Dmitry-Me
5869f6d989
Fix FN for std::intmax_t passed as %ld, %lld into scanf
2017-11-20 23:07:37 +03:00
Dmitry-Me
7cf21f329a
Fix FN for size_t, uintmax_t passed as %lx and %llx into printf
2017-11-20 22:56:33 +03:00
Dmitry-Me
f0a7365f35
Fix FN for ptrdiff_t passed as %Ix into printf
2017-11-20 22:51:10 +03:00
Dmitry-Me
eb4bb893b3
Fix FP for std::intmax_t passed as %jd into scanf
2017-11-20 22:31:13 +03:00
Dmitry-Me
c4b6db7e23
Fix FP for std::uintmax_t passed as %ju and %jx into scanf
2017-11-20 22:13:20 +03:00
Dmitry-Me
cf05b722a9
Fix FN for intmax_t passed as %jx into printf
2017-11-18 00:00:02 +03:00
Dmitry-Me
73414ee56c
Fix FN for std::uintmax_t passed as %Lu and %Lx into scanf
2017-11-17 23:58:09 +03:00
Dmitry-Me
167258a6bf
Fix FNs when various types are passed as %tu into printf
2017-11-15 22:40:16 +03:00
Dmitry-Me
4fc0a7998e
Remove duplicate error reporting function
2017-11-14 21:46:17 +03:00
Dmitry-Me
916acfc133
Reuse duplicated code for "x" and "u" scanf specifiers
2017-11-09 16:35:09 +03:00
Dmitry-Me
56ba48d705
Unify code handling "x" and "u" scanf specifiers
2017-11-09 16:25:56 +03:00
Dmitry-Me
94dd63f196
Fix FN for std::uintmax_t passed as %lx, %lu scanf read targets
2017-11-09 15:38:48 +03:00
Dmitry-Me
b301b44897
Fix FN for unsigned ptrdiff_t passed as %lu into scanf
2017-11-09 14:43:09 +03:00
Dmitry-Me
78be821431
Fix FN for std::uintmax_t passed as %llx, %llu scanf read targets
2017-11-09 11:28:07 +03:00
Dmitry-Me
74c778c5f0
Fix FN when unsigned ptrdiff_t is passed as %llu into scanf
2017-11-09 00:26:07 +03:00
Dmitry-Me
703d86992d
Fix FN when size_t, uintmax_t are passed as %Lx into scanf
2017-11-08 23:52:49 +03:00
Dmitry-Me
89b83b2d16
Fix FN for unsigned ptrdiff_t passed as %Ix into scanf
2017-11-08 15:06:51 +03:00
Dmitry-Me
970aee9ce1
Fix FN for ptrdiff_t passed as %zd into scanf
2017-11-08 14:22:03 +03:00
Dmitry-Me
aff993115f
Remove duplicate check
2017-11-08 00:53:18 +03:00
Dmitry-Me
4c186d2455
Remove dead code - %llf specifier doesn't exist
2017-11-07 22:57:44 +03:00
Dmitry-Me
06fd390b3f
Remove duplicate checks
2017-11-07 22:14:29 +03:00
Oleksandr Redko
a8700f5622
Remove redundant parts of conditional expressions ( #988 )
...
All issues were found with PVS-Studio:
V560 A part of conditional expression is always true: tok. astutils.cpp 407
V560 A part of conditional expression is always true: size > 0. checkbufferoverrun.cpp 709
V547 Expression 'secondTrue' is always true. checkcondition.cpp 1013
V547 Expression 'firstTrue' is always true. checkcondition.cpp 1020
V560 A part of conditional expression is always true: !scan. checkio.cpp 1036
V560 A part of conditional expression is always true: scope->function. checknullpointer.cpp 395
V560 A part of conditional expression is always true: tok2. checkstl.cpp 268
V560 A part of conditional expression is always true: par. tokenize.cpp 9440
V547 Expression '!erased' is always true. symboldatabase.cpp 3990
2017-11-03 10:39:57 +01:00
Dmitry-Me
fe5dd55723
Wrong reporting function was being called
2017-10-27 22:21:18 +03:00
Dmitry-Me
f653b36b87
Fix actual type reported for unsigned ptrdiff_t passed into scanf
2017-10-26 23:47:11 +03:00
Dmitry-Me
65b2755098
Extract common check and run it first
2017-10-26 23:42:38 +03:00
Dmitry-Me
a38854451f
Warn for signed values passed as scanf targets with "x" conversion
2017-10-25 21:22:17 +03:00
Dmitry-Me
eaa12db761
scanf with %zd expects ssize_t, not ptrdiff_t
2017-10-24 22:01:23 +03:00
Dmitry-Me
9c0e6986da
Passing string literals into printf as %p is fine
2017-10-08 11:14:10 +03:00
Dmitry-Me
4601e40615
Simplify code for finding string format token
2017-10-02 18:03:55 +03:00
Dmitry-Me
9fdfada4b5
Compute value earlier and reuse it
2017-09-28 23:41:29 +03:00
Dmitry-Me
7308901add
Omit duplicate and opposite checks
2017-09-28 17:59:55 +03:00
Ayaz Salikhov
b8cd7dbb5c
Use nullptr instead of 0 or NULL ( #936 )
2017-08-09 20:00:26 +02:00
orbitcowboy
0e575ce12c
Modernize: make use of 'nullptr' and added a rule-file for finding non-nullptr (zero) initializations.
2017-07-28 15:20:43 +02:00
Ayaz Salikhov
28aa939d69
iwyu - include what you use
2017-05-27 04:33:47 +02:00
PKEuS
b1f4bd7504
Refactorization: Reimplemented Settings::_enabled as a bitfeld instead of std::set ( #7995 )
2017-04-11 11:49:26 +02:00
Daniel Marjamäki
633ed23c0d
Fix Cppcheck warnings about mismatching function argument names
2017-04-01 09:31:27 +02:00
PKEuS
3c8f5b85ae
Refactorization: Allocate Token::_values (ValueFlow information) dynamically, reducing size of each token by around 10%
2017-03-27 18:48:34 +02:00
Daniel Marjamäki
ecc59859e1
Don't simplify _Bool in TokenList
2017-03-04 11:13:28 +01:00
Daniel Marjamäki
9dc219f1ba
CheckIO: Use ValueType more
2017-03-01 22:33:31 +01:00
Matthias Krüger
35e7697474
switch some functions from const to static, as cppcheck suggests.
2017-02-27 13:51:33 +01:00
Daniel Marjamäki
26fc7abfac
Fixed #7837 (Field dereference triggers format string type warning)
2017-02-25 18:22:14 +01:00
PKEuS
2f6350a0d0
Refactorized Library
2016-12-06 14:09:28 +01:00
Matthias Krüger
b3ace258ab
there is no need to have "if(tok && Token::Match(tok,..." since Token::Match checks "tok" by itselfs already.
2016-11-26 17:22:30 +01:00
Daniel Marjamäki
4732667488
ValueFlow: allow more value types
2016-11-13 22:33:39 +01:00
orbitcowboy
919f8ac323
Fixed typos. There are no real changes.
2016-11-04 15:01:05 +01:00
Daniel Marjamäki
6b55acd7af
CheckIO: Changed severity for '.. aka' warnings to portability. If type is compatible then it's just a possible portability issue.
2016-09-11 17:05:01 +02:00
orbitcowboy
87409ea6b3
Running astyle; Improved testing of std::find; std.cfg: Added support for istream::read and ifstream::read.
2016-08-25 19:17:07 +02:00
amai2012
ece478979b
Merge pull request #821 from boos/cwe-mapping-11
...
CWE mapping of invalidLengthModifierError, leakUnsafeArgAlloc, nullPointerDefaultArg, nullPointerRedundantCheck, raceAfterInterlockedDecrement.
2016-08-24 20:44:06 +02:00
Roberto Martelloni
01ee9ee5e6
CWE mapping of invalidLengthModifierError, leakUnsafeArgAlloc, nullPointerDefaultArg, nullPointerRedundantCheck, raceAfterInterlockedDecrement.
2016-08-24 15:37:14 +01:00
Robert Reif
6043a27065
Fixed #7710 (%h and %hh printf type size specifiers not supported)
2016-08-24 12:47:11 +02:00
Roberto Martelloni
4c6f4f6708
CWE mapping of functionConst, functionStatic, initializerList, badBitmaskCheck, knownConditionTrueFalse, invalidTestForOverflow, unhandledExceptionSpecification, coutCerrMisusage,
...
invalidPrintfArgType_int
2016-08-23 16:48:36 +01:00
Daniel Marjamäki
789aef7fde
Fixed #4920 (Microsoft ATL/MFC CString::Format argument checking)
2016-08-19 17:36:27 +02:00
Daniel Marjamäki
f2e49b4db4
Fixed #7178 (Defect: False positive due to mistake in return type of function pointer.)
2016-08-14 17:19:14 +02:00
PKEuS
da34883770
Improved message invalidscanf: Removed misleading example from verbose message
2016-08-01 18:42:27 +02:00
Daniel Marjamäki
1c51fbce7a
astyle formatting
...
[ci skip]
2016-08-01 13:01:01 +02:00
Daniel Marjamäki
8d89eefff9
Merge pull request #815 from boos/cwe-mapping-8
...
CWE mapping of invalidscanf, invalidScanfArgType_s, invalidScanfArgType_int, invalidScanfArgType_float, invalidPrintfArgType_s, invalidPrintfArgType_n, invalidPrintfArgType_p, invalidPrintfArgType_int, invalidPrintfArgType_uint, invalidPrintfArgType_sint, invalidPrintfArgType_float, wrongPrintfScanfParameterPositionError
2016-07-31 14:14:48 +02:00
Roberto Martelloni
9ab4057ddc
CWE mapping of invalidscanf, invalidScanfArgType_s, invalidScanfArgType_int, invalidScanfArgType_float, invalidPrintfArgType_s, invalidPrintfArgType_n, invalidPrintfArgType_p, invalidPrintfArgType_int, invalidPrintfArgType_uint, invalidPrintfArgType_sint, invalidPrintfArgType_float, wrongPrintfScanfParameterPositionError
2016-07-31 10:49:36 +01:00
Robert Reif
768c26805c
Fixed false positive: %Ld in format string (no. 1) requires 'long long' but the argument type is 'long long' ( #7601 ).
2016-07-16 10:33:46 +02:00
Simon Martin
12a298b9cd
Ticket #7445 : Properly represent integer types smaller than int in CheckIO::ArgumentInfo.
2016-05-28 15:36:13 +02:00
PKEuS
373ac52480
Mention exact function name in invalidscanf message ( #5649 )
2016-05-26 21:11:33 +02:00
PKEuS
851c6e0ed5
Improved buffer overflow checking for scanf: %c with a width ( #3494 )
2016-05-22 14:00:26 +02:00
Daniel Marjamäki
dc2a92263a
Fixed #7426 (RFC: time to replace simplifyEnum?)
2016-04-22 06:02:54 +02:00
Daniel Marjamäki
00a584d8d1
astyle formatting
2016-04-22 06:01:34 +02:00
Roberto Martelloni
e89cd1b8a4
CWE mapping of unsafeClassCanLeak, zerodivcond, invalidPointerCast, redundantCopy, redundantAssignment, comparisonFunctionIsAlwaysTrueOrFalse, checkCastIntToCharAndBack, cstyleCast, passedByValue, clarifyCondition, exceptThrowInDestructor, exceptDeallocThrow, exceptRethrowCopy, catchExceptionByValue, fflushOnInputStream, seekOnAppendedFile, publicAllocationError
...
CWE mapping of unsafeClassCanLeak, zerodivcond, invalidPointerCast, redundantCopy, redundantAssignment, comparisonFunctionIsAlwaysTrueOrFalse, checkCastIntToCharAndBack, cstyleCast, passedByValue, clarifyCondition, exceptThrowInDestructor, exceptDeallocThrow, exceptRethrowCopy, catchExceptionByValue, fflushOnInputStream, seekOnAppendedFile, publicAllocationError
2016-04-12 19:29:40 +02:00
PKEuS
6d0c2f7253
Fixed false positive useClosedFile when noreturn function is called ( #7359 )
2016-01-31 10:39:35 +01:00
Daniel Marjamäki
5e10e680da
CWE: refactoring. use constants instead of magic numbers.
2016-01-25 20:01:48 +01:00
Roberto Martelloni
5ce69da02d
Mapped 26 errors to their CWEs ID.
2016-01-24 20:53:05 +00:00
Robert Reif
966d078dcc
CheckIO: Fix FN when using '%x' as format specifier for a 'signed int' variable
2016-01-15 09:29:29 +01:00
Lauri Nurmi
996c9244d8
Update copyright year to 2007-2016.
2016-01-01 15:34:45 +02:00
PKEuS
940d569980
Refactorization: Removed redundant %any% patterns.
2015-12-24 14:40:48 +01:00
PKEuS
8f22e4924c
Updated AStyle to version 2.05.1
...
Tweaked runastyle.bat a little bit.
2015-12-17 15:53:13 +01:00
Alexander Mai
f762affea0
Small refactoring: replace NULL by nullptr, remove redundant static keyword, Tokenizer::setVarId() uses const variable 'notstart'
2015-11-30 22:13:49 +01:00
PKEuS
e8522c7883
Small refactorizations:
...
- #include cleanup
- Use std::array instead of std::vector
- Do not create a stringstream to concatenate 4 strings
- Use std::cout instead of printf
2015-11-29 10:56:44 +01:00
Daniel Marjamäki
0f9d90d2be
Changed Copyrights. Removed my name.
2015-11-18 20:04:50 +01:00
PKEuS
eefea507b9
Use ValueFlow in CheckIO::checkWrongPrintfScanfArguments() ( #6563 )
2015-11-06 09:52:22 +01:00
PKEuS
3971f8625f
Fixed false positive seekOnAppendedFile if FILE* is reused ( #6566 )
2015-10-13 15:32:13 +02:00
Daniel Marjamäki
2c7c6b3e38
CheckIO: Try to use ValueType more
2015-10-11 17:35:54 +02:00
Daniel Marjamäki
37d9a95ef1
CheckIO: Refactoring. Split out CheckIO::checkFormatString() from CheckIO::checkWrongPrintfScanfArguments().
2015-10-10 20:08:15 +02:00
Daniel Marjamäki
6d256b01b6
CheckIO: Use ValueType::Type::LONGDOUBLE type also
2015-10-08 19:52:24 +02:00
Daniel Marjamäki
a500f6f703
Improved handling of 'long double' and address-of in ValueType. Removed Tokenizer::simplifyFloatCasts() to handle float casts better.
2015-10-08 19:50:10 +02:00
Daniel Marjamäki
be72b7413a
ValueType: Handling of originalTypeName
2015-10-07 20:24:17 +02:00
Daniel Marjamäki
604a9acb48
ValueType: Handling constness
2015-10-07 19:08:26 +02:00
Daniel Marjamäki
b77203a277
CheckIO: Handle AST pointer type better
2015-10-05 19:59:15 +02:00
Daniel Marjamäki
b9036c2ca8
AST types: Fix for 'long long' handling
2015-10-05 19:20:42 +02:00
Daniel Marjamäki
bc8f1b972e
CheckIO: Early return
2015-10-05 19:04:29 +02:00
Daniel Marjamäki
8f6bd7fd0d
Fixed #7014 (False positive for printf("%c", "hello"[0]))
2015-10-05 10:12:30 +02:00
Dmitry-Me
aa60358458
Temp variables, better names
2015-09-15 15:34:12 +03:00
PKEuS
ee4a5843bb
Some small refactorizations
2015-08-15 19:46:31 +02:00
PKEuS
4d80df2f4a
Added pointer to Type to Token (similar to Token::Variable() and Token::function()):
...
- Accessible via Token::type()
- Renamed former Token::type() to Token::tokType()
- Removed SymbolDatabase::isClassOrStruct()
2015-08-15 11:19:21 +02:00
PKEuS
b0bf69bae7
Fixed false positive #6763 and reordered conditions
...
Ran AStyle
2015-08-14 12:50:45 +02:00
Daniel Marjamäki
e578988832
invalidScanf: removed the checking for 'scanf crash with huge input data for old glibc'. new systems are not vulnerable to this bug anymore.
2015-08-14 08:03:46 +02:00
Dmitry-Me
d81776b8c8
Avoid deep copying std::string
2015-08-07 17:16:41 +03:00
PKEuS
a0890ecd2c
Fixed false positive: Do not print useClosedFile on arrays ( #6823 )
2015-07-20 22:40:19 +02:00
Alexander Mai
b3c7a3f798
Fix more (potential) multi-threading issues
2015-06-20 22:26:51 +02:00
Alexander Mai
eebb5b8c77
Fix some compiler warnings in checkio.cpp. Fix some (potential) multi-threading issues in checkinternal.cpp
2015-06-17 21:25:15 +02:00
orbitcowboy
06e818f89d
Running astyle, no functional change.
2015-06-17 09:09:23 +02:00
amai2012
33d7631ee3
Fix another Borlad-specific test by setting Windows platform type
...
Refactoring: make CheckIO::ArgumentInfo aware of language (C vs. C++) to perform some optimizations
2015-06-16 23:11:34 +02:00
Alexander Mai
d704e97203
Fix (potential) multi-threading issues by moving static local vars (non-POD-type) to file scope
2015-06-10 21:14:17 +02:00
Alexander Mai
f0bc300198
#6510 False positive performance warning for std::list::size(). Fix this and other similar false positives. Refactoring of Variable::isStlType(), use fail-safe std::set instead of plain array. Run astyle
2015-05-17 20:02:41 +02:00
Daniel Marjamäki
88f59ad7e8
Partial fix for #6656 (Allow that CWE is mapped for error message)
2015-04-25 17:48:11 +02:00