walkero/cppcheck
1
0
Fork 0
Code Issues Pull Requests Projects Releases1 Wiki Activity
24,977 Commits 13 Branches 88 Tags
f309925a7b
Commit Graph

677 Commits

Author SHA1 Message Date
Daniel Marjamäki
d27a4ad82e CheckBufferOverrun: Fix ctu checking 2019-03-23 15:26:13 +01:00
Daniel Marjamäki
a135683d2f Refactoring; Renamed CWE786 and CWE788 2019-03-23 08:41:20 +01:00
Daniel Marjamäki
15fc9a622d CheckBufferOverrun: Add CTU analysis 2019-03-23 08:36:10 +01:00
Daniel Marjamäki
031362ae01 CheckBufferOverrun: Fix false positive 2019-03-19 21:07:08 +01:00
Daniel Marjamäki
6cbe818f1a Fix uninitialized variable usage 2019-03-19 13:17:27 +01:00
Daniel Marjamäki
a0e58f0039 Revert "Revert "CheckBufferOverrun: Handle multidimensional arrays"" 
This reverts commit 9d1755f449a75d87bab9fb62b4729a4d5c479889.
 2019-03-19 13:16:22 +01:00
Daniel Marjamäki
9d1755f449 Revert "CheckBufferOverrun: Handle multidimensional arrays" 
This reverts commit e98a4a6f1475db03473d544d576827e49f9a9575.
 2019-03-19 13:13:29 +01:00
Daniel Marjamäki
e98a4a6f14 CheckBufferOverrun: Handle multidimensional arrays 2019-03-19 09:29:32 +01:00
Daniel Marjamäki
b53a2e5dc4 CheckBufferOverrun: restore minsize code 2019-03-17 20:34:49 +01:00
Daniel Marjamäki
03f8535c71 Better multiline warning when there is buffer overflow 2019-03-17 20:12:02 +01:00
Daniel Marjamäki
3c85d8a8ac ValueFlow: Better info for buffer size values 2019-03-17 19:02:36 +01:00
Sebastian
19e9e42dd7
Library: Enhance minsize configuration and allow simple values. () 
Some POSIX and Windows functions require buffers of at least some
specific size. This is now possible to configure via for example this
minsize configuration: `<minsize type="value" value="26"/>`.
The range for valid buffer size values is 1 to LLONG_MAX
(9223372036854775807)
 2019-03-17 14:22:26 +01:00
Daniel Marjamäki
0771929518 Buffer overflow: Handling of dynamically allocated buffer 2019-03-17 13:40:56 +01:00
Daniel Marjamäki
92f4113b59 Array index: Checking array index out of bounds for dynamic buffers 2019-03-17 13:09:15 +01:00
Daniel Marjamäki
2ecfae0a98 CheckBufferOverrun: the bufferNotZeroTerminated did not work well, hide that for now 2019-03-13 06:45:01 +01:00
Daniel Marjamäki
81a1d744c6 CheckBufferOverrun: fix FP for array definition of static class member 2019-03-13 06:39:09 +01:00
Daniel Marjamäki
67e8b99c2c CheckBufferOverrun: Readd a check for strncpy/memcpy/etc 2019-03-12 21:15:26 +01:00
Daniel Marjamäki
0c08f6db6c CheckBufferOverrun: Use AST to lookup array 2019-03-12 06:46:38 +01:00
Daniel Marjamäki
4ababeb704 Fix 'make checkcfg' 2019-03-11 21:39:39 +01:00
Daniel Marjamäki
ea23033a65 Array index out of bounds: Fix false positive 2019-03-11 20:33:08 +01:00
Daniel Marjamäki
17253cdb55 buffer overflow: Fix false positive 2019-03-11 19:40:17 +01:00
Daniel Marjamäki
bd048085bd Add CheckBufferOverrun::arrayIndexThenCheck 2019-03-11 19:20:06 +01:00
Daniel Marjamäki
a933261e14 Add message id arrayIndexOutOfBoundsCond 2019-03-11 19:12:03 +01:00
orbitcowboy
0721c9f7f0 Running astyle [ci skip]. 2019-03-11 15:32:30 +01:00
Daniel Marjamäki
729f57d8f1 Start a major rewrite of CheckBufferOverrun. For now only the 'array index' and 'buffer overflow' checks are rewritten. 
There are important TODOs still; for instance adding CTU support using our CTU infrastructure, add handling of pointers (maybe I'll use FwdAnalysis for this), add handling of multidimensional arrays, etc..
 2019-03-11 12:34:33 +01:00
Daniel Marjamäki
3eb5de756c Buffer overrun: Refactorings; use range for loops and write in message 2019-03-09 22:19:09 +01:00
amai2012
eb9edbc177 Crash caused by package "procserv" in lib/token.h:921 function Token::getKnownIntValue - Fix and test for alternative code example. 2019-03-08 11:07:33 +01:00
Daniel Marjamäki
c32d015337 Fixed false positives from terminateStrncpy 2019-03-06 18:50:50 +01:00
Daniel Marjamäki
3f37d5ac2d Refactoring strncpy/strncat checking to use ValueFlow and AST 2019-03-06 09:04:04 +01:00
Daniel Marjamäki
bd7790fd8c Update copyright year 2019-02-09 07:24:06 +01:00
Daniel Marjamäki
271763e680 CTU: Refactoring 2018-12-25 21:11:23 +01:00
Daniel Marjamäki
2214ef5359 Refactor isVLAIndex 2018-11-23 20:23:20 +01:00
orbitcowboy
0858488825
insecureCmdLineArgs: Fixed FN in case strdup() copies argv[]. () 
* insecureCmdLineArgs: Fixed FN in case strdup() copies argv[].

* Formatted the code. There are no functional changes intended.

* Changes due to review comments from Daniel.
 2018-10-19 11:04:15 +02:00
orbitcowboy
a6e8270474
insecureCmdLineArgs: Fixed false negatives in case arguments are const. () 
* insecureCmdLineArgs: Fixed false negatives in case arguments are const.

* Formatted the code, there are functional changes.

* Simplified matching as suggested by Daniel.
 2018-10-15 10:05:43 +02:00
Daniel Marjamäki
20121b34d8 Fixed (False positive: out of bounds of already resized std::string) 2018-10-09 06:53:26 +02:00
Daniel Marjamäki
12b7c9e597 Fix Cppcheck warning 2018-09-01 08:41:41 +02:00
Daniel Marjamäki
f388c77042 Fixed (Regression: False positive array index out of bounds) 2018-08-31 18:25:43 +02:00
Daniel Marjamäki
27aae8d032 Fixed (crash (CheckBufferOverrun::checkGlobalAndLocalVariable): local function) 2018-08-30 10:04:07 +02:00
Daniel Marjamäki
54cfdb731e Refactoring; Use Token::isUnaryOp() to clarify code 2018-07-13 23:12:20 +02:00
Daniel Marjamäki
4c6270f9b2 Refactoring: use range for loop 2018-06-30 15:34:48 +02:00
Daniel Marjamäki
cb48aae594 buffer overrun: Remove bailout. There is no test case and I fail to produce false positives. 2018-06-24 09:50:55 +02:00
Daniel Marjamäki
19cf0d1fa4 Refactoring; use range for loop 2018-06-17 18:37:40 +02:00
Daniel Marjamäki
ad4ce84cf7 Rename private member variables 2018-06-17 17:20:16 +02:00
Daniel Marjamäki
79ffe1d4fc Rename _tokenizer, _settings, _errorLogger 2018-06-16 16:10:28 +02:00
Matthias Krüger
be6c273e6b CheckBufferOverrun::checkScope_inner(): save a few pointer derefernces (NFC). 2018-05-31 12:28:34 +02:00
Daniel Marjamäki
ca8e19c96d SymbolDatabase: Refactor SymbolDatabase: variable list 2018-04-28 09:38:33 +02:00
Daniel Marjamäki
f336c2efe7 Refactoring; Renamed Scope::classStart and Scope::classEnd 2018-04-27 22:36:30 +02:00
Daniel Marjamäki
f058d9ad08 CLI: Added more fields for --template and added a new --template-location. The gcc predefined template now matches latest gcc better. 2018-04-23 12:21:18 +02:00
PKEuS
d2146844dd Refactorizations: 
- Replace several push_back-calls by emplace_back
- Replace some x = x.substr(0, y) calls by x.erase(y)
 2018-04-11 09:44:35 +02:00
PKEuS
b15cc3f236 Refactorization: Replace several push_back-sequences by initializer lists 2018-04-09 09:54:39 +02:00