016-01-12 20:03:42 +01:00
Daniel Marjamäki 4f958bd2ca Refactor TestIO, split test case 2016-01-12 19:23:37 +01:00
Daniel Marjamäki 14670f743e Refactor TestIO, split test cases 2016-01-12 16:43:27 +01:00
Daniel Marjamäki 89b23bb698 Refactor TestIO, split test case 2016-01-12 15:06:42 +01:00
Daniel Marjamäki 5079b6d95e TestIO refactoring, split test case 2016-01-12 15:01:32 +01:00
Daniel Marjamäki dbf620aa8c TestIO refactoring, split test case 2016-01-12 14:41:03 +01:00
Daniel Marjamäki 0226ee5ef3 TestIO: Splitting up test case 2016-01-12 13:06:42 +01:00
Lauri Nurmi 996c9244d8 Update copyright year to 2007-2016. 2016-01-01 15:34:45 +02:00
Daniel Marjamäki 0f9d90d2be Changed Copyrights. Removed my name. 2015-11-18 20:04:50 +01:00
PKEuS eefea507b9 Use ValueFlow in CheckIO::checkWrongPrintfScanfArguments() () 2015-11-06 09:52:22 +01:00
PKEuS 3971f8625f Fixed false positive seekOnAppendedFile if FILE* is reused () 2015-10-13 15:32:13 +02:00
Daniel Marjamäki 604a9acb48 ValueType: Handling constness 2015-10-07 19:08:26 +02:00
Daniel Marjamäki b77203a277 CheckIO: Handle AST pointer type better 2015-10-05 19:59:15 +02:00
Daniel Marjamäki b9036c2ca8 AST types: Fix for 'long long' handling 2015-10-05 19:20:42 +02:00
Daniel Marjamäki 8f6bd7fd0d Fixed (False positive for printf("%c", "hello"[0])) 2015-10-05 10:12:30 +02:00
Daniel Marjamäki e578988832 invalidScanf: removed the checking for 'scanf crash with huge input data for old glibc'. new systems are not vulnerable to this bug anymore. 2015-08-14 08:03:46 +02:00
PKEuS a0890ecd2c Fixed false positive: Do not print useClosedFile on arrays () 2015-07-20 22:40:19 +02:00
PKEuS bc5132e0ac Refactorization: Moved declaration of errout, ... to testsuite.h, uniformized style 2015-03-11 22:54:43 +01:00
PKEuS 5c56e63996 Fixed false positive : Handle member functions in CheckIO::checkFileUsage() 2015-01-27 21:52:52 +01:00
Daniel Marjamäki ff11ba9847 Updated copyright year to 2015 2015-01-03 12:14:58 +01:00
Robert Reif 9e60f584d9 Fixed : Implemented function Token::swapWithNext(). 2014-12-27 10:53:26 +01:00
Daniel Marjamäki 051d42ae6b astyle formatting 2014-11-20 14:20:09 +01:00
orbitcowboy f5d804f71a running astyle 2014-11-20 10:13:03 +01:00
Robert Reif d5908f03b7 Fixed (false negative: printf format check for user defined array type) 2014-10-20 06:33:36 +02:00
Robert Reif e2f72b4cb1 Fixed (Move Windows platform types into library) 2014-10-19 07:34:40 +02:00
Robert Reif 1729ea6f0f Fixed (Format specifier check confused by ternary operator) 2014-09-24 16:45:06 +02:00
PKEuS 0a416910c4 Improved speed of testrunner: Avoid repeated loading of the same library 2014-09-10 20:29:44 +02:00
PKEuS 288c94a47f Extended Message "fflushOnInputStream" to files opened for reading. 2014-08-31 21:03:33 +02:00
PKEuS b07f61170d Changed severity of fflushOnInputStream to portability: The behaviour of fflush(stdin) is defined on Linux. 2014-08-31 20:56:05 +02:00
Robert Reif 90bc59e0fa Fixed (Detect type mismatch in printf-like function when type is returned) 2014-07-28 09:16:35 +02:00
PKEuS f7a41057ad Use AST in CheckIO::checkCoutCerrMisusage() - fixes . 2014-05-22 20:25:54 +02:00
Robert Reif 888fd44039 Fixed (Wrong warning: %zu requires 'size_t' - but type is 'std::size_t') 2014-05-04 07:55:23 +02:00
Alexander Mai 1d78d74175 Add test to improve coverage of CheckIO::checkWrongPrintfScanfArguments() 2014-04-18 11:39:58 +02:00
Robert Reif b0af67f369 Fixed (false positive: (warning) %zd in format string (no. 1) requires 'ssize_t' but the argument type is 'ssize_t {aka long}'.) 2014-04-10 17:25:11 +02:00
PKEuS 838cac5a3a Added unit test for . 2014-03-28 11:34:23 +01:00
Robert Reif 5c88934431 CheckIo: Fixed FIXME 2014-03-19 20:57:33 +01:00
PKEuS 3a4b7e5c07 Fixed false positive 2014-03-18 13:44:27 +01:00
Robert Reif 7b5a96dc06 Partial fix for (printf/scanf argument tests failing on Windows x64) 2014-03-18 06:12:09 +01:00
PKEuS 86e6bb430a New check: Warning, if positioning operation (fseek) is performed on a file opened in "a" mode 2014-03-17 11:02:03 +01:00
Robert Reif cb1fc06a80 Fixed (CheckIO::checkFileUsage doesn't support wide char and microsoft functions) 2014-03-12 19:22:44 +01:00
Daniel Marjamäki fd3a8a2a18 Update copyright 2014-02-15 07:45:39 +01:00
Robert Reif d679a4c1f7 Fixed (False positive: Invalid argument in scanf for %zd) 2014-01-14 06:09:13 +01:00
PKEuS b775714e3d Moved several hardcoded function names in format string checking into libraries (std.cfg and windows.cfg).
Added support for loading a library in test suite.
2014-01-12 03:44:24 -08:00
Robert Reif cbe3862599 Fixed (Size specifier in printf functions is wrong for some types) 2014-01-03 15:58:45 +01:00
PKEuS 4f0121ee2f Splitted simplification out of tokenize() 2013-12-30 17:45:28 +01:00
Robert Reif 0afdbc73da Fixed (Crash below CheckIO::checkWrongPrintfScanfArguments()) 2013-11-23 08:40:35 +01:00
Robert Reif a6ef3a224a Fixed (false negative: improper formatstring - vector::at()) 2013-11-08 12:44:05 +01:00
Robert Reif 94187c41c2 Fixed (False positive: Invalid argument in printf and scanf for vector template) 2013-10-27 10:48:49 +01:00
Robert Reif 7098fc6039 CheckIO: fixed handling of unknown types. Ticket 2013-10-05 16:47:06 +02:00
Robert Reif 5dbc02250f This patch adds pointer to format string support to printf. Ticket: 2013-10-05 07:47:52 +02:00
Robert Reif 6c06cdd24d CheckIO fixes. Ticket: 2013-10-04 17:30:55 +02:00
Robert Reif 59de30823e CheckIO: This patch adds support for fprintf_s, fscanf_s and %I. Ticket: 2013-10-03 06:37:40 +02:00
Robert Reif 5aba841499 CheckIO: Handling of casts () 2013-10-02 04:12:46 +02:00
Robert Reif cc6745fef6 CheckIO: Fixed false positives when using _snprintf_s and _snwprintf_s. Ticket: 2013-10-01 05:49:44 +02:00
Robert Reif c37c6617d3 Fixed (Microsoft secure printf/scanf support.) 2013-09-30 19:55:21 +02:00
Robert Reif d3798958f4 CheckIO: Fixed false positive when using wchar_t () 2013-09-29 15:25:18 +02:00
Robert Reif c5723ab46a CheckIO: Clarify format check warnings 2013-09-29 10:42:47 +02:00
Robert Reif 44d86e97c0 Fixed (Microsoft ATL/MFC CString::Format argument checking) 2013-09-26 16:20:01 +02:00
Robert Reif 2de3ebcb1e CheckIO: fixed some more false negatives. Ticket: 2013-09-24 06:43:03 +02:00
Robert Reif 5c4c397372 CheckIO: add scanf argument type checking. Floating point and integer checking is complete but string checking is incomplete and character checking is missing. Ticket 2013-09-22 06:56:31 +02:00
Robert Reif 19745bbb7d Fixed (Confusing message about %lf format in printf()) 2013-09-15 16:38:45 +02:00
Robert Reif 4d82e37078 Fixed (Confusing message about %lf format in printf()) 2013-09-12 05:54:05 +02:00
Robert Reif 9be2f6b5d4 Fixed (printf format argument check only supports simple variables) 2013-09-08 20:21:00 +02:00
Daniel Marjamäki 40c5924292 CheckIO: Handle classes derived from STL 2013-09-07 07:20:06 +02:00
Robert Reif 2fe91e290c CheckIo: Improved %d handling 2013-09-05 06:04:41 +02:00
Robert Reif 921a1aaa4f CheckIO: Improved handling of %u 2013-09-05 01:46:58 +02:00
Robert Reif 0dddd424a4 CheckIO: Improved handling of function return type 2013-09-03 05:50:19 +02:00
Robert Reif 8790f6d73f Fixed (Crash with simple code snipped in rev ab30fa3) 2013-08-31 18:58:55 +02:00
Robert Reif 05f2f0e419 CheckIO: improved type info - keep track of original typename. 2013-08-31 06:26:39 +02:00
Robert Reif fc435ae9aa CheckIO: fix false negative for a function in a base class not being found, fix false positives and negatives for std::vector operator [] 2013-08-30 05:41:59 +02:00
Robert Reif 2950eb08cb CheckIO: fix some %I64 related false positives. Ticket: 2013-08-29 05:49:16 +02:00
Robert Reif 5c3315db7a CheckIO: improved handling of functions returning pointers. Ticket: 2013-08-28 05:57:40 +02:00
Robert Reif 228f6b1a87 Fixed (False positive: (warning) %f in format string (no. 1) requires a floating point number given in the argument list.) 2013-08-27 05:46:09 +02:00
Robert Reif a1b9bb0688 CheckIO: Fix false positives for functions returning unknown types and false negatives for functions returning record types 2013-08-26 06:03:26 +02:00
Robert Reif 3d9383aabb Fixed (False positive: (warning) %s in format string (no. 3) requires a char* given in the argument list. (git/column.c)) 2013-08-25 08:32:10 +02:00
Robert Reif 26de3646e9 CheckIo: Revised patch that fixes bug in class function return type. Ticket: 2013-08-24 22:34:52 +02:00
Robert Reif 01fd156852 CheckIO: Start to add checking of function return types. Ticket: 2013-08-24 07:25:50 +02:00
Robert Reif 5ce1933687 CheckIo: handle more complex variables 2013-08-23 05:35:57 +02:00
Robert Reif 707dfb4eea Fixed (printf format argument check only supports simple variables) 2013-08-20 06:16:31 +02:00
Robert Reif 56d8073d0f Fixed (printf and scanf format checks don't support microsoft %I, %I32 and %I64 extensions) 2013-08-10 12:37:31 +02:00
Robert Reif 5aa79198e6 Fixed (check printf %l and %ll arguments for long and long long) 2013-08-10 12:33:55 +02:00
PKEuS a9a5dc0354 Updated to AStyle 2.03, require this version 2013-08-07 16:27:37 +02:00
Daniel Marjamäki 9ff204f8bc astyle formatting, use isEnabled("warning") instead of isEnabled("style") 2013-07-28 16:13:16 +02:00
Simon Martin d01e3fa17a Handle parameter positions format strings (POSIX extensions). 2013-07-28 15:00:28 +02:00
Daniel Marjamäki a1fafa7f06 Library: added <formatstr> and <strz> to argument checks 2013-07-22 20:21:45 +02:00
Robert Reif 20f81f92d9 CheckIO: Improved handling of h, hh, l, and ll. 2013-07-22 08:28:29 +02:00
Robert Reif f11e54aa42 Fixed (printf and scanf format checks don't support microsoft %I, %I32 and %I64 extensions) 2013-07-21 08:35:01 +02:00
PKEuS b58e1241dc Distinguish between different swprintf overloads. ()
Fixed MSVC warning recently introduced
2013-05-14 02:06:16 -07:00
Ettl Martin 1b9c1c03fa unittests: removed not needed '\n' at the end of testcases. 2013-03-20 15:36:16 +01:00
kchrist 740e790bf1 Fixed (false positive: Used file that is not opened; variables in struct) 2013-03-15 06:42:46 +01:00
PKEuS d78c06dc3f Replaced _settings->isEnabled("style") by _settings->isEnabled("warning") wherever warnings are issued 2013-03-03 02:41:59 -08:00
PKEuS e2655da1ec Properly handle return/break/continue in CheckIO::checkFileUsage() () 2013-02-15 08:30:43 -08:00
Reijo Tomperi 5d5f7085bf Updating year 2012 -> 2013 to .cpp and .h files and man page. 2013-01-01 18:29:08 +02:00
PKEuS 578e582987 Fixed regression . 2012-12-08 00:26:10 -08:00
Robert Reif 35c2b8058d Fixed (SymbolDatabase: Parse of sub class constructor fails) 2012-11-30 06:03:58 +01:00
Baris Demiray 0e100f7563 Fixed (Improve check (printf('%l') not detected)) 2012-10-21 08:50:29 +02:00
Daniel Marjamäki b591097c87 Revert "Fixed (SymbolDatabase: Parse of sub class constructor fails)"
This reverts commit 1ee980184e.
2012-10-16 19:12:27 +02:00
Robert Reif 1ee980184e Fixed (SymbolDatabase: Parse of sub class constructor fails) 2012-10-16 06:11:28 +02:00
PKEuS 3449684137 Fixed usage of _settigns->isEnabled("style") in CheckIO. Added forgotten test cases. 2012-09-10 16:23:00 +02:00
PKEuS 6aa7f984cb Fixed false positives on FILE* arrays. () 2012-07-29 04:04:12 -07:00
Ettl Martin a6c54563ae added testcase 2012-07-24 15:54:38 +02:00
Ville Skyttä 7ab2f6a9fa Spelling fixes. 2012-07-21 18:11:20 +02:00
PKEuS 1e704edbd5 Message refactorization: checkio.h/cpp 2012-07-13 10:36:58 -07:00
PKEuS 2bd1f1d8dc Improved check: Sign checking in printf format string ()
Removed some redundant code (already covered by token list simplifications and symboldatabase)
2012-07-11 10:46:35 -07:00
PKEuS d3c44c20ff Refactorized checking of scanf field width specifiers ():
- Removed duplicate check
- Changed severity to portability, when a crash only happens with certain libc versions
- Fixed handling of * in format string ()
- Added support for [...] pattern
- Removed garbage from tests
2012-07-07 04:34:37 -07:00
PKEuS f5c42660de Fixed : Handle constructor syntax initialization. 2012-06-24 09:57:17 -07:00
Robert Reif dc4982115a Improved checking of scanf format strings 2012-06-23 07:52:52 +02:00
PKEuS 9ca7f6a8c3 Fixed crashes and 2012-05-23 01:04:21 -07:00
PKEuS a8382ea553 Implemented file pointer usage checking:
- File I/O without positioning function call ()
- Read/Write to a file that was opened for writing/reading ()
- Operations on closed file

Old fflushOnInputStream check is now part of the new check.
2012-05-22 05:30:22 -07:00
PKEuS 829a52dc51 Added testio.cpp (I forgot to add it in previous commit) 2012-05-20 12:26:48 -07:00