Commit Graph

537 Commits

Author SHA1 Message Date
Paul Fultz II 6c2b1f093d
Another fix for 10728: Crash in CheckStl::checkDereferenceInvalidIterator2() (#3735)
* Another fix for 10728: Crash in CheckStl::checkDereferenceInvalidIterator2()

* Format
2022-01-21 09:56:41 +01:00
Paul Fultz II 7b793af451
Fix 10728: Crash in CheckStl::checkDereferenceInvalidIterator2 (#3721)
* Fix 10728: Crash in CheckStl::checkDereferenceInvalidIterator2

* Format
2022-01-18 14:48:02 +01:00
Paul Fultz II 2b6a89e30e
Fix 10716: Crash in CheckStl::checkDereferenceInvalidIterator2 (#3709)
* Fix 10716: Crash in CheckStl::checkDereferenceInvalidIterator2

* Format
2022-01-14 23:50:33 +01:00
chrchr-github af0a585a70
Partial fix for #9157 False negative: stlOutOfBounds, cast (#3699) 2022-01-13 08:03:24 +01:00
Oliver Stöneberg 0ba9cb4e64
fixed some unusedFunction warnings (#3618) 2022-01-04 15:48:08 +01:00
Oliver Stöneberg 38de9214a8
small CheckStl optimization (#3645) 2021-12-20 07:29:45 +01:00
Paul Fultz II 8dcea26c10
Find iterator mismatch when using temporary containers (#3579) 2021-12-04 12:55:56 +01:00
Paul Fultz II b80e24231b
Fix 10604: FP mismatchingContainerIterator with container member (#3575) 2021-11-23 22:50:32 +01:00
Paul Fultz II 112363c9d1
Fix 10590: container access out of bounds not found (#3560)
* Refactor container bounds check

* Use symbolic values

* Add test case

* Format
2021-11-13 07:45:29 +01:00
Daniel Marjamäki d90ee9bfb9 klocwork fixes; remove redundant nullpointer checks 2021-10-28 08:58:16 +02:00
Daniel Marjamäki eeaf2e5ff0 klocwork fixes; check that astSibling for comparison op does not return nullptr. remove check that pointer is non-null, the check should be redundant. 2021-10-28 08:55:08 +02:00
Daniel Marjamäki a838cb65fb stlFindInsert: Take care of review comments 2021-10-25 19:13:06 +02:00
Daniel Marjamäki d2d53e5043 Fixed #10558 (False positive; Searching before insertion in a loop is needed) 2021-10-24 19:13:42 +02:00
Paul Fultz II 84f102283b
Warn when modifying container from another function in a loop (#3510) 2021-10-15 11:54:29 +02:00
Paul Fultz II 82b725e540
Fix FP when using deferred locks (#3441) 2021-09-04 19:06:48 +02:00
Paul Fultz II e0de48bb1d
Fix 7524: ValueFlow: false path for 'x<3' (#3393) 2021-08-16 09:19:07 +02:00
Paul Fultz II 7f358b2bed
Format with uncrustify (#3388) 2021-08-07 20:51:18 +02:00
Daniel Marjamäki e6d1b44758 Revert "Remove unnecessary null check (#3213)"
This reverts commit 6d13975def.
2021-05-01 18:54:51 +02:00
Ken-Patrick Lehrmann 6d13975def
Remove unnecessary null check (#3213) 2021-05-01 18:51:51 +02:00
Paul Fultz II c1bb1d771b
Fix issue 10012: False positive: mismatching container, not containers (#3222)
* Fix issue 10012: False positive: mismatching container, not containers
2021-04-19 09:17:02 +02:00
Oliver Stöneberg 6397e29f84
cleaned up includes based on include-what-you-use (#3141) 2021-04-03 21:30:50 +02:00
Daniel Marjamäki 42437277dc Update Copyright year 2021-03-21 20:58:32 +01:00
PKEuS 141d2ac215 Refactorization: Improved internal implementation of severity and certainty levels
Backported from LCppC.
2021-02-24 22:00:06 +01:00
Daniel Marjamäki cc1dfe243c Fix Cppcheck warnings 2021-02-20 17:22:04 +01:00
PKEuS 25678a9faf Refactorized CheckStl::string_c_str(), fixing some false negatives by supporting member functions and overloads
Merged from LCppC.
2021-02-20 12:52:39 +01:00
Ken-Patrick Lehrmann 4e35f19659
10153: Check that string.find() is compared with 0 before recommending starts_with() (#3099) 2021-01-31 12:05:38 +01:00
orbitcowboy bb451ca289 Running astlye [ci skip] 2021-01-22 21:47:24 +01:00
Oliver Stöneberg 491f4874c5
fixed/aligned some compiler warnings (#3065) 2021-01-21 18:13:32 +01:00
abhijit-sawant b97387db66
Made missing comparison in loop check more generic (#3048) 2021-01-18 08:11:37 +01:00
Daniel Marjamäki 503662f625 Try to fix null pointer dereference 2021-01-15 08:27:58 +01:00
Daniel Marjamäki 55262f03ec Fixed #9218 (False positive: Searching before insertion is not necessary (stlFindInsert)) 2021-01-14 22:31:43 +01:00
Daniel Marjamäki 1858465bca astyle formatting
[ci skip]
2021-01-12 21:28:56 +01:00
Paul Fultz II b1c56d33ac
Fix issue 9133: Invalid iterator; vector::push_back, functions (#3008) 2021-01-11 18:47:38 +01:00
orbitcowboy 02b714f6dc Code formatting [ci skip] 2021-01-04 13:09:05 +01:00
abhijit-sawant a4a225203c
Fix #9938 (false positive: StlMissingComparison) (#2989) 2021-01-04 10:07:07 +01:00
Daniel Marjamäki 8bd783f820 Refactoring; Added findBreakScope and Scope::isLoopScope() 2020-12-24 22:58:31 +01:00
Paul Fultz II ae6f611df0
Fix issue 9973: False positive: mismatching iterator container, reference (#2893) 2020-11-10 09:38:05 +01:00
Paul 1753c2ddee Remove known conditions 2020-09-08 12:39:27 -05:00
Paul 7754449fd6 Format 2020-09-06 23:48:05 -05:00
Paul 04c85baf03 Fix issue 8869: false negative: (error) Invalid v.at() argument nr 1 2020-09-06 23:46:31 -05:00
Daniel Marjamäki 7d51baa2f0 Fixed GCC warning, variable bodyTok is unused. False negative ticket: #9876 2020-09-05 08:17:40 +02:00
Daniel Marjamäki c1e03d63b2 astyle formatting
[ci skip]
2020-09-02 13:03:30 +02:00
Paul Fultz II dea5a23c34
Improve check: check for known empty containers passed to algorithms (#2768) 2020-09-02 07:11:23 +02:00
Paul Fultz II 494fff65b7
Add outOfBounds check for iterators to containers (#2752) 2020-08-26 21:05:17 +02:00
Paul Fultz II 46bf2d7d52
Dont diagnose impossible values for iterators (#2755) 2020-08-26 06:58:53 +02:00
Daniel Marjamäki 2bb73840fc astyle formatting 2020-08-23 17:17:33 +02:00
Paul Fultz II ac846b96d1
New check: Iterating a known empty container (#2740) 2020-08-22 09:16:26 +02:00
Paul 7776fb82a2 Fix issue 737: new check: Dereference end iterator 2020-08-17 16:36:45 -05:00
Paul 56affc9080 Fix issue 9780: FP: invalidContainer calling push_back after getting the address of the vector 2020-08-06 21:08:30 -05:00
Paul caabe56f14 Handle FPs: mutexes being locked at different scopes 2020-07-12 21:31:53 -05:00
Paul 82b91869ee Extend mutex checking for more locking patterns 2020-06-26 15:06:20 -05:00
Paul 3c10a9c659 Update message 2020-06-24 18:09:30 -05:00
Paul f7029e62ac Check for mor FPs 2020-06-17 17:06:06 -05:00
Paul 18225ee27e Update text and change to warnings 2020-06-16 10:32:39 -05:00
Paul 172537807b Add check for incorrect usage of mutexes and lock guards 2020-06-15 19:40:54 -05:00
Paul Fultz II 86ed860d26
Fix issue 9548: False negative: Mismatching iterators when inserting into a vector (#2595) 2020-06-06 17:54:56 +02:00
Oliver Stöneberg 37bc0483a4
made check.h less heavy (#2633) 2020-05-23 07:16:49 +02:00
Paul Fultz II 4270819728
Fix issue 9713: FP invalidContainerLoop when modifying container and immediately exiting the loop (#2659) 2020-05-23 07:14:45 +02:00
Paul Fultz II 6162ebd608
Fix issue 9714: FP invalidContainer related to auto and std::string::insert (#2660) 2020-05-23 07:13:55 +02:00
Daniel Marjamäki 08ddd84780 Update copyright year 2020-05-10 11:16:32 +02:00
Daniel Marjamäki 3e0218299b Revert "Update copyright year"
This reverts commit 6eec6c4bd5.
2020-05-10 11:13:05 +02:00
Daniel Marjamäki 6eec6c4bd5 Update copyright year 2020-05-10 11:11:34 +02:00
Oliver Stöneberg 2c1e36e63e
cleaned up includes based on include-what-you-use (#2600)
* cleaned up includes based on include-what-you-use

* check.h: trying to work around Visual Studio 2012 bug

* fixed Visual Studio compilation
2020-04-13 13:44:48 +02:00
Daniel Marjamäki b67a043e5b Remove unused variable 2020-04-10 13:16:15 +02:00
Oliver Stöneberg e3b644d877
aligned GCC warnings (#2592)
* excluded oss-fuzz related CMake targets from all

* checkstl.cpp: fixed -Wmissing-declarations warning

* suppress -Wsuggest-attribute=format GCC warnings for tinyxml in CMake for now

* aligned GCC warnings in dmake, CMake and Travis / removed now useless WARNINGS_ANSI_ISO
2020-04-08 14:56:12 +02:00
Paul Fultz II efdc5f5c4e
Fix issue 9435: False negative: invalidContainer when using range for loop (#2587)
* Fix issue 9435: False negative: invalidContainer when using range for loop

* Use ast

* Make string const
2020-04-04 11:47:02 +02:00
Paul Fultz II a22a77c1fc
Use library config for unstable containers instead of hardcoded values (#2585)
* Use library config for unstable containers instead of hardcoded values

* Fix xml validation
2020-04-03 13:16:57 +02:00
Daniel Marjamäki 1fd85c0ae8 Fixed #9630 (False positive: in stlIfFind checking, if with initializer is not handled properly) 2020-02-18 19:02:54 +01:00
Paul Fultz II 95a48eac67
Fix issue 9598: False positive: Using iterator to local container that may be invalid for loop handling (#2539) 2020-02-16 15:56:52 +01:00
Paul Fultz II d858bfc338
Fix issue 9599: False positive: Using object that points to local variable that may be invalid (#2530)
* Fix issue 9599: False positive: Using object that points to local variable that may be invalid

* Improve tests

* Skip else
2020-02-11 11:45:10 +01:00
Ken-Patrick Lehrmann 5f73e1cb32 Fix 9546: properly check that the bound is the size (#2475)
Previously, as the check was done on the token and not on the ast,
`i <= v.size()` and `i <= v.size() - 2` would both raise the same
warning.

This patch fixes this, but this mean the check is only done when the
condition if `i <= v.size()`. Any other (more complex) condition is
ignore, and so we have false negative for instance with
 `i <= v.size() + 1`.
2020-01-05 16:24:25 +01:00
Paul Fultz II 30b9455e89 Fix issue 9556: FP mismatchingContainers: raw pointer comparison (#2465)
* Fix issue 9556: FP mismatchingContainers: raw pointer comparison

* Formatting
2020-01-01 12:02:21 +01:00
Daniel Marjamäki 31bddb6ae0 astyle formatting
[ci skip]
2019-12-26 15:48:29 +01:00
Paul Fultz II 42d44f02a2 Use lifetime analysis for checking mismatching containers (#2456)
* Use lifetimes to check for mismatching containers

* Fix error messages

* Format

* Remove unused variables

* Fix configuration and track iterators through algorithms

* Fix iterator value types in qt config

* Fix library issue with QStringList

* Remove unused functions

* Fix cppcheck errors
2019-12-25 09:32:50 +01:00
Daniel Marjamäki 252c3a17fa Fixed #7107 (False positive iterators - using alias for container) 2019-12-20 12:13:26 +01:00
Paul Fultz II 694d147097 Refactor ProgramMemory and PathAnalysis (#2311)
* Traverse conditions for container size

* Move program memory to seperate file

* Revert "Traverse conditions for container size"

This reverts commit 914783769f.

* Move pathanalysis to seperate files
2019-10-30 17:57:46 +01:00
Paul Fultz II ad8abdb0c3 Add impossible values to ValueFlow (#2186)
* Add impossible category

* Replace values

* Try to adjust known values

* Add ! for impossible values

* Add impossible with possible values

* Remove contradictions

* Add values when the branch is not dead

* Only copy possible values

* Dont bail on while loops

* Load std lib in valueflow

* Check for function calls

* Fix stl errors

* Fix incorrect impossible check

* Fix heap-after-use error

* Remove impossible values when they are lowered

* Show the bound and remove overlaps

* Infer conditions

* Dont push pointer values through dynamic_cast

* Add test for dynamic_cast issue

* Add shifttoomanybits test

* Add test for div by zero

* Add a test for issue 9315

* Dont make impossible value inconclusive

* Fix FP with shift operator

* Improve handleKnownValuesInLoop for impossible values

* Fix cppcheck warning

* Fix impossible values for ctu

* Bailout for streams

* Check equality conditions

* Fix overflows

* Add regression test for 9332

* Remove duplicate conditions

* Skip impossible values for invalid value

* Check for null

* Rename bound to range

* Formatting
2019-09-20 15:06:37 +02:00
Paul Fultz II ba037837c9 Track lifetime across multiple returns
This will now warn when doing something like this:

```cpp
template <class T, class K, class V>
const V& get_default(const T& t, const K& k, const V& v) {
    auto it = t.find(k);
    if (it == t.end()) return v;
    return it->second;
}
const int& bar(const std::unordered_map<int, int>& m, int k) {
    auto x = 0;
    return get_default(m, k, x);
}
```

The lifetime warning is considered inconclusive in this case.

I also updated valueflow to no tinject inconclusive values unless `--inconclusive` flag is passed. This creates some false negatives because library functions are not configured to not modify their input parameters, and there are some checks that do not check if the value is inconclusive or not.
2019-09-11 19:25:09 +02:00
Paul Fultz II 88d194214f Fix FP with invalidContainerRef (#2141) 2019-09-03 06:41:35 +02:00
Daniel Marjamäki 7d63bdee6f astyle formatting
[ci skip]
2019-09-02 06:59:07 +02:00
Paul Fultz II cb509f1a8b Fix issue 4845: alias to vector element invalid after vector is changed (#2113)
* Try harder to track ref lifetimes

* Dont add lifetimes for references

* Use correct token

* Check for front and back as well

* Improve handling of addresses

* Formatting

* Fix FP
2019-09-02 06:58:09 +02:00
Daniel Marjamäki 996daaee4e STL: Fixed outOfBounds false positive 2019-08-24 15:40:29 +02:00
Paul Fultz II ef714225bb Use library to track container lifetimes 2019-08-15 21:14:54 +02:00
Paul Fultz II 68e8253920 Fix issue 8313 and 7326: Track values of pointer aliases in valueflow 2019-08-12 12:58:53 +02:00
Paul Fultz II 3ec3bd52e0 Fix FP when using a pointer to a container (#2029) 2019-07-24 00:04:49 +02:00
Paul Fultz II a08a9c1349 Switch to use lifetime analysis for iterators and pointers to invalid containers
This will diagnose more issues such as:

```cpp
void f(std::vector<int> &v) {
    auto v0 = v.begin();
    v.push_back(123);
    std::cout << *v0 << std::endl;
}
```
2019-07-18 10:56:44 +02:00
Daniel Marjamäki 90a215af0e Rephraze performance message. /would be faster/could be faster/ to indicate that Cppcheck is not _sure_ that it would be faster 2019-07-17 16:06:10 +02:00
Daniel Marjamäki 9973db3a71 Modernize: Use enum class for Library::Action and Library::Yield 2019-07-17 11:39:30 +02:00
Daniel Marjamäki 5eff1b0f4a Replace 'unsigned' with 'nonneg' in checkstl 2019-07-15 14:05:23 +02:00
Daniel Marjamäki fe04c15c9e CheckStl: Modernize the recommendations. string::starts_with is more intuitive than string::compare 2019-05-05 10:35:44 +02:00
Paul Fultz II 091f4bcf8d Add check for unnecessary search before insertion
This will warn for cases where searching in an associative container happens before insertion, like this:

```cpp
void f1(std::set<unsigned>& s, unsigned x) {
    if (s.find(x) == s.end()) {
        s.insert(x);
    }
}

void f2(std::map<unsigned, unsigned>& m, unsigned x) {
    if (m.find(x) == m.end()) {
        m.emplace(x, 1);
    } else {
        m[x] = 1;
    }
}
```

In the case of the map it could be written as `m[x] = 1` as it will create the key if it doesnt exist, so the extra search is not necessary.

I have this marked as `performance` as it is mostly concerning performance, but there could be a copy-paste error possibly, although I dont think thats common.
2019-05-02 11:04:23 +02:00
Daniel Marjamäki 54bea2847a STL: Better out of bounds checking for empty containers when index is unknown 2019-03-29 15:20:17 +01:00
Daniel Marjamäki 3c30d274a0 Clarify STL out of bounds warning message 2019-03-29 11:13:25 +01:00
Daniel Marjamäki e88a0c00c1 Fixed #9039 (STL: array index out of bounds: str.begin() + 1) 2019-03-28 12:49:52 +01:00
Paul Fultz II 3615eac347 Move useStlAlgorithm to normal checking (#1741) 2019-03-15 06:15:56 +01:00
Daniel Marjamäki 34711bcb93 Remove unused functions 2019-03-11 12:23:22 +01:00
Daniel Marjamäki f9fe6cc96a STL: Removed auto_ptr checking. 2019-03-09 07:48:01 +01:00
Daniel Marjamäki bd7790fd8c Update copyright year 2019-02-09 07:24:06 +01:00
Daniel Marjamäki d18f5d8709 CTU: Reuse CheckNullPointer::isPointerDeRef in the nullpointer isUnsafeUsage 2018-12-29 09:26:57 +01:00
Daniel Marjamäki ff469867e7 Refactor CheckStl::stlOutOfBounds 2018-11-28 20:30:58 +01:00