PKEuS
096fa2f771
Fixed #4380
2013-03-14 10:18:48 -07:00
Robert Reif
4b9b87e310
Fixed #4646 (false positive: (style, inconclusive) Technically the member function 'C<T>::operator+=' can be const.)
2013-03-14 06:34:12 +01:00
PKEuS
d78c06dc3f
Replaced _settings->isEnabled("style") by _settings->isEnabled("warning") wherever warnings are issued
2013-03-03 02:41:59 -08:00
PKEuS
f899e6ca30
Changed behaviour of %op% pattern accordingly to changes to Token::isOp(). Added %cop% as replacement for old %op%
2013-03-01 02:43:59 -08:00
PKEuS
27f7917349
Changed severity and message formatting of argumentSize message.
2013-02-16 00:52:27 -08:00
Robert Reif
42588e9729
Fixed #4535 (Simplify checks by caching symbol database Variable pointer in Token)
2013-02-06 06:39:58 +01:00
Robert Reif
94c953931d
Simplify checks by caching symbol database Variable pointer in Token
2013-01-31 20:08:48 +01:00
Robert Reif
ec1c86c152
Symbol database: more function/variable cleanup. Ticket: #4494
2013-01-31 06:41:18 +01:00
Robert Reif
859793731d
SymbolDatabase: Refactor findFunction handling. Ticket: #4494
2013-01-28 06:47:48 +01:00
Andrew C. Martin
4a73c93750
Fix compiler warnings and comment/string typos
...
- fix g++ warning:
> lib/checkother.cpp:3779: warning: comparison between signed and unsigned integer expressions
- fix suncc warning (see [everything2](http://everything2.com/title/C%252B%252B%253A+static+extern+%2522C%2522 )):
> "lib/checkmemoryleak.cpp", line 578: Warning (Anachronism): Formal argument __compar of type extern "C" int(*)(const void*,const void*) in call to bsearch(const void*, const void*, unsigned long, unsigned long, extern "C" int(*)(const void*,const void*)) is being passed int(*)(const void*,const void*).
- prefer empty() / isEmpty() over "size() > 0" (cases not caught by stlSize)
- fix word misspellings (mostly comments, a few output lines)
- Parenthesis => Parentheses (both variations were used in the codebase)
- fix typo and wording ("never alwayw") in gui/test/data/benchmark/simple.cpp's CheckOther::unsignedPositive():
```
- "An unsigned variable will never alwayw be positive so it is either pointless or "
+ "An unsigned variable can't be negative so it is either pointless or "
```
2013-01-16 07:37:07 -07:00
Reijo Tomperi
5d5f7085bf
Updating year 2012 -> 2013 to .cpp and .h files and man page.
2013-01-01 18:29:08 +02:00
Thomas Jarosch
78316f02b6
Fix comment about wrong magic number
2012-12-28 11:31:50 +01:00
Thomas Jarosch
4708be09f5
Fixed #4444 (segmentation fault)
2012-12-28 11:15:18 +01:00
Robert Reif
ce380301fd
Fixed #4432 (Crash on parsing PHP interpreter)
2012-12-26 08:29:10 +01:00
Daniel Marjamäki
7f6a10599b
Fixed #4262 (Small Request/Suggestion for checks on array size of args (bounty offer))
2012-12-22 09:23:34 +01:00
Daniel Marjamäki
365a260ddc
Fixed #4398 (False negative: out of bounds (for loop))
2012-12-22 08:00:05 +01:00
Edoardo Prezioso
5101f3c029
Use the new pattern: '%comp%' where possible.
...
Change also the description comment of the Token::Match by adding the new pattern and the forgotten '%op%'.
2012-12-01 01:31:35 +01:00
Daniel Marjamäki
031adef6ea
Array index checking: Fixed TODO comment (false negatives when using ?:)
2012-11-30 09:01:15 +01:00
Daniel Marjamäki
1c4afbce8c
Cleanup: Removed += and -= patterns from the checks. These should be simplified.
2012-11-30 07:08:16 +01:00
Robert Reif
0f8db28d30
speed up checks by caching commonly looked up stuff in the symbol database (CheckBufferOverrun, CheckBoost)
2012-10-13 11:16:48 +02:00
Daniel Marjamäki
68240fffc6
Fixed #4228 ((error) Internal error. Token::Match called with varid 0 (multiple declarations in for loop))
2012-09-23 17:15:39 +02:00
Daniel Marjamäki
ec01cc811e
Second fix for #4207 (Internal error. Token::Match called with varid 0)
2012-09-23 13:25:28 +02:00
Daniel Marjamäki
a17f37c67d
CheckBufferOverrun: Better handling of functions with variable arguments
2012-09-22 16:19:19 +02:00
PKEuS
508e9394d3
Added some nullpointer-checks and removed some redundant ones based on VS2012 code analysis results.
2012-09-17 15:22:51 +02:00
XhmikosR
6e4e3dfbfb
lib: tabs to spaces, remove trailing spaces and extra empty lines at the end of files
2012-09-17 13:51:23 +02:00
PKEuS
547d3e94b2
Fixed some sign conversion messages from clang.
2012-09-16 16:41:15 +02:00
PKEuS
22a8e3f4e6
Replaced Tokenizer::getFunctionTokenByName() by SymbolDatabase::findFunctionByName(), which handles scopes slightly better.
2012-09-11 18:03:47 +02:00
Daniel Marjamäki
64faa780fe
Fixed #4087 (div by zero check is invalid for floats)
2012-09-11 16:50:42 +02:00
Daniel Marjamäki
6b56b4a9d3
Show that inconclusive message is inconclusive
2012-09-07 16:11:15 +02:00
PKEuS
a4b5824dec
New internal check: checkRedundantNextPrevious().
...
Fixed findings by new internal check
2012-09-07 12:36:40 +02:00
PKEuS
e4a693eaab
Refactorizations:
...
- Fixed several findings of CheckInternal.
- Removed some debug code from CheckOther::checkRedundantAssignment().
2012-09-07 11:59:20 +02:00
PKEuS
8c70778b70
Refactorization: Fixed several messages when self-checking cppcheck
2012-09-04 15:29:51 +02:00
Deepak Gupta
4202866100
Fixed #4096 (Improve check: Buffer overrun in for loop, postfix increment in array access)
2012-09-01 19:17:28 +02:00
Daniel Marjamäki
8afdde0b5e
Fixed #3931 (FP: Buffer access out-of-bounds)
2012-08-12 17:06:54 +02:00
PKEuS
c8773b891d
Refactorization: Make use of Token::scope() replacing certain indentation counters
2012-08-12 03:13:07 -07:00
Edoardo Prezioso
fae40c4782
Change every C version of 'size_t' to C++ 'std::size_t'.
2012-07-09 13:30:18 +02:00
PKEuS
639f15645a
Message refactorization: checkbufferoverrun.cpp (2), checkclass.cpp, checkexceptionsafety.h
2012-07-09 02:11:05 -07:00
PKEuS
ed7e950671
Message refactorization: checkbufferoverrun.cpp
2012-07-08 06:51:24 -07:00
Daniel Marjamäki
848fd59cbd
Fixed #3913 (boundcheck, false positive continue in loop)
2012-07-08 14:34:47 +02:00
Daniel Marjamäki
5de82c1c42
Updated arrayIndexOutOfBounds error message. Thank you Kimmo for the suggestion.
2012-06-23 09:51:32 +02:00
Daniel Marjamäki
4e98cb3ed9
Fixed #3907 (improve check: detect buffer overrun when using && or || in for loop)
2012-06-23 09:23:14 +02:00
Daniel Marjamäki
ac524c56ad
Reviewed handling of unknown types in ExecutionPathBufferOverrun
2012-06-23 08:15:59 +02:00
Daniel Marjamäki
7d59d86ed6
Fixed #3893 (Improve check: Array index out of bounds not detected when down conting)
2012-06-16 17:44:51 +02:00
PKEuS
9dc8123151
Refactorizations:
...
- Use const string references instead of const strings copies when possible
- Fixed cppcheck warning about postfix increment in CheckIO
- Use symbolDatabase to detect pointers in CheckOther::checkAssignBoolToPointer
2012-05-25 03:09:41 -07:00
PKEuS
dc64ac2918
Removed unnecessary variable Function::start - The value is already stored in Function::functionScope->classStart.
2012-05-22 12:58:46 -07:00
Andy Maloney
12c5980c01
Fix compiler warning about initialization order
2012-05-18 13:59:19 -04:00
PKEuS
de79a4c84f
Fixed initialization list usage according to cppcheck results
...
Fixed comments mentioning nonexistent parameters
2012-05-18 07:57:11 -07:00
PKEuS
ec00824fd3
Fixed #3357 :
...
- Print "inconclusive" tag in cli
- Fixed inconclusive handling in checkbufferoverrun.cpp
- Merged reportInconclusiveError into reportError by adding an additional parameter "bool inconclusive" which is false per default
2012-05-06 10:37:41 -07:00
PKEuS
1a5fbd61d2
Splitted class TokenList from Tokenizer
2012-05-05 09:33:26 -07:00
Ettl Martin
bb8342fbb4
fixed misspelled word 'Comparision' --> 'Comparison'
2012-04-26 23:04:55 +02:00
PKEuS
dd5e9aa454
Make use of recently implemented Token::type() functionality
2012-04-25 09:56:07 +02:00
PKEuS
b37cf11d20
Refactorizations:
...
- Increased encapsulation by making some functions private
- Removed redundant function CheckBufferOverrun::ArrayInfo::declare
- Avoided copy of ArrayInfo object
- Removed unnecessary and suspicious "if(sizeof(int) == 4)"
2012-03-27 19:40:39 +02:00
PKEuS
e3b3b7b62f
Refactorizations on buffer overrun check:
...
- Replaced a few indendation counters by smaller and faster code
- Make use of safer nextArgument() function instead of some local implementations
- Replaced some simple patterns by direct function calls
- Made a strncpy/strncat search pattern more generic
- Replaced offset variable by incrementation of Token* to avoid subsequent calls to tokAt
- Increased data encapsulation in header
2012-03-17 21:55:08 +01:00
Daniel Marjamäki
4f3878eb1e
Fixed #3569 (false negative: buffer access out of bounds)
2012-03-13 21:30:03 +01:00
Daniel Marjamäki
a9480ca0c1
CheckBufferOverrun: move condition before loop
2012-03-13 21:19:10 +01:00
PKEuS
1747813a8b
Added check for invalid pointer casts ( #1255 )
...
Detect sign extension problems when variable is a reference (#3637 )
Refactorizations:
- Tokenizer::getFiles returns a reference instead of a pointer, because its guaranteed that no nullpointer is returned
- Remove signed/unsigned in one step for "%type% signed|unsigned"
- Fixed recently introduced compiler warning in symboldatabase.cpp
2012-02-26 11:56:32 +01:00
PKEuS
5c2af0b2e3
- initialising std::string with 0 in initialisation list is partially detected in nullpointer check ( #3520 )
...
- executionpath checking makes use of symboldatabase
- CheckExceptionSafety::checkRethrowCopy makes use of symboldatabase
2012-01-26 16:50:59 +01:00
Reijo Tomperi
194327048a
Add InternalError and change MathLib to throw it in case of an error.
...
- Previously MathLib errors did not provide a filename, but after this change at least source file name should be printed
and if token is provided, also line number should be printed.
- Change also Token to use InternalError
- Modify Cppcheck-class to catch InternalError instead of Token
- Run dmake to update Makefile
2012-01-08 22:19:44 +02:00
Reijo Tomperi
8cae17fda8
Update year to 2012
2012-01-01 01:05:37 +02:00
Edoardo Prezioso
8f2ad53332
Add testcase for previous commit.
2011-12-30 18:47:42 +01:00
PKEuS
dca03c3ce2
Remove unnecessary includes
...
Also add a unit test related to #3427
Also improve the description text in checkclass and remove unused variable.
2011-12-23 23:31:48 +02:00
Daniel Marjamäki
1ba1be4b8d
Fixed #3428 (false negative: array bounds errors not found when duplicate class names present)
2011-12-18 16:35:51 +01:00
Daniel Marjamäki
772b8cc37d
Array index out of bounds: Avoid false positives when there are duplicate names for structs
2011-12-18 08:12:42 +01:00
Daniel Marjamäki
5f712cc213
Array index out of bounds: Fixed false positive when taking address beyond array using calculated array index
2011-12-17 21:35:12 +01:00
PKEuS
f306246c7f
Improved support for references and pointers in SymbolDatabase
...
Replaced several isPointer functions by Variable::isPointer function
Refactorizations & Make use of symbolDatabase more often
2011-12-17 19:04:03 +01:00
Daniel Marjamäki
95123854ba
Array index out of bounds: Fixed false positive when size is not known.
2011-12-17 13:20:42 +01:00
Daniel Marjamäki
ffb5d107be
CheckNullPointer::isPointerDeRef: Tweaks to reduce false warnings when inconclusive is used.
2011-12-11 08:48:55 +01:00
Daniel Marjamäki
497c54a1a7
Fixed #3168 (false negative: buffer overflow in subfunction)
2011-12-11 08:16:58 +01:00
Daniel Marjamäki
ee39f6402c
reverted fix for #3168 , I'll rewrite it
2011-12-10 20:46:10 +01:00
Daniel Marjamäki
897e8637b4
Fixed #3168 (false negative: buffer overflow in subfunction)
2011-12-10 19:26:12 +01:00
Edoardo Prezioso
51c1e2303f
CheckBufferOverrun::checkInsecureCmdLineArgs(): Remove recently unused variable 'pattern'.
2011-12-09 23:24:08 +01:00
PKEuS
91a0a071d0
Take symbol database into use or improve its usage in some checks.
2011-12-09 23:28:10 +02:00
Daniel Marjamäki
60d828e778
C++ Builder: Fixed compiler error
2011-12-08 22:09:03 +01:00
PKEuS
167a7e3e51
Various code cleanups
2011-12-08 21:28:34 +01:00
Zachary Blair
344d7e2f34
Fixed #3283 (False negative: array index out of bounds not found for constant string and known array index value)
2011-11-30 19:17:09 -08:00
Marek Zmysłowski
e0b50719f4
Fixed #909 (improve check: out of bounds of memchr function and out of bounds check)
2011-11-27 07:54:52 +01:00
PKEuS
71c8669261
Fixed #3311 , #3313 and #3339 (printf format string false positives)
2011-11-27 07:29:09 +01:00
PKEuS
6b6f780057
code cleanups and refactorings
2011-11-26 21:02:04 +01:00
Daniel Marjamäki
b26811cdf5
astyle formatting
2011-11-20 16:50:41 +01:00
Edoardo Prezioso
a32b05197d
Change every 'tokAt(1)' to 'next()' and every 'tokAt(-1)' to 'previous()'.
...
Added a safety check to ensure that a 'previous()' call doesn't crash (not sure if it's needed or not).
2011-11-20 15:59:37 +01:00
Edoardo Prezioso
11dd3c09ce
Change every 'tokAt(1)->' to 'next()->' because 'tokAt(1) == 0' is equivalent to 'next() == 0', hence the equivalent cppcheck crash.
2011-11-20 15:09:57 +01:00
Edoardo Prezioso
42e369a4b4
Change every 'tokAt(..)->link()' to 'linkAt(..)'.
2011-11-20 14:24:27 +01:00
Daniel Marjamäki
2a5b4b1842
Fixed #3328 (False negative: out of bounds)
2011-11-19 15:28:06 +01:00
Edoardo Prezioso
2c64d299ca
Change every 'tokAt(...)->str()' to 'strAt(...)'.
2011-11-13 13:10:59 +01:00
Edoardo Prezioso
ba5909ef1d
General code tweaking, nothing strange.
2011-10-31 02:24:59 +01:00
Edoardo Prezioso
433f4640a9
Fix some GCC warnings regarding the sign conversion.
2011-10-30 18:34:49 +01:00
Daniel Marjamäki
0d1046eeeb
Merge pull request #51 from richq/explicit
...
Explicit constructors
2011-10-30 01:38:26 -07:00
Daniel Marjamäki
d7be62a6f9
Fixed #3221 (FP: Array 'arr[2147483648]' index 0 out of bounds in loop when size unknown to cppcheck)
2011-10-29 20:26:24 +02:00
Richard Quirk
a0a5b36667
Ensure single-argument constructors are explicit
2011-10-29 18:24:30 +02:00
Thomas Jarosch
2b8da1241b
Add missing percent end character
2011-10-29 12:08:36 +02:00
Thomas Jarosch
434fb933a8
Implement Token::findsimplematch und use it for simple patterns
2011-10-27 15:59:22 +02:00
Thomas Jarosch
54adb910ec
Use Token::simpleMatch instead of Token::Match for simple patterns
2011-10-27 15:59:22 +02:00
Daniel Marjamäki
a076b24dc6
astyle formatting
2011-10-24 21:57:49 +02:00
Thomas Jarosch
3413ffef3e
Refactor readlink() buffer check to also handle readlinkat()
2011-10-24 21:23:18 +02:00
PKEuS
cdfe0d74e4
Make checkSprintfCall using nextArguments()
2011-10-23 17:47:48 +02:00
Marek Zmysłowski
b332ea8222
Fixed #3204 (Refactor standards support in Settings)
2011-10-22 09:45:48 +02:00
Thomas Jarosch
7ae39f13cc
Fixed #3198 (Add check for readlink())
2011-10-14 19:45:51 +02:00
Daniel Marjamäki
6f8e42a5af
changed the astyle formatting flags
2011-10-13 20:53:06 +02:00
Daniel Marjamäki
74c0468a18
astyle formatting
2011-10-12 22:06:19 +02:00
Daniel Marjamäki
b73896bcc5
Fixed #3163 (Out of bounds pointer arithmetic not reset)
2011-10-12 20:54:39 +02:00
Thomas Jarosch
abd2525339
Fixed #3161 (Show buffers size info for snprintf() buffer overruns)
2011-10-05 20:17:57 +02:00
Robert Reif
65b0fb4519
fix #3153 (false positive buffer access out-of-bounds)
2011-09-30 17:28:59 -04:00
Robert Reif
ac070b90f2
fix for loop false positives when zero length arrays present
2011-09-22 21:23:40 -04:00
Robert Reif
b349d36c50
fix #3124 (FP: Buffer access out-of-bounds when memset two dimension array (a[5][6]))
2011-09-19 20:32:50 -04:00
Robert Reif
3f517b5f23
partial fix for #2960 (false negative: buffer access out of bounds)
2011-09-11 21:51:05 -04:00
Robert Reif
40009d091d
add multi-dimension array support to second checkScope and use it for member arrays
2011-09-11 20:42:57 -04:00
Robert Reif
0d6592dd2e
use correct checkScope function in CheckBufferOverrun for single dimension member arrays
2011-09-11 19:21:13 -04:00
Robert Reif
19928e26d1
refactor to unify functionally identical code in CheckBufferOverrun::checkScope()
2011-09-11 14:00:53 -04:00
Robert Reif
e18fe56d56
refactor CheckBufferOverrun to only use multi-dimension array error messages and remove single dimension array message
2011-09-11 09:54:26 -04:00
Robert Reif
a9b4e21f60
refactor CheckBufferOverrun::checkScope to take an ArrayInfo parameter
2011-09-10 11:21:52 -04:00
Robert Reif
547a79d4fe
calculate array size for variable length structures with array at end in CheckBufferOverrun::checkStructVariable() when possible
2011-09-10 10:14:32 -04:00
Robert Reif
b0eab2587d
better detection of variable sized structure in CheckBufferOverrun::checkStructVariable()
2011-09-09 08:37:24 -04:00
Robert Reif
27bfa2a346
fix some CheckBufferOverrun::checkStructVariable() flase negatives for possible variable length structs
2011-09-09 07:46:06 -04:00
Robert Reif
16924c7c7a
fix #3094 (Buffer access out-of-bounds in struct variable)
2011-09-09 07:16:39 -04:00
Robert Reif
812a17f294
fix one of the TODO testcases added for #3094 (Buffer access out-of-bounds in struct variable)
2011-09-08 22:44:25 -04:00
Robert Reif
cbbdd55177
fix some -Wconversion -Wsign-conversion warnings in checkbufferoverrun.cpp
2011-09-05 19:02:26 -04:00
Robert Reif
7451c5cece
warn when buffer is not zero terminated after memmove
2011-09-05 15:59:41 -04:00
Robert Reif
f5d71d1ac5
warn when buffer is not zero terminated after memcpy
2011-09-05 15:41:37 -04:00
Robert Reif
3c8988e7a5
warn when buffer is not zero terminated after strncpy
2011-09-05 15:19:38 -04:00
Robert Reif
fe85b8779e
fix #2528 (false negative: buffer access out of bounds)
2011-09-04 21:39:52 -04:00
Robert Reif
50688b28fd
fix #2889 (false negative: buffer access out of bounds on local struct member)
2011-09-04 19:54:57 -04:00
Robert Reif
e782d98241
final fix for #3063 (false negative: multi dimensional arrays not well supported)
2011-09-03 21:51:00 -04:00
Robert Reif
7cb5c97e7d
move member variable lookup code from a check to the symbol database so it can be reused by other checks
2011-09-03 12:22:13 -04:00
Daniel Marjamäki
d23c58d387
enable: break out 'performance' and 'portability' from the 'style' id. Ticket: #3074
2011-09-03 15:30:30 +02:00
Robert Reif
d749e28dc0
another partial fix for #3063 (false negative: multi dimensional arrays not well supported)
2011-09-02 21:07:29 -04:00
Robert Reif
d85410de8c
partial fix for #3063 (false negative: multi dimensional arrays not well supported)
2011-09-02 19:35:09 -04:00
Daniel Marjamäki
ef30da51bf
Fixed #3034 (Cppcheck crash on specific file (truecrypt).)
2011-08-29 19:16:52 +02:00
Robert Reif
d643397a7e
better message for strncpy zero-terminated check
2011-08-28 09:06:51 -04:00
Robert Reif
8c093d0f8a
refactor CheckBufferOverrun::checkScope strncpy check and change experimental to inconclusive
2011-08-27 21:18:39 -04:00
Robert Reif
9539d22a1a
partial fix for #3050 (strncpy zero termination check behaving flaky)
2011-08-25 23:48:32 -04:00
Robert Reif
6e78b51071
make all functions that call reportError names in checkbufferoverrun end in Error for consisentcy
2011-08-24 07:11:39 -04:00
Robert Reif
8c1efe9bb6
improve message for #3035 (false negative: strcpy(dst, src) where src is bigger than dst)
2011-08-21 15:18:41 -04:00
Robert Reif
67e8731a96
partial fix for #3035 (false negative: strcpy(dst, src) where src is bigger than dst)
2011-08-21 14:44:55 -04:00
Robert Reif
a30da73d3e
fix #2986 (segmentation fault of cppcheck ( x[y] ))
2011-08-09 19:45:18 -04:00
Daniel Marjamäki
e2367b4149
Fixed #2976 (False positive: array out of bounds)
2011-08-08 18:22:15 +02:00
Daniel Marjamäki
999b80bbb8
Buffer overrun: Fix false negative
2011-08-07 17:54:25 +02:00
Kimmo Varis
cfcfa3f000
Use "enabled" list for the style checking.
...
Settings-class currently enables style checking via dedicated
boolean attribute. All other CLI's enable-options are handled
through the enable-list. This commit moves style-check enabling
to use the enable-list.
Main advantage is the consistency how options are handled/stored
in the Settings class. Which also unifies using them for the other
code. You need to enable certain type of checks? Use the
addEnabled()-method. You want to check if certain type of checks
are enabled? Use the isEnabled()-method.
2011-08-07 10:28:52 +03:00
Daniel Marjamäki
fd7e085c9d
Array index out of bounds: prevent false positive when a dimension for an array is unknown
2011-08-05 13:08:48 +02:00
Daniel Marjamäki
0186fc0650
tweaked the error message somewhat for id arrayIndexThenCheck
2011-08-05 09:10:07 +02:00
Daniel Marjamäki
ceb763f57a
Fixed #2956 (False negative: read array and then immediately check the index 'str[i] && i<sizeof(str)')
2011-08-04 11:15:14 +02:00
Daniel Marjamäki
3cfef6285c
Fixed #2920 (False positive: Array 'arr[0]' index 0 out of bounds (array size and index are unknown))
2011-07-20 07:57:42 +02:00
Daniel Marjamäki
7dcb68f5a4
CheckBufferOverrun: Detect overflows when buffer is allocated with alloca
2011-07-17 09:35:51 +02:00
Daniel Marjamäki
e597ad72e7
Fixed #2841 (False positive: Array index out of bounds, can't compare ints to chars)
2011-06-29 18:44:05 +02:00
Robert Reif
93495613dd
replace some pattern matching with variable lookup in checkGlobalAndLocalVariable
2011-06-24 08:02:41 -04:00
Robert Reif
65ecbfd4ff
fix an off by 1 error introduced in 48e6ea271a
that prevented checking all variables
2011-06-23 22:31:16 -04:00
Robert Reif
a87fb388e3
use symbol database to lookup variable type for buffer overrun checks
2011-06-22 23:11:17 -04:00
Robert Reif
48e6ea271a
start using symbol database array info for buffer overrun checks
2011-06-22 22:44:11 -04:00
Robert Reif
dac826d0ac
use a more conventional technique for accessing ArrayInfo private variables
2011-06-22 20:35:58 -04:00
Daniel Marjamäki
af7c97f972
Fixed #1684 (false positive: buffer access out of bounds when using extern variable declaration)
2011-05-07 11:34:48 +02:00
Daniel Marjamäki
e5d43d4ed2
Renamed Settings::stupid to Settings::experimental
2011-04-10 15:55:08 +02:00
Daniel Marjamäki
30ee9ba6e4
Added Settings::stupid flag that can be used to hide checking that generates false positives.
2011-04-10 13:23:45 +02:00
Daniel Marjamäki
bd93997e4f
Refactoring: Use %op% instead of Token::isOp in CheckBufferOverrun
2011-04-09 18:37:03 +02:00
Daniel Marjamäki
f6d910ab3d
Refactoring: Use Token::isOp
2011-04-09 15:54:36 +02:00
Daniel Marjamäki
0d3874693a
Buffer overrun: broke out duplicate code
2011-04-04 17:33:43 +02:00
Stefan Weil
675e63b6a7
Spell checks
2011-03-30 16:45:31 +02:00
Daniel Marjamäki
07fe361964
Fixed #2638 (Tokenizer::setVarId : varid is wrongly given when unknown macro is used)
2011-03-13 17:52:45 +01:00
Daniel Marjamäki
bea3875386
Fixed #2607 (segmentation fault of cppcheck ( struct C {} {} x))
2011-03-09 21:00:28 +01:00
Daniel Marjamäki
bf2362d558
Fixed #2634 (False positive: buffer access out of bounds)
2011-03-08 19:49:56 +01:00
Daniel Marjamäki
bfe28d3b26
Fixed #2597 (False positive: Buffer access out-of-bounds for u_char, uint*_t, ...)
2011-02-20 21:24:57 +01:00
Robert Reif
e6eb160395
fix [B#2589 (segmentation fault of cppcheck (struct B : A))
2011-02-19 14:38:00 -05:00
Daniel Marjamäki
518a495334
Fixed #2576 (False positive: (error) Buffer access out-of-bounds)
2011-02-12 18:34:12 +01:00
Daniel Marjamäki
318f2e8a57
Fixed #2561 (False positive on array index when using conditional operator)
2011-02-12 11:31:10 +01:00
Daniel Marjamäki
08811c8179
CheckBufferOverrun: Refactoring. Broke out checkScope code for parsing 'for' bodies
2011-02-10 21:56:06 +01:00
Raphael Geissert
f8e2d50e6f
Use Token::simpleMatch where no special patterns are needed
2011-02-02 13:27:02 -06:00
Raphael Geissert
8d5863133c
Use Token::simpleMatch where no patterns are used
2011-02-02 13:27:01 -06:00
Raphael Geissert
cf2b6f7bc1
Remove useless spacing at the end of *Match strings
2011-02-02 13:27:01 -06:00
Daniel Marjamäki
9d3b242cd8
Fixed #1952 (false negative: buffer acces out of bounds with memcpy)
2011-01-22 21:31:26 +01:00
Reijo Tomperi
226b605774
Change year 2010 -> 2011 in license texts.
2011-01-09 21:33:36 +02:00
Daniel Marjamäki
79ef02812d
Fixed #2211 (false negative: buffer access out of bounds for(int i=0; i !=6;i++))
2011-01-09 18:51:28 +01:00
Daniel Marjamäki
04a117938d
Buffer overrun: Added comments
2011-01-06 13:02:21 +01:00
Kimmo Varis
b750a52f6d
Improve strncat 3rd parameter usage warning message.
...
See forum thread:
https://sourceforge.net/apps/phpbb/cppcheck/viewtopic.php?f=3&t=192
2011-01-04 23:17:44 +02:00
Daniel Marjamäki
c2a194ead0
Fixed #2393 (Token::Match called with varid 0)
2011-01-04 18:34:51 +01:00
Daniel Marjamäki
97f7a36e91
Buffer overruns: Added comments
2011-01-02 14:16:58 +01:00
Daniel Marjamäki
4ec9d418ff
Fixed #2215 (Improve check: Writing outside malloc bounds not detected)
2011-01-01 20:56:21 +01:00
Daniel Marjamäki
04eb9cf305
Fixed #2378 (Refactoring: create utility function that skips redundant if/for/while)
2010-12-31 18:07:46 +01:00
Daniel Marjamäki
ed6c76ce04
Fixed #2385 (False positive: array index out of bounds)
2010-12-31 17:43:38 +01:00
Daniel Marjamäki
d8f241e033
gcc: fixed -Wconversion errors
2010-12-31 09:51:27 +01:00
Daniel Marjamäki
fa3853803b
gcc: fixed -Wconversion warnings
2010-12-31 09:30:56 +01:00
Daniel Marjamäki
bdf0cb7115
Fixed #2370 (false negative: Buffer access out-of-bounds (for with if, no break))
2010-12-28 20:46:31 +01:00
Daniel Marjamäki
6aa400fd80
Buffer overrun: UB when pointer arithmetic result points out of bounds. Ticket #1774
2010-12-26 21:23:28 +01:00
Daniel Marjamäki
8247270f35
Fixed #2328 (false positive: buffer overrun (for loop with a break => the end value is not reached))
2010-12-19 10:39:43 +01:00
Daniel Marjamäki
f6c00fc478
Fixed #2323 (false positive: Buffer access out of bounds)
2010-12-18 10:54:36 +01:00
vBm
46a11183a5
Fixed some spelling mistakes
2010-12-15 18:45:53 +01:00
Daniel Marjamäki
5ce63a1df0
Fixed #2292 (segmentation fault with cppcheck 1.46 with --errorlist)
2010-12-13 18:17:33 +01:00
Robert Reif
6c719c5806
Symbol database: removed unnecessary null pointer checks
2010-12-07 07:07:07 +01:00
Daniel Marjamäki
9d9a5b0623
VS: Fixed compiler warnings. Ticket: #2200
2010-11-21 11:48:27 +01:00
Daniel Marjamäki
cda44e0c39
VS: Fixed compiler warnings
2010-11-20 11:48:03 +01:00
Daniel Marjamäki
66c2825b23
Fixed #2210 (False positive: buffer overrun (snprintf, unknown type))
2010-11-18 19:26:46 +01:00
Daniel Marjamäki
fb068a4e71
Fixed #2170 (false positive: After a strncpy() the buffer should be zero-terminated)
2010-11-07 09:37:45 +01:00
Daniel Marjamäki
dd41c74d7f
Fixed #2136 (false negative: array bounds)
2010-11-06 09:10:10 +01:00
Daniel Marjamäki
8d96697623
GCC: Fixed compiler warnings
2010-10-30 14:53:25 +02:00
Daniel Marjamäki
b55f6458a2
Fixed #2120 (False positive: array index out of bounds (unknown type in struct, sub function))
2010-10-30 12:32:43 +02:00
Daniel Marjamäki
79583ee45d
#2133 (cppcheck: floating point exception)
2010-10-26 20:05:34 +02:00
Daniel Marjamäki
b6106ddf72
Fixed #2132 (Internal error. Token::Match called with varid 0.)
2010-10-26 18:10:03 +02:00
Daniel Marjamäki
306587b1d0
Buffer overruns: Fixed TODO test case
2010-10-24 11:32:27 +02:00
Daniel Marjamäki
f3c6c64e9a
Fixed #2121 (False positive: Buffer access out-of-bounds when using uint32_t)
2010-10-23 13:12:17 +02:00
Daniel Marjamäki
5deb046ac5
Fixed #2120 (False positive: array index out of bounds (unknown type in struct, sub function))
2010-10-23 08:49:03 +02:00
Daniel Marjamäki
9fdc03fc1d
Fixed #2117 (false positive: buffer access out of bounds)
2010-10-22 20:15:51 +02:00
Daniel Marjamäki
2ca7dbc004
Fixed #2109 (false positive: buffer overrun)
2010-10-19 18:23:44 +02:00
Daniel Marjamäki
92a1e9e76e
Severities: Added 'warning' and 'performance' severities. No changes to the command line options nor to the XML format. Ticket: #2106
2010-10-17 14:41:00 +02:00
Daniel Marjamäki
ba2b986ece
Fixed #2097 (false positive: buffer access out of bounds)
2010-10-14 20:00:32 +02:00
Daniel Marjamäki
b6c995ea47
Fixed #2096 (False positive: buffer overrun (extern array))
2010-10-13 20:57:59 +02:00
Daniel Marjamäki
229604b3e3
Fixed #2093 (False positive: buffer access out of bounds (unknown type))
2010-10-13 18:06:50 +02:00
Daniel Marjamäki
9e15c4ef38
Fixed #2088 ([test.c:12]: (error) Buffer access out-of-bounds: l)
2010-10-12 19:35:20 +02:00
Daniel Marjamäki
74bf1821e6
Array index: detect array index out of bounds when datatype is unknown. Ticket: #2086
2010-10-11 20:52:14 +02:00
Daniel Marjamäki
a73ada54d5
Fixed #1705 (false negative: access past end of buffer)
2010-10-10 09:15:18 +02:00
Ettl Martin
a56f6d276a
fixed warning from cppcheck: [lib/checkbufferoverrun.h:129]: (style) 'operator=' should not return a const reference
2010-09-15 22:25:12 +02:00
Daniel Marjamäki
e7f7c77eab
Fixed #1948 (C++ class scoping not followed)
2010-08-24 22:04:14 +02:00
Erik Lax
248bb3b6e8
Fixed #1935 (false negative: detect buffer overrun from network functions (recv, recvfrom..))
2010-08-14 20:19:23 +02:00
Ettl Martin
a6be941006
actived Wconversion flag in Makefile and fixed almost all Warnings from gcc-4.4
2010-08-12 19:39:19 +02:00
Robert Reif
483a3ddfe1
Fixed #1925 (fix some cppcheck warnings in cppcheck)
2010-08-10 07:26:59 +02:00
Daniel Marjamäki
12217461a2
gcc: fixed some more -Wsign-conversion warnings
2010-08-06 22:37:48 +02:00
Daniel Marjamäki
adc47f1820
Fixed #1487 (fix gcc compiler warnings)
2010-08-06 21:02:43 +02:00
Ettl Martin
d16944398a
fixed compiler Warning in lib/checkbufferoverrun about comparison of signed and unsigned variable
2010-08-05 18:58:58 +02:00
Daniel Marjamäki
1b2f16f443
Buffer overflow: Fixed two TODO test cases
2010-08-05 11:01:47 +02:00
Daniel Marjamäki
33bf8bf730
Fixed #1670 (False negative: Array index out of bounds in return statement)
2010-08-04 20:38:52 +02:00
Daniel Marjamäki
9edecd4a3f
Added ErrorLogger::reportProgress and removed ErrorLogger::ReportProgress. This will make it easier for GUI and other clients to display progress information.
2010-08-03 16:36:21 +02:00
Daniel Marjamäki
e358af9018
Refactoring: Report progress when checking takes a long time. Ticket: #1868
2010-07-25 18:19:37 +02:00
Daniel Marjamäki
19e26c3b80
CheckBufferOverrun: report progress. Ticket: #1868
2010-07-24 20:54:42 +02:00
Daniel Marjamäki
dd07d82c34
Refactoring MathLib: Report errors through the tokenizer. Ticket: #1839
2010-07-24 10:25:03 +02:00
Daniel Marjamäki
bea714445a
Fixed #1850 (An access to a nested std::map via a negative integer key is reported as 'Array index out of bounds')
2010-07-14 12:24:07 +02:00
Daniel Marjamäki
b02fc037ed
Buffer Overrun: Fixed false positive when variable is reassigned in called function
2010-07-05 22:19:27 +02:00
Daniel Marjamäki
dcdbe117e6
Borland C++: Fixed compiler errors. When using 'a?b:c', Borland requires that b and c are the same type
2010-06-19 08:52:14 +02:00
Daniel Marjamäki
b5d0955d11
doxygen: fixed error messages given by doxygen
2010-06-14 07:54:41 +02:00
Robert Reif
18bb7488b9
Fixed #1787 (false negative: out of bounds in derived class)
2010-06-13 07:17:50 +02:00
Zachary Blair
2645e96783
Applied review suggestions for Ticket #568
2010-06-03 22:42:54 -07:00
Daniel Marjamäki
5789eb116d
astyle formatting
2010-06-02 18:09:25 +02:00
Zachary Blair
33b4254d33
Fixed #568 (string functions with command line arguments may overflow buffer)
2010-06-01 22:41:07 -07:00
Daniel Marjamäki
7601089bee
astyle formatting
2010-05-29 11:19:56 +02:00
Zachary Blair
59086fa599
Fixed #818 (Detect sprintf buffer overrun with struct members)
2010-05-28 22:51:28 -07:00
Daniel Marjamäki
d23f63c805
astyle formatting
2010-05-26 19:21:34 +02:00
Zachary Blair
619cfbc56f
Fixed #168 (buffer overflow: not enough room for the null terminator)
2010-05-26 01:56:34 -07:00
Daniel Marjamäki
c465d824b7
Removed TODO
2010-05-24 07:32:33 +02:00
Daniel Marjamäki
c31accc52a
Fixed #1695 (Ticket #1614 is broken using latest from git)
2010-05-19 19:23:09 +02:00
Daniel Marjamäki
f8442391af
astyle formatting
2010-05-17 19:51:35 +02:00
Monika Lukow
71e5c56bf9
Fixed #1418 (false negative: buffer access out of bounds)
2010-05-16 23:53:42 +02:00
Daniel Marjamäki
01034cd48d
Refactoring: Removed 'possible error' message about cin
2010-05-16 19:09:36 +02:00
Daniel Marjamäki
26fab24de4
Refactoring: Removed some inconclusive checking in CheckBufferOverrun
2010-05-16 15:30:39 +02:00
Daniel Marjamäki
4e84ec0ff5
refactoring: spell checking comments
2010-05-08 10:39:45 +02:00
Daniel Marjamäki
0415560912
refactoring: changed the severity for strncatUsage from possibleError to style
2010-05-02 09:54:08 +02:00
Daniel Marjamäki
883d462553
refactoring: Use style severity instead of possible error for the 'The size argument is given as a char constant'
2010-05-02 09:16:45 +02:00
Daniel Marjamäki
58e26ab1fc
Fixed Cppcheck warning about possible null pointer dereference
2010-05-01 11:55:26 +02:00
Eric Sesterhenn
344b6bf434
Fixed #1636 (Fix false positive with strncpy termination check)
2010-04-30 18:08:32 +02:00
Daniel Marjamäki
0444ff5298
Fixed #1627 (###### If you see this, there is a bug ###### - Token::Match('%varid% [ %num% ]', 0))
2010-04-26 18:52:40 +02:00
Daniel Marjamäki
eb82a89758
ExecutionPath: Better handling of if
2010-04-25 11:55:57 +02:00
Daniel Marjamäki
1a34e7daf6
Fixed #948 (array index out of bound not detected 'a[i-1] = 0')
2010-04-25 07:34:50 +02:00
Daniel Marjamäki
8ccd95a643
Fixed #836 (buffer overrun: memmove)
2010-04-24 21:48:58 +02:00
Daniel Marjamäki
a3b781a181
Fixed #819 (array index out of bounds not detected for multidimension arrays)
2010-04-23 16:26:40 +02:00
Daniel Marjamäki
7d391b37c9
astyle formatting
2010-04-22 20:07:41 +02:00
Daniel Marjamäki
eda18004bd
Cleanup CheckBufferOverrun
2010-04-22 19:58:44 +02:00
Daniel Marjamäki
e28dbda5fa
Refactoring: Improved the checkFunctionCalls, warning when size argument is given through char constant
2010-04-22 19:55:07 +02:00
Daniel Marjamäki
c0d0b0f63f
Refactoring: Moved function call check to checkFunctionCalls
2010-04-22 19:49:02 +02:00
Daniel Marjamäki
b9d8f52cca
CheckBufferOverrun: Fixed false positives caused by refactorings
2010-04-22 19:22:23 +02:00
Robert Reif
90541386da
Fixed #1619 (tokenizer: remove calling convention)
2010-04-21 21:08:47 +02:00
Daniel Marjamäki
f378b382a0
CheckBufferOverrun: simplify checking of read|write problems
2010-04-21 20:06:59 +02:00
Daniel Marjamäki
f9f6927e63
CheckBufferOverrun: Don't give false positives when reading from array with strncpy/strncat
2010-04-21 20:02:58 +02:00
Daniel Marjamäki
f057e127a0
CheckBufferOverrun: Refactoring the checking of function calls
2010-04-21 19:27:28 +02:00
Daniel Marjamäki
798aa84151
Refactoring: CheckBufferOverrun refactorings. split up the checkScope into two separate functions. The ArrayInfo usage was improved. Also broke out for-loop handling into separate functions.
2010-04-21 18:33:21 +02:00
Reijo Tomperi
96d66af478
Change "Array index -1 corresponds with 4294967295..." error message into "Array index -1 is out of bounds"
2010-04-20 21:44:31 +03:00
Daniel Marjamäki
7e2f39290d
Fixed #1614 (negative array index issues in latest from git)
2010-04-20 16:43:51 +02:00
Reijo Tomperi
97fea180b5
astyle fix
2010-04-18 22:03:03 +03:00
Daniel Marjamäki
b6ab419a06
Buffer Overrun: Broke out the checking for negative array index
2010-04-18 20:51:39 +02:00
Daniel Marjamäki
af3f2faa41
Refactoring: Renamed ArrayInfo::type_size to ArrayInfo::element_size
2010-04-18 20:18:25 +02:00
Daniel Marjamäki
1ae5a89982
Refactoring: Reusing the ArrayInfo in CheckBufferOverrun
2010-04-18 20:06:54 +02:00
Daniel Marjamäki
814f706329
BufferOverflow: Refactoring ArrayInfo
2010-04-18 19:46:45 +02:00
Daniel Marjamäki
a473345f18
Buffer overruns: First change to detect overruns in multidimensional arrays ( #819 )
2010-04-18 11:08:29 +02:00
Daniel Marjamäki
c718a7c595
astyle: Update to astyle 1.24
2010-04-15 20:08:51 +02:00
Reijo Tomperi
35d2a27b9c
Update copyright year in all source files
2010-04-13 22:23:17 +03:00
Daniel Marjamäki
a7903c3385
dos2unix
2010-04-13 19:25:08 +02:00
firewave
8966888a92
Fixed some VS2008 warnings
2010-04-13 11:31:27 +02:00
Reijo Tomperi
d102369196
Fix #1590 (False negative: Array index out of bounds: "0 <= i")
...
http://sourceforge.net/apps/trac/cppcheck/ticket/1590
2010-04-12 22:04:59 +03:00
Daniel Marjamäki
6f74c0af5e
Fixed #1587 (Crash while processing file)
2010-04-11 20:57:30 +02:00
Daniel Marjamäki
1f022e281f
Fixed SIGABRT in new checking
2010-04-10 21:28:49 +02:00
Daniel Marjamäki
5fed938f56
Fixed #1190 (array index out of bounds when index variable is assigned in a condition)
2010-04-10 21:12:00 +02:00
Daniel Marjamäki
e9b4ea44a2
Refactoring: Disable inconclusive checks. They can still be activated for debugging/testing purposes
2010-04-10 14:05:33 +02:00
Daniel Marjamäki
b4e9185177
Fixed #1134 (improve check: pointer access out of bounds not detected (allocated with malloc))
2010-04-10 07:57:29 +02:00
Daniel Marjamäki
9a4707c025
Fixed #1576 ('Index out of bounds' false positive)
2010-04-08 19:57:38 +02:00
Reijo Tomperi
c28b365ea0
astyle fix
2010-04-06 16:56:06 +03:00
Martin Ettl
c4d1d47f6b
fixed ticket 997, now fread and fwrite checked for bufferoverrun
2010-04-06 13:55:03 +02:00
Reijo Tomperi
d3c251f53a
Refactor and fix "After a strncpy() the buffer should be zero-terminated" checking,
2010-04-05 21:47:50 +03:00
Daniel Marjamäki
0cad22314e
Reverted 'astyle fix'. Those changes are not in sync with my astyle configuration/setup.
2010-04-02 07:30:58 +02:00
Martin Ettl
193aa7d1d3
astyle fix
2010-04-02 02:21:53 +02:00
Reijo Tomperi
c7d36b73ed
Fix #1548 (False positive: array index out of bounds in for-loop)
...
http://sourceforge.net/apps/trac/cppcheck/ticket/1548
2010-04-01 22:35:36 +03:00
Robert Reif
32e597e343
Fixed #1539 (False positive: possible error Array index out of bounds)
2010-03-30 17:33:17 +02:00
Robert Reif
0bddd1977f
Fixed #1536 (###### If you see this, there is a bug ###### Token::Match() - varid was 0)
2010-03-29 17:25:38 +02:00
Robert Reif
62d2845014
Fixed #1492 (false negatives: array index out of bounds)
2010-03-28 15:56:13 +02:00
Daniel Marjamäki
04ff061bbb
astyle formatting
2010-03-09 12:41:40 +01:00
Daniel Marjamäki
5d68952bd2
checkbufferoverrun: Refactorings
2010-03-09 12:04:22 +01:00
Daniel Marjamäki
0597026f13
Revert "checkbufferoverrun: Fixed signedness compiler warnings"
...
This reverts commit 3123de346c
.
This commit caused failed tests
2010-03-09 11:03:45 +01:00
Daniel Marjamäki
3123de346c
checkbufferoverrun: Fixed signedness compiler warnings
2010-03-09 10:56:31 +01:00
Reijo Tomperi
88840e6a08
Fix #1453 (possible infinite loop processing GNU Go's engine/montecarlo.c)
...
http://sourceforge.net/apps/trac/cppcheck/ticket/1453
2010-02-27 23:47:56 +02:00
Daniel Marjamäki
8f4edb5e45
Fixed #1409 (False positive: Buffer access out-of-bounds with strncpy and an array in typedef'ed struct)
2010-02-21 15:23:50 +01:00
Daniel Marjamäki
6b8cb08ec6
Refactoring CheckBufferOverrun. Use std::string instead of const char *
2010-02-18 22:25:29 +01:00
Reijo Tomperi
e44f0b1b8d
Fix #1392 (Segfault in CheckBufferOverrun::checkScope)
...
http://sourceforge.net/apps/trac/cppcheck/ticket/1392
2010-02-15 23:20:09 +02:00
Monika Lukow
e9e5174797
Fixed #1333 (Detect access out of bounds 'for (i = 100; i > 0; --i) a[i] = 0;')
2010-02-14 23:10:15 +01:00
Reijo Tomperi
7f2871d353
astyle fix
2010-02-14 21:46:40 +02:00
Daniel Marjamäki
9394816fcf
Refactoring: Use std::string instead of const char *
2010-02-14 19:58:17 +01:00
Reijo Tomperi
2a78637da7
Fix #1340 (False positive: Array out of bounds for re-initialised array pointer)
...
http://sourceforge.net/apps/trac/cppcheck/ticket/1340
2010-02-10 23:11:08 +02:00
Reijo Tomperi
9852ab86e9
Fix #1358 (False negative: out-of-bounds not found near return)
...
http://sourceforge.net/apps/trac/cppcheck/ticket/1358
2010-02-05 23:55:10 +02:00
Monika Lukow
a0e96be0c3
Fixed #1274 (false positive: Dangerous usage of strncat)
2010-01-31 11:43:54 +01:00