Roberto Martelloni
d3645d874e
Mapped toomanyconfigs ,AssignmentAddressToInteger
...
,AssignmentIntegerToAddress ,CastIntegerToAddressAtReturn
,CastAddressToIntegerAtReturn ,assertWithSideEffect ,assignmentInAssert
,uselessAssignmentArg ,uselessAssignmentPtrArg
,comparisonOfFuncReturningBoolError
,comparisonOfTwoFuncsReturningBoolError ,comparisonOfBoolWithBoolError
,incrementboolean ,comparisonOfBoolWithInt ,compareBoolExpressionWithInt
,negativeIndex ,pointerOutOfBounds ,arrayIndexThenCheck
,possibleBufferAccessOutOfBounds ,argumentSize
,arrayIndexOutOfBoundsCond ,noConstructor ,copyCtorPointerCopying
,noCopyConstructor ,uninitMemberVar ,operatorEqVarError
,unusedPrivateFunction ,memsetClassFloat ,mallocOnClassWarning
,operatorEq ,thisSubtraction ,operatorEqRetRefThis ,operatorEqToSelf
,useInitializationList ,duplInheritedMember ,assignIfError
,comparisonError ,multiCondition ,mismatchingBitAnd
,oppositeInnerCondition ,incorrectLogicOperator ,redundantCondition
,moduloAlwaysTrueFalse to their CWEs ids.
2016-02-26 23:53:52 +00:00
Daniel Marjamäki
cef6b35bb8
Improve MAXTIME handling
2016-02-11 16:10:52 +01:00
Daniel Marjamäki
5e10e680da
CWE: refactoring. use constants instead of magic numbers.
2016-01-25 20:01:48 +01:00
Roberto Martelloni
5ce69da02d
Mapped 26 errors to their CWEs ID.
2016-01-24 20:53:05 +00:00
Daniel Marjamäki
659cd96b03
Fixed #7209 (False positive: Array index used before limits check reported in sizeof)
2016-01-24 14:06:02 +01:00
Dmitry-Me
afe659cc88
This variable type looks very suspicious
2016-01-18 09:52:35 +03:00
Roberto Martelloni
bb6880919c
CWE mapping
2016-01-15 17:07:14 +01:00
Dmitry-Me
26788a1dc1
Remove repeated code, better variable name
2016-01-15 17:20:40 +03:00
Lauri Nurmi
996c9244d8
Update copyright year to 2007-2016.
2016-01-01 15:34:45 +02:00
Dmitry-Me
5cba4ac602
Omit unneeded deep copy
2015-12-23 10:32:59 +03:00
Dmitry-Me
155ccecf2f
Drop useless braces
2015-12-22 10:31:49 +03:00
PKEuS
32e2fb2f78
Refactorization: Prefer Token::simpleMatch over Token::Match also for non-const patterns.
2015-12-03 13:04:55 +01:00
Daniel Marjamäki
9c3f25603e
CheckBufferOverrun: Remove old checking of strings and use new ValueFlow-based checking instead ( #6973 )
2015-11-30 16:36:52 +01:00
PKEuS
ac17541ca9
Refactorizations:
...
- Fixed a few more MSVC warnings by using correct types
- Store severity as enum instead of string in Settings::Rule
2015-11-28 12:30:21 +01:00
Daniel Marjamäki
6b124a37d8
Cleanup some casts
2015-11-28 10:11:07 +01:00
Daniel Marjamäki
0f9d90d2be
Changed Copyrights. Removed my name.
2015-11-18 20:04:50 +01:00
Daniel Marjamäki
5074c11b53
CheckBufferOverrun: Fixed FP when accessing string that contains '\0'. Refactoring address-of.
2015-11-09 10:30:39 +01:00
Daniel Marjamäki
ef5be435c7
Fixed #7113 (False positive arrayIndexOutOfBounds - using pointer alias with cast)
2015-11-08 17:21:32 +01:00
Daniel Marjamäki
fc564d779e
Fixed #7112 (crash: CheckBufferOverrun::checkGlobalAndLocalVariable (invalid code))
2015-11-08 14:21:12 +01:00
Daniel Marjamäki
48da1d5396
Refactoring CheckBufferOverrun
2015-11-08 12:39:08 +01:00
Daniel Marjamäki
7d6e1974eb
Fixed #7104 (False positive arrayIndexOutOfBounds)
2015-11-08 09:30:23 +01:00
Daniel Marjamäki
35ed902e3f
Try to fix crash when using getMaxValue()
2015-11-07 19:59:48 +01:00
Daniel Marjamäki
32627dc558
try to fix internal errors detected by Travis
2015-11-07 19:47:30 +01:00
Daniel Marjamäki
9c7271a5e9
CheckBufferOverrun: The simplifyKnownVariables() has been reduced, use ValueFlow instead
2015-11-07 18:12:01 +01:00
Daniel Marjamäki
d0ab3aea70
CheckBufferOverrun: Minor fixes for strings
2015-11-07 15:05:56 +01:00
Daniel Marjamäki
be7bca385d
avoid some fixes for noisy signedness warnings
2015-10-11 12:50:46 +02:00
Dmitry-Me
139ead15ef
Merge overlapping patterns
2015-09-01 16:17:17 +03:00
PKEuS
ab8afec3eb
Refactorizations:
...
- Avoid unnecessary loop iterations
- Avoid unnecessary condition checking
- Reduced code duplication in symboldatabase.cpp
2015-08-16 14:23:07 +02:00
PKEuS
4d80df2f4a
Added pointer to Type to Token (similar to Token::Variable() and Token::function()):
...
- Accessible via Token::type()
- Renamed former Token::type() to Token::tokType()
- Removed SymbolDatabase::isClassOrStruct()
2015-08-15 11:19:21 +02:00
Daniel Marjamäki
6790d91fbb
Improve error messages for conditional values. make valueFlowSwitchVariable values conditional that depend on the case. Partial fix for #6884 .
2015-07-29 19:54:57 +02:00
Daniel Marjamäki
c5bbea2994
Fixed #6816 (FP: buffer overflow, checkminsizes of array with string value)
2015-07-27 16:39:41 +02:00
Daniel Marjamäki
fef251ac76
negative array size: fixed noise when array is not vla
2015-07-04 09:42:42 +02:00
amai2012
11538c84f6
Refactoring: Distinguish between C and C++ code
...
Refactoring: Replace CheckNonReentrantFunctions::initNonReentrantFunctions by static initialization
2015-06-29 21:17:15 +02:00
Martin Ettl
b8e08ca5d8
Code cleanup.
2015-06-28 19:27:23 +02:00
Martin Ettl
7ff4d10c43
Astyle formatting, no functional changes.
2015-06-28 19:25:13 +02:00
amai2012
5814c3b84c
Fix some compiler warnings with VS
...
Minor refactoring on Windows SEH code.
2015-06-28 19:20:16 +02:00
Alexander Mai
0b225fa02f
2nd attempt to fix crash in CheckUnusedFunctions::check. CheckBufferOverrun::checkBufferAllocatedWithStrlen: Don't check for 'new' in C code.
2015-06-28 18:34:09 +02:00
Alexander Mai
02a3a01eca
Fix compiler warnings
2015-06-28 18:07:31 +02:00
Alexander Mai
2c73518e29
Fix platform-dependent test result, formatting and crash in whole program analysis
2015-06-28 17:54:48 +02:00
Daniel Marjamäki
0ca410a4d7
Fixed #6668 (False positive bufferAccessOutOfBounds on sprintf() - regression)
2015-06-07 14:01:20 +02:00
Martin Ettl
d5d6d7fbb8
Running astyle, no functional changes.
2015-05-29 20:20:05 +02:00
amai2012
5b347c537b
Fix #6720 and #6721 (Crashes on garbage code)
...
Local fixes to avoid access to NULL-token
2015-05-29 19:30:55 +02:00
PKEuS
3ce4e68ca6
Refactorization: Make use of do-loops to avoid redundant Token::Match() calls
2015-05-13 13:40:40 +02:00
Daniel Marjamäki
baa1ae079d
New check: negative size in array declaration. Ticket #1760
2015-05-03 15:00:47 +02:00
Daniel Marjamäki
88f59ad7e8
Partial fix for #6656 (Allow that CWE is mapped for error message)
2015-04-25 17:48:11 +02:00
Matthias Krüger
42f0955e3f
Move more setting checks out of loops and use const bools instead. Reorder a few related checks.
...
Follow up to eedcb6abcb
.
2015-04-10 14:31:19 +02:00
Dmitry-Me
d735918a8a
Constructor parameter type need not be a number
2015-03-25 14:56:45 +03:00
Dmitry-Me
9398fa810b
Avoid value truncation
2015-03-25 10:39:09 +03:00
Dmitry-Me
c9cdba5865
Remove duplicate check
2015-03-24 15:58:03 +03:00
Dmitry-Me
4fcbe00913
Omit unnecessary operations
2015-03-19 15:14:07 +03:00
Dmitry-Me
2b50e73aa9
Misleading comment
2015-03-14 15:18:29 +03:00
PKEuS
cb4bf73749
Merge pull request #530 from Dmitry-Me/doChecksEarlier
...
Don't run the checks which will be silenced later anyway
2015-02-25 19:22:00 +01:00
Dmitry-Me
938b84903f
Remove redundant casts
2015-02-24 15:15:22 +03:00
Dmitry-Me
24d2b0368f
Don't run the checks which will be silenced later anyway
2015-02-24 10:20:43 +03:00
Dmitry-Me
19d05979ee
Remove C4189 in release builds
2015-02-20 11:00:34 +03:00
Alexander Mai
6a7605271a
Fix compiler warning. Add interfaces of POSIX passwd.h and pwd.h to posix.cfg
2015-02-18 20:56:44 +01:00
Daniel Marjamäki
2d21eb07ba
Cleaned up snprintf hardcoding in CheckBufferOverrun
2015-02-13 06:44:38 +01:00
Daniel Marjamäki
9aad4fa8ca
CheckBufferOverrun: Remove hardcoding for sprintf and rely on cfg configuration instead
2015-02-12 17:29:36 +01:00
Daniel Marjamäki
a24cbc448a
CheckBufferOverrun: loop through all arguments in checkFunctionCall
2015-02-11 16:24:25 +01:00
Daniel Marjamäki
d9deabe2ce
TestBufferOverrun: clean up
2015-02-10 17:29:36 +01:00
PKEuS
18b0e14590
Refactorizations: Fixed a pattern in checkbufferoverrun.cpp, simplified one in checkclass.cpp
2015-01-31 12:32:05 +01:00
PKEuS
b2835051df
Refactorization: Renamed Token::Match pattern %var% to %name%, implement new pattern %var% which is true if varId > 0.
2015-01-31 12:32:04 +01:00
PKEuS
03e44d4aa0
CheckMemoryLeakInFunction: Don't treat delete as delete operator for C code
...
Fixed GCC message in checkbufferoverrun.cpp
2015-01-30 20:55:53 +01:00
PKEuS
98e33a189f
Enhanced CheckBufferOverrun:
...
- Fixed bug in library: manual and existing libraries use "size", but library.cpp reads "sizeof" as podtype attribute
- Fixed a couple of bugs in handling unknown size in checkbufferoverrun.cpp, get size from library if available.
2015-01-30 20:27:48 +01:00
Dmitry-Me
e7bb43fc6b
Cache and reuse token pointer
2015-01-27 10:23:58 +03:00
Thomas Jarosch
fd01cafb1b
Clean up redundant pointer operations
2015-01-17 16:29:50 +01:00
PKEuS
fd2f93bb80
Two small refactorizations:
...
- Avoid leaving and entering again critical section without doing anything
- Use isPointer() in checkbufferoverrun.cpp instead of string comparison
2015-01-10 21:03:21 +01:00
Daniel Marjamäki
2375f1c46d
CheckBufferOverrun: Fix FN when multifile checking is used.
2015-01-08 21:01:22 +01:00
Daniel Marjamäki
6a8293a8b7
Library: More strict matching of functions
2015-01-08 19:31:41 +01:00
Robert Reif
ba1c24ee65
Fixed #6422 (symbol database: put function flags into a single flag variable)
2015-01-08 05:45:31 +01:00
Daniel Marjamäki
6c3b7c1d0e
CheckBufferOverrun: only report warnings when --enable=warning has been used
2015-01-06 15:14:15 +01:00
Daniel Marjamäki
ff11ba9847
Updated copyright year to 2015
2015-01-03 12:14:58 +01:00
Thomas Jarosch
69b31a0743
Fix up extra whitespaces in match patterns
...
Detected by new internal check.
2014-12-30 14:53:43 +01:00
Daniel Marjamäki
208761f0c3
Fixed #6361 (crash: CheckBufferOverrun)
2014-12-28 10:05:08 +01:00
PKEuS
8b59c39c42
Refactorization: Removed whitespaces at the end of Token::Match patterns
2014-12-27 11:09:54 +01:00
Daniel Marjamäki
6194a4eefd
Fixed #6357 (Improve check: pointer arithmetic 'p+x' overrun, conditional x)
2014-12-26 09:12:00 +01:00
Daniel Marjamäki
7ab12cea63
Improved pointer arithmetic message
2014-12-25 14:31:46 +01:00
Daniel Marjamäki
bc594d52c8
Fixed #6349 (Pointer arithmetic: clarify message)
2014-12-25 10:05:55 +01:00
Daniel Marjamäki
7cfa54f0e0
Fixed #6353 (False positive: CheckBufferOverrun checking reassigned array function parameter)
2014-12-24 14:03:52 +01:00
Daniel Marjamäki
90bd38a972
Renamed isCasted to isCast
2014-12-24 10:35:40 +01:00
Daniel Marjamäki
1b2a23b3fe
Fixed #6350 (Tokenizer::simplifyCast: set Token::isCasted when cast is removed)
2014-12-23 16:16:14 +01:00
Daniel Marjamäki
e16a934fb3
CheckBufferOverrun: Added comment in code to clarify why severity is portability for pointerOutOfBounds message.
2014-12-22 15:41:46 +01:00
Daniel Marjamäki
10ae551fef
CheckBufferOverrun: Use portability warning for pointer arithmetic UB. It can be used by intention and usually works as intended.
2014-12-22 10:56:17 +01:00
Daniel Marjamäki
93ac5a41cd
Fixed #6346 (pointer calculation overflow)
2014-12-22 09:38:00 +01:00
Daniel Marjamäki
a95e5bff2b
Fixed #6344 (false positive: out of bounds access when array size is unknown)
2014-12-20 18:50:08 +01:00
Daniel Marjamäki
a1537e1a6e
Fixed #6339 (false negative: array index out of bounds on allocated buffer using valueflow)
2014-12-17 16:23:48 +01:00
Alexander Mai
c2584aa635
#6303 crash in CheckBufferOverrun. Add check on loop variable in CheckBufferOverrun::checkScope().
2014-12-04 20:49:58 +01:00
Daniel Marjamäki
0b9d80c95d
Refactoring CheckUnusedFunctions so it uses new infrastructure for multifile analysis
2014-12-02 06:41:18 +01:00
Dmitry-Me
cf3f8c2f38
Refactoring: Replace names with underscores with camelCase names
2014-12-01 16:22:56 +01:00
Daniel Marjamäki
a002654c47
Reverted refactoring 828417c
for now. It caused a major slowdown in the unused functions checking.
2014-11-24 06:37:08 +01:00
Daniel Marjamäki
828417c934
CheckUnusedFunction: Refactorings to use same infrastructure for whole program analysis as CheckUninitVar and CheckBufferOverrun
2014-11-15 18:44:23 +01:00
Daniel Marjamäki
de7e9223b8
Fixed #6272 (Improve check: multifile checking in checkbufferoverrun)
2014-11-15 10:43:49 +01:00
Frank Zingsheim
71c5d4bd60
Ticket #6232 (cppOut of bounds array access)
...
--HG--
extra : rebase_source : 79ed3533a12a486ea3ed3f09f9bc55b1a4771161
2014-10-21 22:56:53 +02:00
orbitcowboy
f36aaae732
Fixed a typo in a comment. No functional changes.
2014-09-30 14:54:59 +02:00
PKEuS
68b26f8faa
Fixed subsequent false negatives in CheckBufferOverrun::checkInsecureCmdLineArgs() ( #5835 )
2014-09-29 15:38:33 +02:00
Alexander Mai
ccd80e3407
#6141 FP: Unknown type is assumed to have size 0.
2014-09-27 21:51:11 +02:00
Dmitry-Me
7c4b9bed9e
Move declaration, run check earlier
2014-09-16 13:34:16 +04:00
Dmitry-Me
e050fba414
Move declaration closer to where it is used
2014-09-11 11:26:35 +04:00
PKEuS
117e45f8af
Merge pull request #395 from Dmitry-Me/fixBufferOverrun
...
Fix potential buffer overrun
2014-09-06 23:03:02 +02:00
Dmitry-Me
7342a81ea7
Minor refactorings. rename token. cleanup if/else.
2014-09-02 16:10:51 +02:00
PKEuS
7f2be2f57c
Fixed template bracket linkage in while loop simplification
...
Ran AStyle
2014-08-23 12:28:54 +02:00
Daniel Marjamäki
b6355b991f
Fixed #6070 (false positive: Array 'array[8192]' accessed at index 8192, which is out of bounds)
2014-08-19 07:03:00 +02:00
Dmitry-Me
406239dfc7
Fix potential buffer overrun
2014-08-12 17:44:20 +04:00
Daniel Marjamäki
47a2b35e98
BufferOverrun: Use ValueFlow string values more
2014-08-04 08:25:10 +02:00
Daniel Marjamäki
79fc549de0
ValueFlow: start adding valueflow handling of strings and pointer aliases
2014-08-03 20:11:22 +02:00
PKEuS
6d3cb86d2a
Merge pull request #382 from Dmitry-Me/bringDeclarationsCloserToWhereTheyAreNeeded
...
Bring variable declarations closer to where they're first used.
2014-08-02 11:12:34 +02:00
Daniel Marjamäki
f2e3700142
Merge pull request #383 from moshekaplan/patch-1
...
Updated message for strncat usage
2014-08-02 11:10:16 +02:00
Daniel Marjamäki
7237b01979
Fixed Cppcheck warning
2014-08-02 10:07:23 +02:00
Daniel Marjamäki
544a5957e1
Token: Added utility function getStrSize as a complement to getStrLength
2014-08-01 13:12:18 +02:00
Moshe Kaplan
e881495eaf
Updated message for strncat usage
2014-07-31 13:51:29 -04:00
Daniel Marjamäki
5de1e35350
CheckBufferOverrun: Fixed minsize checking of string literals. Check sizeof string instead of strlen.
2014-07-30 20:35:21 +02:00
Dmitry-Me
ee180787eb
Bring variable declarations closer to where they're first used.
2014-07-29 13:59:45 +04:00
Daniel Marjamäki
5ae6234729
Fixed #5978 (false positive: Array 'm_pool_vector[-1]' accessed at index 0, which is out of bounds.)
2014-07-20 11:44:25 +02:00
Dmitry-Me
13234a7366
Shorten code by using temp variables, cleanup variable names.
2014-07-14 12:20:00 +04:00
Alexander Mai
df95cd09f0
Fix compiler warnings about type mismatch
2014-07-08 21:47:22 +02:00
Daniel Marjamäki
254b6438b9
CheckBufferOverrun::checkStringArgument: sizeof string is strlen+1
2014-07-08 16:04:09 +02:00
Daniel Marjamäki
4d0189c672
CheckBufferOverrun: Fixed crash. The crash occured in ThreadHandler in the deserialize() function. Probably because " was used in error message.
2014-07-08 07:08:51 +02:00
amai2012
9b38ae73c1
Attempt to fix 2 Coverity messages.
...
Replace a few unsigned int by std::size_t
2014-07-07 21:25:30 +02:00
Daniel Marjamäki
3169a2d215
astyle formatting
...
[ci skip]
2014-07-06 17:50:21 +02:00
amai2012
0ddd7752b5
Avoid crash reported in #5943 (using the example from duplicate ticket #5971 )
...
Replace a few size_t/unsigned int by std::size_t
2014-07-06 14:48:24 +02:00
amai2012
f1bf38004b
Fix MSVC compiler warnings
2014-07-06 13:08:22 +02:00
Daniel Marjamäki
0fd334911a
Fixed #5257 (Check memcpy size for string literals)
2014-07-06 08:41:39 +02:00
amai2012
77095e2b05
Add some more functions to posix.cfg which allow to enable TestBufferOverrun::buffer_overrun_1_posix_functions
...
Fix some compiler warnings on MSVC
2014-07-05 22:47:10 +02:00
Daniel Marjamäki
a3acc3241e
Library: Added <minsize> element used for buffer overrun checking
2014-07-05 20:31:43 +02:00
Daniel Marjamäki
6c8558c112
CheckBufferOverrun: Removed old for-loop handling. This is handled through ValueFlow from now on.
2014-06-27 06:46:42 +02:00
Daniel Marjamäki
036b2f8ccf
CheckBufferOverrun: Added bufferOverrun2 that is based on ValueFlow/SymbolDatabase/Ast from the start. Replaced some old checking.
2014-06-26 17:36:20 +02:00
PKEuS
ec1bd420a7
Refactorizations optimizing std::string usage:
...
1) Added global static const std::string emptyString; object:
-> Replaces some static variables in functions which might be not threadsafe
-> Avoids constructor call (std::string::string(""))
-> Even functions that return an empty string in some branches can return by reference now.
Added to config.h to ensure that it is available everywhere
2) Added overloads for TestFixture::assertEquals for the most common use cases:
-> Moves conversion from const char[] to std::string into a function, reducing code duplication in binary.
2014-06-26 11:51:02 +02:00
PKEuS
feefa4c626
Speedup checking large amounts of arrays ( #5615 ) by avoiding Token::Match calls in CheckBufferOverrun::checkScope(2).
...
-> Decreased entire checking time on a subset of the attached file by 66% (MSVC12, x64, non-matchcompiled)
2014-06-26 11:51:02 +02:00
PKEuS
2d54bace1b
Improved performance of CheckBufferOverrun::checkScope() ( #5944 ):
...
-> Speedup by 40% (MSVC12, x64, not matchcompiled) on the file attached to the ticket
2014-06-23 19:06:59 +02:00
Dmitry-Me
7692a306cd
Cleanup code - reorder checks and make variable declaration scope narrower.
2014-06-06 18:58:20 +04:00
PKEuS
d93d7401c6
Moved getSourceFilePath(), isC() and isCPP() from Tokenizer to TokenList
...
Conflicts:
lib/tokenize.cpp
2014-06-04 18:36:25 +02:00
Simon Martin
f7356dd8c7
Only fill total_size in CheckBufferOverrun::checkFunctionParameter when it's useful.
2014-05-29 23:51:13 +02:00
Simon Martin
139f87af18
Ticket #5615 : Avoid calling the same function n times when once is enough.
2014-05-29 19:58:09 +02:00
Simon Martin
966491d40b
Added a test for out-of-bounds character array access.
2014-05-27 16:21:13 +02:00
PKEuS
effa38c322
Fixed #5863 (False positive: array index is used before limits check)
2014-05-24 17:50:01 +02:00
PKEuS
8f79dc3ff8
Cleaned up includes and forward declarations in checkers:
...
- Removed definitely unnecessary forward declarations (e.g. "class Token"; token.h is already included by check.h, so a definition is unnecessary)
- Removed unused includes
2014-05-24 12:50:03 +02:00
PKEuS
b0b0562247
Removed obsolete piece of code from checkbufferoverrun.cpp
2014-05-24 11:29:32 +02:00
PKEuS
5fbd58d98d
Fixed messages of CheckInternal, fixed a false positive.
2014-05-18 20:39:52 +02:00
PKEuS
04fbbdb5e8
Refactorized CheckBufferOverrun::arrayIndexThenCheck() and fixed false negative
2014-05-10 13:00:44 +02:00
Daniel Marjamäki
ed1d63ffc0
Fixed #5636 (FP: matrix out of bounds)
2014-05-03 18:12:06 +02:00
Dmitry-Me
a7c7b00407
Reuse variable value, return earlier.
2014-04-24 12:24:40 +04:00
Dmitry-Me
9b74d43473
Rename local variable plus return a bit earlier on edge condition.
2014-04-23 11:18:09 +04:00
Philipp Kloke
ddf34440b6
Refactorization: Replaced several Token::findmatch calls by symboldatabase usage
2014-04-12 23:41:46 +02:00
Alexander Mai
89dc652af9
#5631 Typo and misleading error message in negativeMemoryAllocationSize
2014-04-08 20:23:00 +02:00
Daniel Marjamäki
3c64c70ce2
ValueFlow: Added utility functions getValueLE and getValueGE to simplify usage
2014-04-02 06:49:28 +02:00
Daniel Marjamäki
deef4642d4
Buffer overrun: removed some old code that is not based on valueflow
2014-03-29 20:22:35 +01:00
Daniel Marjamäki
e5301b2b7a
ValueFlow: Improved valueflow of for loop 'for (i=a; i<10; i++)' => unknown start value but end value is known
2014-03-29 20:20:22 +01:00
PKEuS
9b307cf8e0
Improved readability of testsuite output when ASSERT_EQUALS_MSG fails.
...
Fixed another true positive in checkbufferoverrun.cpp
AStyle
2014-03-27 16:06:30 +01:00
Daniel Marjamäki
d22da5e683
astyle formatting
...
[ci skip]
2014-03-26 06:56:13 +01:00
Daniel Marjamäki
fa7ae1ae5b
Fixed segfault when checking libusbx (daca2)
2014-03-26 06:51:56 +01:00
Daniel Marjamäki
87daf5783e
buffer overflow: clean up old checking for negative index
2014-03-25 20:37:32 +01:00
Daniel Marjamäki
c8004a8d31
Buffer overruns: Use ValueFlow to detect negative index
2014-03-25 18:22:22 +01:00
PKEuS
49b25b05d9
Fixed crash in CheckBufferOverrun on garbage code ( #5595 )
2014-03-21 13:20:44 +01:00
Thomas Jarosch
93341f4449
Use simple match where possible
...
Fixes these warnings found by "--enable=internal":
[lib/checkclass.cpp:972]: (warning) Found simple pattern inside Token::Match() call: "* *"
[lib/checkbufferoverrun.cpp:635]: (warning) Found simple pattern inside Token::Match() call: "."
[lib/checkbufferoverrun.cpp:1397]: (warning) Found simple pattern inside Token::Match() call: ";"
[lib/checksizeof.cpp:299]: (warning) Found simple pattern inside Token::Match() call: "."
[lib/checksizeof.cpp:301]: (warning) Found simple pattern inside Token::Match() call: ")"
[lib/checksizeof.cpp:303]: (warning) Found simple pattern inside Token::Match() call: "]"
[lib/checksizeof.cpp:318]: (warning) Found simple pattern inside Token::Match() call: ")"
[lib/checknullpointer.cpp:413]: (warning) Found simple pattern inside Token::Match() call: "delete"
[lib/checkio.cpp:1336]: (warning) Found simple pattern inside Token::Match() call: "> ("
[lib/checkstl.cpp:1509]: (warning) Found simple pattern inside Token::findmatch() call: ";"
[lib/checkstl.cpp:1512]: (warning) Found simple pattern inside Token::findmatch() call: ";"
[lib/checkstl.cpp:1594]: (warning) Found simple pattern inside Token::Match() call: "="
[lib/checkstl.cpp:1598]: (warning) Found simple pattern inside Token::Match() call: "] ="
[lib/checkunusedvar.cpp:755]: (warning) Found simple pattern inside Token::Match() call: "goto"
[lib/checkunusedvar.cpp:793]: (warning) Found simple pattern inside Token::Match() call: "="
[lib/checkuninitvar.cpp:376]: (warning) Found simple pattern inside Token::Match() call: "> ("
[lib/checkother.cpp:86]: (warning) Found simple pattern inside Token::Match() call: "> ("
[lib/checkother.cpp:2181]: (warning) Found simple pattern inside Token::Match() call: "> {"
[lib/valueflow.cpp:54]: (warning) Found simple pattern inside Token::Match() call: "&"
[lib/valueflow.cpp:409]: (warning) Found simple pattern inside Token::Match() call: "do"
[lib/valueflow.cpp:425]: (warning) Found simple pattern inside Token::Match() call: ") {"
[lib/valueflow.cpp:487]: (warning) Found simple pattern inside Token::Match() call: ") {"
[lib/valueflow.cpp:511]: (warning) Found simple pattern inside Token::Match() call: "} else {"
[lib/valueflow.cpp:615]: (warning) Found simple pattern inside Token::Match() call: "for ("
[lib/symboldatabase.cpp:80]: (warning) Found simple pattern inside Token::Match() call: "= {"
[lib/symboldatabase.cpp:1069]: (warning) Found simple pattern inside Token::Match() call: "std ::"
[lib/tokenize.cpp:2207]: (warning) Found simple pattern inside Token::Match() call: "< >"
[lib/tokenize.cpp:2730]: (warning) Found simple pattern inside Token::Match() call: ";"
[lib/tokenize.cpp:4234]: (warning) Found simple pattern inside Token::Match() call: "try {"
[lib/tokenize.cpp:4235]: (warning) Found simple pattern inside Token::Match() call: "} catch ("
[lib/tokenize.cpp:5500]: (warning) Found simple pattern inside Token::Match() call: "INT8"
[lib/tokenize.cpp:5752]: (warning) Found simple pattern inside Token::Match() call: "}"
[lib/tokenize.cpp:5752]: (warning) Found simple pattern inside Token::Match() call: "do"
2014-03-14 16:27:47 +01:00
Daniel Marjamäki
7fa73c0d64
Merge pull request #256 from xypron/5505
...
5505: FP: Array accessed out of bounds
2014-03-09 08:47:18 +01:00
Heinrich Schuchardt
bd67db96f1
5505: FP: Array accessed out of bounds
...
CheckBufferOverrun::checkFunctionParameter alreacy considered usage of a
function parameter inside an if block as a special case.
With the patch the same is done for switch statements.
A test is added.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2014-03-07 19:51:13 +01:00
Daniel Marjamäki
a41a32ba8a
Fixed #5469 (CheckBufferOverrun: Use nullptr)
2014-02-28 17:02:03 +01:00
Lauri Nurmi
70a67eaf85
Change some more 0 literals into nullptr.
2014-02-16 13:38:50 +02:00
Daniel Marjamäki
23efc68dd7
use nullptr
2014-02-16 10:32:10 +01:00
Daniel Marjamäki
fd3a8a2a18
Update copyright
2014-02-15 07:45:39 +01:00
Lucas Manuel Rodriguez
828609bb11
Fixed two doxygen errors - http://cppcheck.sourceforge.net/devinfo/doxygen-errors.txt
2014-02-09 16:46:49 -03:00
Martin Ettl
6ca7daec10
Fixed #389 : Providing negative value to memory allocation function.
2014-02-01 22:38:29 +01:00
Daniel Marjamäki
9aa9530e0d
Fixed #5426 (crash: btrfs-progs cmds-inspect.c)
2014-01-31 06:19:36 +01:00
Daniel Marjamäki
abe8439917
Fixed #5416 (False positive: Array accessed at index, which is out of bounds.)
2014-01-28 16:55:10 +01:00
Daniel Marjamäki
0dbb86f0cb
Cleanup ExecutionPath from CheckBufferOverrun
2014-01-22 21:25:37 +01:00
Daniel Marjamäki
20b73747e0
value flow: refactor. added Token::getMaxValue()
2014-01-21 16:58:23 +01:00
Daniel Marjamäki
77f3f6c21a
valueflow: added setTokenValue that perform calculations using set value
2014-01-18 19:30:44 +01:00
Daniel Marjamäki
3e23e243f6
BufferOverflow: Updated message for out of bounds array index or redundant condition
2014-01-17 19:44:45 +01:00
Daniel Marjamäki
18d6285ad2
BufferOverrun: Improved error message when array index is used before checking that its in limits
2014-01-17 18:56:46 +01:00
Daniel Marjamäki
0b4de97e2b
value flow: Use ValueFlow in CheckBufferOverrun
2014-01-16 19:23:14 +01:00
Daniel Marjamäki
a1b0d190df
Fixed #3688 (false positive: (inconclusive, posix) (warning) The buffer 'cBuffer' is not zero-terminated after the call to readlink().)
2014-01-02 10:46:19 +01:00
Simon Martin
fe75686595
Ticket #5203 : Don't crash when checking buffer overrun for invalid code.
2013-11-30 07:40:32 +01:00
Martin Ettl
3bf415fa2b
checkbufferoverrun: improved constness of local variables. checkbufferoverrun:array_index(): added a bailout if the function is called with tok=NULL and added a NULL pointer check after a dynamic_cast.
2013-11-10 05:05:31 +01:00
Martin Ettl
4eba02d901
Checkbufferoverrun: improved constness of local variables, no functional changes.
2013-11-03 04:48:41 +01:00
PKEuS
c95b153700
Refactorizations:
...
- Removed some redundant operator=, copy-ctor and dtor implementations
- use operator[] instead of at() in library loading code
2013-10-27 13:55:13 +01:00
XhmikosR
93bdf45313
Fix typo in error message.
2013-10-23 09:05:39 +03:00
Daniel Marjamäki
946722faf0
Fixed #4968 (False positive: Structure with 'read' member is confused with read() function.)
2013-10-05 18:25:44 +02:00
Simon Martin
894f537eba
Remove warnings emitted by clang's -Wsign-conversion
2013-09-22 13:22:52 +02:00
Alexander Mai
450442287c
Fixed #4974 (CheckBufferOverrun::writeOutsideBufferSize() too strict)
2013-08-25 18:46:07 +02:00
Daniel Marjamäki
f8f3f0d384
astyle formatting
2013-08-24 07:37:21 +02:00
Daniel Marjamäki
5ce7189bc0
Merge pull request #166 from last5bits/ticket4213
...
Fixing #4213 arrayIndexThenCheck and adding tests
2013-08-23 22:36:30 -07:00
Alexey Zhikhartsev
d24a321ba2
Fixing #4213 arrayIndexThenCheck and adding tests
2013-08-23 19:04:01 +04:00
Daniel Marjamäki
9c67af058a
SymbolDatabase: Renamed Variable::varId() to Variable::declarationId() to make it more clear how it works.
2013-07-20 12:31:04 +02:00
Lucas Manuel Rodriguez
d6be4559cd
Fixed #4840 (false negative: buffer access out of bounds)
2013-06-25 06:37:51 +02:00
Daniel Marjamäki
a861817a01
Fixed #4751 (CheckBufferOverrun: better handling when struct member instance doesn't have same varid as struct member declaration)
2013-05-28 16:52:23 +02:00
Daniel Marjamäki
ea60c5b14b
CheckBufferOverrun: Code cleanup
2013-05-05 08:14:19 +02:00
PKEuS
c487ea843d
Better fix for #4706 : Use Token::nextArgument() properly. Removed redundant ' in message
2013-04-09 08:30:53 -07:00
Ettl Martin
ba8cca8fa9
#4706 fix crash when a struct member is used as first argument. Replaced Token::nexArgument with %any% in Token::Match call. Added unittests in testing Token::nexArgument.
2013-04-04 15:12:18 +02:00
XhmikosR
99fc5f6203
checkbufferoverrun.cpp: fix a /W4 MSVC warning
2013-03-30 19:06:13 +01:00
Ettl Martin
a08083a342
#4664 : using Token::nextArgument() and std::string &
2013-03-20 11:53:25 +01:00
Ettl Martin
ff826d7c62
#4664 : new check: (POSIX) write outside buffer size.
2013-03-19 08:22:48 +01:00
Daniel Marjamäki
fe046a3350
CheckBufferOverrun: Fixed Cppcheck warning 'variable scope can be reduced' (found by travis)
2013-03-14 18:25:28 +01:00
PKEuS
096fa2f771
Fixed #4380
2013-03-14 10:18:48 -07:00
Robert Reif
4b9b87e310
Fixed #4646 (false positive: (style, inconclusive) Technically the member function 'C<T>::operator+=' can be const.)
2013-03-14 06:34:12 +01:00
PKEuS
d78c06dc3f
Replaced _settings->isEnabled("style") by _settings->isEnabled("warning") wherever warnings are issued
2013-03-03 02:41:59 -08:00
PKEuS
f899e6ca30
Changed behaviour of %op% pattern accordingly to changes to Token::isOp(). Added %cop% as replacement for old %op%
2013-03-01 02:43:59 -08:00
PKEuS
27f7917349
Changed severity and message formatting of argumentSize message.
2013-02-16 00:52:27 -08:00
Robert Reif
42588e9729
Fixed #4535 (Simplify checks by caching symbol database Variable pointer in Token)
2013-02-06 06:39:58 +01:00
Robert Reif
94c953931d
Simplify checks by caching symbol database Variable pointer in Token
2013-01-31 20:08:48 +01:00
Robert Reif
ec1c86c152
Symbol database: more function/variable cleanup. Ticket: #4494
2013-01-31 06:41:18 +01:00
Robert Reif
859793731d
SymbolDatabase: Refactor findFunction handling. Ticket: #4494
2013-01-28 06:47:48 +01:00
Andrew C. Martin
4a73c93750
Fix compiler warnings and comment/string typos
...
- fix g++ warning:
> lib/checkother.cpp:3779: warning: comparison between signed and unsigned integer expressions
- fix suncc warning (see [everything2](http://everything2.com/title/C%252B%252B%253A+static+extern+%2522C%2522 )):
> "lib/checkmemoryleak.cpp", line 578: Warning (Anachronism): Formal argument __compar of type extern "C" int(*)(const void*,const void*) in call to bsearch(const void*, const void*, unsigned long, unsigned long, extern "C" int(*)(const void*,const void*)) is being passed int(*)(const void*,const void*).
- prefer empty() / isEmpty() over "size() > 0" (cases not caught by stlSize)
- fix word misspellings (mostly comments, a few output lines)
- Parenthesis => Parentheses (both variations were used in the codebase)
- fix typo and wording ("never alwayw") in gui/test/data/benchmark/simple.cpp's CheckOther::unsignedPositive():
```
- "An unsigned variable will never alwayw be positive so it is either pointless or "
+ "An unsigned variable can't be negative so it is either pointless or "
```
2013-01-16 07:37:07 -07:00
Reijo Tomperi
5d5f7085bf
Updating year 2012 -> 2013 to .cpp and .h files and man page.
2013-01-01 18:29:08 +02:00
Thomas Jarosch
78316f02b6
Fix comment about wrong magic number
2012-12-28 11:31:50 +01:00
Thomas Jarosch
4708be09f5
Fixed #4444 (segmentation fault)
2012-12-28 11:15:18 +01:00
Robert Reif
ce380301fd
Fixed #4432 (Crash on parsing PHP interpreter)
2012-12-26 08:29:10 +01:00
Daniel Marjamäki
7f6a10599b
Fixed #4262 (Small Request/Suggestion for checks on array size of args (bounty offer))
2012-12-22 09:23:34 +01:00
Daniel Marjamäki
365a260ddc
Fixed #4398 (False negative: out of bounds (for loop))
2012-12-22 08:00:05 +01:00
Edoardo Prezioso
5101f3c029
Use the new pattern: '%comp%' where possible.
...
Change also the description comment of the Token::Match by adding the new pattern and the forgotten '%op%'.
2012-12-01 01:31:35 +01:00
Daniel Marjamäki
031adef6ea
Array index checking: Fixed TODO comment (false negatives when using ?:)
2012-11-30 09:01:15 +01:00
Daniel Marjamäki
1c4afbce8c
Cleanup: Removed += and -= patterns from the checks. These should be simplified.
2012-11-30 07:08:16 +01:00
Robert Reif
0f8db28d30
speed up checks by caching commonly looked up stuff in the symbol database (CheckBufferOverrun, CheckBoost)
2012-10-13 11:16:48 +02:00
Daniel Marjamäki
68240fffc6
Fixed #4228 ((error) Internal error. Token::Match called with varid 0 (multiple declarations in for loop))
2012-09-23 17:15:39 +02:00
Daniel Marjamäki
ec01cc811e
Second fix for #4207 (Internal error. Token::Match called with varid 0)
2012-09-23 13:25:28 +02:00
Daniel Marjamäki
a17f37c67d
CheckBufferOverrun: Better handling of functions with variable arguments
2012-09-22 16:19:19 +02:00
PKEuS
508e9394d3
Added some nullpointer-checks and removed some redundant ones based on VS2012 code analysis results.
2012-09-17 15:22:51 +02:00
XhmikosR
6e4e3dfbfb
lib: tabs to spaces, remove trailing spaces and extra empty lines at the end of files
2012-09-17 13:51:23 +02:00
PKEuS
547d3e94b2
Fixed some sign conversion messages from clang.
2012-09-16 16:41:15 +02:00
PKEuS
22a8e3f4e6
Replaced Tokenizer::getFunctionTokenByName() by SymbolDatabase::findFunctionByName(), which handles scopes slightly better.
2012-09-11 18:03:47 +02:00
Daniel Marjamäki
64faa780fe
Fixed #4087 (div by zero check is invalid for floats)
2012-09-11 16:50:42 +02:00
Daniel Marjamäki
6b56b4a9d3
Show that inconclusive message is inconclusive
2012-09-07 16:11:15 +02:00
PKEuS
a4b5824dec
New internal check: checkRedundantNextPrevious().
...
Fixed findings by new internal check
2012-09-07 12:36:40 +02:00
PKEuS
e4a693eaab
Refactorizations:
...
- Fixed several findings of CheckInternal.
- Removed some debug code from CheckOther::checkRedundantAssignment().
2012-09-07 11:59:20 +02:00
PKEuS
8c70778b70
Refactorization: Fixed several messages when self-checking cppcheck
2012-09-04 15:29:51 +02:00
Deepak Gupta
4202866100
Fixed #4096 (Improve check: Buffer overrun in for loop, postfix increment in array access)
2012-09-01 19:17:28 +02:00
Daniel Marjamäki
8afdde0b5e
Fixed #3931 (FP: Buffer access out-of-bounds)
2012-08-12 17:06:54 +02:00
PKEuS
c8773b891d
Refactorization: Make use of Token::scope() replacing certain indentation counters
2012-08-12 03:13:07 -07:00
Edoardo Prezioso
fae40c4782
Change every C version of 'size_t' to C++ 'std::size_t'.
2012-07-09 13:30:18 +02:00
PKEuS
639f15645a
Message refactorization: checkbufferoverrun.cpp (2), checkclass.cpp, checkexceptionsafety.h
2012-07-09 02:11:05 -07:00
PKEuS
ed7e950671
Message refactorization: checkbufferoverrun.cpp
2012-07-08 06:51:24 -07:00
Daniel Marjamäki
848fd59cbd
Fixed #3913 (boundcheck, false positive continue in loop)
2012-07-08 14:34:47 +02:00
Daniel Marjamäki
5de82c1c42
Updated arrayIndexOutOfBounds error message. Thank you Kimmo for the suggestion.
2012-06-23 09:51:32 +02:00
Daniel Marjamäki
4e98cb3ed9
Fixed #3907 (improve check: detect buffer overrun when using && or || in for loop)
2012-06-23 09:23:14 +02:00
Daniel Marjamäki
ac524c56ad
Reviewed handling of unknown types in ExecutionPathBufferOverrun
2012-06-23 08:15:59 +02:00
Daniel Marjamäki
7d59d86ed6
Fixed #3893 (Improve check: Array index out of bounds not detected when down conting)
2012-06-16 17:44:51 +02:00
PKEuS
9dc8123151
Refactorizations:
...
- Use const string references instead of const strings copies when possible
- Fixed cppcheck warning about postfix increment in CheckIO
- Use symbolDatabase to detect pointers in CheckOther::checkAssignBoolToPointer
2012-05-25 03:09:41 -07:00
PKEuS
dc64ac2918
Removed unnecessary variable Function::start - The value is already stored in Function::functionScope->classStart.
2012-05-22 12:58:46 -07:00
Andy Maloney
12c5980c01
Fix compiler warning about initialization order
2012-05-18 13:59:19 -04:00
PKEuS
de79a4c84f
Fixed initialization list usage according to cppcheck results
...
Fixed comments mentioning nonexistent parameters
2012-05-18 07:57:11 -07:00
PKEuS
ec00824fd3
Fixed #3357 :
...
- Print "inconclusive" tag in cli
- Fixed inconclusive handling in checkbufferoverrun.cpp
- Merged reportInconclusiveError into reportError by adding an additional parameter "bool inconclusive" which is false per default
2012-05-06 10:37:41 -07:00
PKEuS
1a5fbd61d2
Splitted class TokenList from Tokenizer
2012-05-05 09:33:26 -07:00
Ettl Martin
bb8342fbb4
fixed misspelled word 'Comparision' --> 'Comparison'
2012-04-26 23:04:55 +02:00
PKEuS
dd5e9aa454
Make use of recently implemented Token::type() functionality
2012-04-25 09:56:07 +02:00
PKEuS
b37cf11d20
Refactorizations:
...
- Increased encapsulation by making some functions private
- Removed redundant function CheckBufferOverrun::ArrayInfo::declare
- Avoided copy of ArrayInfo object
- Removed unnecessary and suspicious "if(sizeof(int) == 4)"
2012-03-27 19:40:39 +02:00
PKEuS
e3b3b7b62f
Refactorizations on buffer overrun check:
...
- Replaced a few indendation counters by smaller and faster code
- Make use of safer nextArgument() function instead of some local implementations
- Replaced some simple patterns by direct function calls
- Made a strncpy/strncat search pattern more generic
- Replaced offset variable by incrementation of Token* to avoid subsequent calls to tokAt
- Increased data encapsulation in header
2012-03-17 21:55:08 +01:00
Daniel Marjamäki
4f3878eb1e
Fixed #3569 (false negative: buffer access out of bounds)
2012-03-13 21:30:03 +01:00
Daniel Marjamäki
a9480ca0c1
CheckBufferOverrun: move condition before loop
2012-03-13 21:19:10 +01:00
PKEuS
1747813a8b
Added check for invalid pointer casts ( #1255 )
...
Detect sign extension problems when variable is a reference (#3637 )
Refactorizations:
- Tokenizer::getFiles returns a reference instead of a pointer, because its guaranteed that no nullpointer is returned
- Remove signed/unsigned in one step for "%type% signed|unsigned"
- Fixed recently introduced compiler warning in symboldatabase.cpp
2012-02-26 11:56:32 +01:00
PKEuS
5c2af0b2e3
- initialising std::string with 0 in initialisation list is partially detected in nullpointer check ( #3520 )
...
- executionpath checking makes use of symboldatabase
- CheckExceptionSafety::checkRethrowCopy makes use of symboldatabase
2012-01-26 16:50:59 +01:00
Reijo Tomperi
194327048a
Add InternalError and change MathLib to throw it in case of an error.
...
- Previously MathLib errors did not provide a filename, but after this change at least source file name should be printed
and if token is provided, also line number should be printed.
- Change also Token to use InternalError
- Modify Cppcheck-class to catch InternalError instead of Token
- Run dmake to update Makefile
2012-01-08 22:19:44 +02:00