Commit Graph

164 Commits

Author SHA1 Message Date
orbitcowboy 7c48874793 #9347: Added a robustness test for scanf 2019-10-17 17:50:26 +02:00
Sebastian e24008544e
test/cfg/std.c: Add nullPointer tests for vsnprintf() (#2262)
Related tickets:
https://trac.cppcheck.net/ticket/9408
https://trac.cppcheck.net/ticket/9410
2019-10-11 20:00:10 +02:00
Paul Fultz II ba037837c9 Track lifetime across multiple returns
This will now warn when doing something like this:

```cpp
template <class T, class K, class V>
const V& get_default(const T& t, const K& k, const V& v) {
    auto it = t.find(k);
    if (it == t.end()) return v;
    return it->second;
}
const int& bar(const std::unordered_map<int, int>& m, int k) {
    auto x = 0;
    return get_default(m, k, x);
}
```

The lifetime warning is considered inconclusive in this case.

I also updated valueflow to no tinject inconclusive values unless `--inconclusive` flag is passed. This creates some false negatives because library functions are not configured to not modify their input parameters, and there are some checks that do not check if the value is inconclusive or not.
2019-09-11 19:25:09 +02:00
orbitcowboy 1994cbbb9c std.cfg: Improved configuration for mbrlen() and extended test cases. 2019-08-27 08:18:19 +02:00
Rikard Falkeborn 8cd1d5a47d Use library for memleak checks (#2002)
* Use library for memleak checks

Change memleakOnRealloc and leakReturnValNotUsed to use library
configuration instead of hardcoding "realloc".

In order to do so, some care needs to be taken when matching for a
reallocation function, since it can no longer be assumed that the input
to be allocated is the first argument of the function. This complicates
getReallocationType() and checkReallocUsage() but is necessary in order
to handle for example freopen() properly.

Also, refactor memleakOnRealloc check to reduce duplicated code when
checking "a" and "*a". When doing so, extending the check to look for
arbitrary number of "*" can be done for free (just change an if
statement to a while statement). Most likely, this is an unusual case in
real world code.

* Remove redundant whitespace in Token::Match()

* Run on simplified checks

* Fix cppcheck warning
2019-07-22 10:37:36 +02:00
Rikard Falkeborn 2bd026dd2a Add tests of std.cfg buffer size (#1958)
Includes a testcase for trac ticket #1379 which was fixed in
839fcddd8a.
2019-07-06 08:55:17 +02:00
Rikard Falkeborn 839fcddd8a Fix #6115 (Add support to realloc to cfg files) (#1953)
* Allow to configure realloc like functions

* memleakonrealloc: Bring back tests.

The old memleak checker was removed, and the tests for it was removed in
commit 9765a2dfab. This also removed the
tests for memleakOnRealloc. Bring back those tests, somewhat modified
since the checker no longer checks for memory leaks.

* Add realloc to mem leak check

* Add tests of realloc buffer size

* Configure realloc functions

* Add test of freopen

* Allow to configure which element is realloc argument

* Fix wrong close in test

cppcheck now warns for this

* Update manual

* Update docs

* Rename alloc/dalloc/realloc functions

Naming the member function realloc caused problems on appveyor. Rename
the alloc and dealloc functions as well for consistency.

* Change comparisson order

* Remove variable and use function call directly

* Create temporary variable to simplify

* Throw mismatchError on mismatching allocation/reallocation

* Refactor to separate function

* Fix potential nullptr dereference

As pointed out by cppcheck.
2019-07-05 12:44:52 +02:00
Rikard Falkeborn 60a213e6a5 Fix #9047 (c-style casts before malloc) (#1930)
* Fix #9047 (c-style casts before malloc)

Note that there are still no warnings for c++-style casts

* Fix memleak check with casts of assignments in if-statements

* Fix possible null pointer dereference

As pointed out by cppcheck.

* Add check of astOperand2 when removing casts

This is similar to how it is done in other checks.
2019-07-03 08:39:44 +02:00
orbitcowboy 4a9176f83c std.cfg: Added a test for tmpfile(). 2019-05-17 16:02:48 +02:00
versat 316475f79f std.cfg: Add "buffer-size" attribute and tests for aligned_alloc(). 2019-03-21 09:25:42 +01:00
Daniel Marjamäki 34a8b2b519 Quick fix for 'make checkcfg' 2019-03-16 18:17:16 +01:00
Daniel Marjamäki 27d750b3a1 Travis: Fix 'make checkcfg' 2019-03-11 13:43:15 +01:00
versat df73f7f355 std.cfg, windows.cfg: Move strcpy_s from windows.cfg to std.cfg.
strcpy_s belongs to the standard so it must be in std.cfg instead of
windows.cfg.
Configuration for strcpy_s has been improved and tests were added.
Found by daca@home
2019-03-05 15:33:16 +01:00
Sebastian 0934577dda
Library configuration: function argument direction fixes and enhancements (#1722)
* std.cfg: Add further argument directions (in, out, inout).

* testlibrary.cpp: Add test for function argument direction configuration.

* std.cfg: runastyle and add some more direction configurations.

* library.h: Add documentation for function argument direction enum.

* Do not use "direction" library information for pointer arguments.

Also fix further unmatched uninitvar messages in std configuration
tests.

* std.cfg: Add more argument direction configurations.

* test/cfg/std.c: Add test for argument direction configuration.

* astutils.cpp: Only ignore pointer arguments for out/inout arguments.

* library.h: Use suggested documentation for argument direction enum.
2019-03-04 22:57:40 +01:00
Daniel Marjamäki 5087f15035 Travis: Try to fix 'make checkcfg' 2019-03-02 19:38:11 +01:00
Daniel Marjamäki e6e3987935 snprintf/g_snprintf: do not allow uninitialized target buffer 2018-12-22 20:40:47 +01:00
Daniel Marjamäki 9742c1e2ae make checkcfg: Try to fix inline suppressions 2018-12-14 13:51:03 +01:00
Daniel Marjamäki 0b4e08cac9 Use FwdAnalysis in UnusedVar. This is still work-in-progress. Merging to master branch so it can be tested. 2018-12-13 18:52:56 +01:00
Daniel Marjamäki ec89c7b1b8 Travis: redundantCopy is not detected at the moment 2018-11-24 11:27:27 +01:00
orbitcowboy 58b3d75b62 std.cfg: Added invalidFunctionArg cfg for strchr(). 2018-11-20 08:32:54 +01:00
rikardfalkeborn 613dc19b68 #4241: Check for address of single character passed as string (#1381)
* #4241: Check for address of single character passed as string

Add a check that address of a single character is not passed as argument
to argument marked as strings (using strz). The check does not warn if
the address of a character with known value '\0'.

Since ValueFlow currently does not handle global constants (see #7597),
do not warn if the variable is global to avoid FPs when the address of
a global variable assigned to '\0' is passed to a function expecting a
string.

Remove comment in docs saying strz is unused.

* Change asdf to Hello world

* Add test of address to first element in string

* Add error reporting function to getErrorMessages

* Fix strings in test
2018-10-14 18:49:34 +02:00
orbitcowboy 55ff7c0823 test std.cfg: Updated tests for strncpy_s(). 2018-05-31 11:23:54 +02:00
orbitcowboy d412c3908f test std.cfg: Fixed introduced regression. 2018-05-30 16:30:00 +02:00
orbitcowboy 39feb150c0 std.cfg and windows.cfg: Added support for wcscat_s() and _tcscat_s(). 2018-05-30 16:25:09 +02:00
orbitcowboy d06eb3eb8f std.cfg: Added support for strcat_s() (since C11). 2018-05-30 14:30:26 +02:00
orbitcowboy 75e28e46c5 windows.cfg: Added support for _mbscat(). 2018-05-28 10:08:11 +02:00
orbitcowboy 5b6e6db376 test std.cfg: Added more test cases for strcat() functions. 2018-05-27 10:16:02 +02:00
orbitcowboy d7c8c46c10 test std.cfg: Improved testing for strcat() and wcscat(). 2018-05-25 08:36:47 +02:00
Sebastian b370861bed test/cfg/std.c: Cleaning up function names and redundant tests (#1198)
Make the names of uninitvar_* functions consistent and fix typos.
Remove completely redundant functions/tests. Combine according tests if
they are not completely redundant.
2018-05-01 07:33:43 +02:00
Sebastian 6208ee4af1 std.cfg: Add asctime_s function configuration with tests (#1191)
* std.cfg: Add asctime_s function configuration with tests

* std.cfg: Remove redundant/not needed not-bool attributes.
2018-04-27 23:51:16 +02:00
Sebastian 038064436d std.cfg: Fix minsize configuration for vsprintf (#1188)
minsize with argvalue for arg 2 which is a char pointer makes no sense.
Changing it to minsize with strlen for arg 2 results in false positives
(and i think false negatives too).
In std.c a test with a valid vsprintf usage is added that would result
in a FP when minsize with strlen for arg 2 would be used.
2018-04-25 02:52:19 +02:00
orbitcowboy e76f1e70e8 Added tests for invalidFunctionArg. 2018-04-23 12:54:49 +02:00
Sebastian d3284d5d54 std.cfg: Add strncpy_s and strncat_s (#1136) 2018-03-26 18:38:26 +02:00
Sebastian bbe9fad81d
std library: Resolve two TODOs (#1074)
First resolved TODO in std.c is obsolete since the "res" variable is used later
and there is therefore no warning issued.
Second resolved TODO in std.c: A warning for uninit variables is issued by
cppcheck, so this check can be enabled. Since assert() has no noreturn configuration
(currently a useful configuration is not really possible, see ticket 8329) the
check-library message is suppressed.
2018-02-12 16:42:23 +01:00
Sebastian 9eb6d38c06 std library: Add tests for wide character string functions, fix config (#1085)
Add equivalent tests for the wide character string functions like they
are already done for the normal string functions.
Fixed some issues with the configuration of the wide character string
functions that arised through the tests and were already fixed for the
normal string functions.
2018-02-09 21:17:01 +01:00
Sebastian 4b5e4f989a std config: Remove misspelled function "strbprk" (#1065)
Remove misspelled function configuration "strbprk" (also from the
tests). The correct function "strpbrk" is already configured and tested.
2018-01-29 17:28:44 +01:00
Daniel Marjamäki 58034dee86 Fixed #8076 (unmatched suppression when calling ./runtests.sh (test/cfg)) 2018-01-10 15:52:06 +01:00
versat cc435c3e92 Add missing tests for strncpy
Add tests for verifying that the bufferoverrun tests are correct.
2017-12-11 10:25:59 +01:00
U-SAMS\Alexander a8e12a6f29 Fix&cheat to make config test pass on cygwin 2017-05-03 11:41:37 +02:00
orbitcowboy beb72c2583 Revert changes from 9cb0941df2. 2017-02-02 15:53:52 +01:00
orbitcowboy 9cb0941df2 std.cfg: Take the return value from fread() into account. 2017-02-02 13:33:06 +01:00
orbitcowboy 55ae961ac2 std.cfg and windows.cfg: Improved support for <use-retval/> for functions like ftell(), [f]get[w]c(). 2016-11-26 21:31:15 +01:00
orbitcowboy 8a0f856e95 Fixed regression in test/cfg/std.c introduced by b0d09926fb. 2016-11-26 21:14:31 +01:00
orbitcowboy ed453d24da std.cfg: Added returnValue support for iswdigit(). 2016-11-04 14:20:59 +01:00
orbitcowboy 75124317e9 std.cfg: Added returnValue support for iswblank(). 2016-11-04 14:03:48 +01:00
Matthias Krüger 0b6db67de2 checkcfg: add missing inline suppression for ignoredReturnValue of abs() 2016-10-18 22:20:06 +02:00
orbitcowboy d5a145f288 std.cfg: Added <returnValue> information to isblank(). 2016-10-18 11:00:12 +02:00
Daniel Marjamäki 57c5e0be3a test that abs,isdigit,strlen are calculated properly 2016-10-17 14:16:08 +02:00
Daniel Marjamäki e8182395f7 Fix 'make checkcfg' by adding inline suppressions when obsolete functions are used. 2015-11-22 17:52:47 +01:00
Daniel Marjamäki f5bd00f153 Library: return true from Library::isnullargbad() for format string arguments. Related with #7012. 2015-10-03 20:51:45 +02:00
Martin Ettl 2fbb25e9bc test/std.cfg: Added more test cases and comments. 2015-10-01 20:18:06 +02:00
Martin Ettl 12b4bf75e0 std.cfg: Fixed false negatives regarding uninitialized variable usage and added test cases. 2015-09-30 13:10:31 +02:00
Martin Ettl 0b782853fe Imroved std.cfg and added more test cases. 2015-09-30 12:45:40 +02:00
Martin Ettl 4fcd324ccd Improved testing of std.cfg regarding <arg nr=any> configured functions and added more test cases. 2015-09-30 12:18:56 +02:00
Martin Ettl c64f9cf9b1 #7012: Fixed FP in std.cfg by explicitly definining the first parameter of snprintf. 2015-09-29 21:33:39 +02:00
Martin Ettl 69b1e21560 Improved testing of std.cfg and added more test cases for snprintf(). There is a FP (according to #7012). 2015-09-29 21:14:22 +02:00
Martin Ettl 7476f0d1c2 std.cfg: Added support for wmemcmp() and corresponding test cases. 2015-09-23 22:46:36 +02:00
Martin Ettl f2fae9836b test/cfg: Another attempt to fix travis build. 2015-09-21 21:51:19 +02:00
Martin Ettl 55ccaea4a5 std.cfg: Added more functions from <cuchar> and corresponding test cases. 2015-09-21 13:40:56 +02:00
Martin Ettl 39622417b1 Improved std.cfg and added coressponding test cases to test/cfg. 2015-09-18 23:57:20 +02:00
orbitcowboy fd81ee9804 test/cfg: Improved testing of std.cfg regarding uninitialized and nullPointer checks. 2015-09-11 16:50:59 +02:00
orbitcowboy 3187a2b972 test/cfg: Improved testing of std.cfg regarding null pointer dereferences. 2015-09-11 16:29:39 +02:00
orbitcowboy 5e50166135 Improved testing of std.cfg. 2015-09-10 16:45:14 +02:00
orbitcowboy 66b9d8bf38 Improved testing of std.cfg and posix.cfg. 2015-09-10 11:50:47 +02:00
orbitcowboy 2b416419de test/cfg: Improved testing of std.cfg regarding uninitialized variables. 2015-09-09 16:59:26 +02:00
orbitcowboy 52090f5725 test/cfg: Improved testing of std.cfg regarding uninitialized variables. 2015-09-09 16:32:52 +02:00
orbitcowboy e929e9e7d9 test/cfg: Improved testing of std.cfg regarding uninitialized variables. 2015-09-08 16:08:43 +02:00
orbitcowboy 60770a8fdc test/cfg: Improved testing of std.cfg regarding uninitialized variables. 2015-09-08 15:43:22 +02:00
orbitcowboy 7d229f082c test/cfg: Improved testing of std.cfg regarding uninitialized variables. 2015-09-08 11:45:13 +02:00
orbitcowboy 03495360d8 test/cfg: Improved testing of std.cfg regarding uninitialized variables. 2015-09-07 16:57:34 +02:00
Martin Ettl 8ffa96975a test/cfg/: Removed invalid test case. 2015-09-05 09:44:43 +02:00
Martin Ettl bcb7dce97e Fix Travis build. 2015-09-04 23:50:50 +02:00
Martin Ettl 6304eb35f9 Improved testing of std.cfg regarding uninitialized variables. 2015-09-04 23:45:31 +02:00
Martin Ettl 27b3461e84 Fixed #6974 - false negative: uninitialized variable not detected (signal). 2015-09-04 22:48:00 +02:00
orbitcowboy 5428813534 Improved testing of std.cfg regarding uninitialized variables. 2015-09-04 11:59:19 +02:00
orbitcowboy c955fafd84 Improved testing of std.cfg regarding uninitialized variables. 2015-09-04 11:26:43 +02:00
orbitcowboy 9daf78527f Improved testing of std.cfg regarding uninitialized variables. 2015-09-03 16:34:44 +02:00
orbitcowboy 84d8a869d0 Improved testing of std.cfg regarding uninitialized variables. 2015-09-03 16:03:16 +02:00
orbitcowboy 34551203a6 Improved testing of std.cfg regarding uninitialized variables. 2015-09-02 17:08:25 +02:00
orbitcowboy 651e225069 Improved testing of std.cfg regarding uninitialized variables. 2015-09-02 12:00:03 +02:00
orbitcowboy d87d2ff779 Improved testing of std.cfg regarding uninitialized variables. 2015-09-01 16:50:36 +02:00
orbitcowboy c64e74492b Improved testing of std.cfg regarding uninitialized variables. 2015-09-01 11:59:24 +02:00
orbitcowboy 974414645a Improved testing of std.cfg regarding uninitialized variables. 2015-09-01 11:29:28 +02:00
orbitcowboy f24fdb4257 Improved testing of std.cfg. 2015-08-31 17:10:10 +02:00
orbitcowboy 0dd0f2a97d Improved testing of std.cfg and added more test cases. 2015-08-31 13:35:57 +02:00
orbitcowboy d1ba919e39 Improved testing of std.cfg regarding uninitialized variables. 2015-08-31 11:59:57 +02:00
orbitcowboy f653189bd4 Improved testing of std.cfg and added more test cases. 2015-08-31 11:39:25 +02:00
Martin Ettl 5e9325b4f4 test/cfg: Improved testing of std.cfg and added more test cases. 2015-08-30 12:05:38 +02:00
Martin Ettl fb643ba2d4 Running astyle; test/cfg/: Since #6958 is fixed, activated test cases for fma()-functions. 2015-08-30 11:59:33 +02:00
Martin Ettl 0e3b74fbbc test/cfg: Improved testing of std.cfg. Fixed false negatives by adding more stdandard namespace functions and test cases. 2015-08-29 01:43:17 +02:00
Martin Ettl 08413f0112 test/cfg: Improved testing of std.cfg. 2015-08-29 00:09:33 +02:00
orbitcowboy 994ba5d5a4 Improved testing of std.cfg. 2015-08-28 17:04:47 +02:00
Martin Ettl c26ec86508 std.cfg: Readded accidentially removed functions from <cfenv> and added test cases to test/cfg/std.cpp. 2015-08-16 15:05:42 +02:00
Martin Ettl 58d7b8a3f2 std.cfg: Added more test cases. 2015-08-16 14:49:35 +02:00
Martin Ettl 2665fb9481 std.cfg: Removed some non-existent functions that accidentially declared being in standard namespace. Improved testing of std.cfg functions. 2015-08-16 14:38:13 +02:00
Martin Ettl a8af7142a1 std.cfg: Added more test functions. 2015-08-16 01:29:34 +02:00
Martin Ettl 716b4d6e18 Another attempt to fix the current travis build. Improved testing of std.cfg. 2015-08-16 01:21:11 +02:00
Martin Ettl b2bf6cde5f std.cfg: Improved testing of libary functions. Removed some non existent such as std::sinf from the libary and added corresponding test cases to test/cfg/. 2015-08-16 00:52:52 +02:00
Martin Ettl 77869b7812 test/cfg: Improved testing of functions from standard namespace. Added test/cfg/*.c* files to astyle script and formatted code. 2015-08-14 01:36:44 +02:00
Martin Ettl ceafde86ad Library: Removed not needed suppressions. 2015-08-10 23:09:56 +02:00