|
Cppcheck
|
#include "bughuntingchecks.h"#include "astutils.h"#include "errorlogger.h"#include "errortypes.h"#include "library.h"#include "mathlib.h"#include "settings.h"#include "symboldatabase.h"#include "token.h"#include "utils.h"#include "valueflow.h"#include <algorithm>#include <cstring>#include <list>#include <map>#include <memory>#include <string>#include <utility>Go to the source code of this file.
Functions | |
| static float | getKnownFloatValue (const Token *tok, float def) |
| static bool | isLessThan (ExprEngine::DataBase *dataBase, ExprEngine::ValuePtr lhs, ExprEngine::ValuePtr rhs) |
| static void | arrayIndex (const Token *tok, const ExprEngine::Value &value, ExprEngine::DataBase *dataBase) |
| static void | bufferOverflow (const Token *tok, const ExprEngine::Value &value, ExprEngine::DataBase *dataBase) |
| static void | divByZero (const Token *tok, const ExprEngine::Value &value, ExprEngine::DataBase *dataBase) |
| static bool | isVariableAssigned (const Variable *var, const Token *tok, const Token *scopeStart=nullptr) |
| check if variable is unconditionally assigned More... | |
| static void | uninit (const Token *tok, const ExprEngine::Value &value, ExprEngine::DataBase *dataBase) |
| static void | checkFunctionCall (const Token *tok, const ExprEngine::Value &value, ExprEngine::DataBase *dataBase) |
| static void | checkAssignment (const Token *tok, const ExprEngine::Value &value, ExprEngine::DataBase *dataBase) |
| void | addBughuntingChecks (std::vector< ExprEngine::Callback > *callbacks) |
Variables | |
| static const CWE | CWE_BUFFER_UNDERRUN (786U) |
| static const CWE | CWE_BUFFER_OVERRUN (788U) |
| void addBughuntingChecks | ( | std::vector< ExprEngine::Callback > * | callbacks | ) |
Definition at line 706 of file bughuntingchecks.cpp.
References arrayIndex(), bufferOverflow(), checkAssignment(), checkFunctionCall(), divByZero(), and uninit().
Referenced by ExprEngine::runChecks().
|
static |
Definition at line 58 of file bughuntingchecks.cpp.
References Token::astOperand1(), Token::astParent(), bailout, ExprEngine::BailoutValue, CWE_BUFFER_OVERRUN, CWE_BUFFER_UNDERRUN, Token::expressionString(), ExprEngine::Value::isGreaterThan(), ExprEngine::Value::isLessThan(), ExprEngine::DataBase::reportError(), ValueType::sign, Token::simpleMatch(), ExprEngine::Value::type, Token::valueType(), and Token::variable().
Referenced by addBughuntingChecks().
|
static |
Definition at line 101 of file bughuntingchecks.cpp.
References Library::ArgumentChecks::MinSize::arg, Library::Function::argumentChecks, Library::ArgumentChecks::MinSize::ARGVALUE, ExprEngine::FunctionCallArgumentValues::argValues, bailout, ExprEngine::BailoutValue, CWE, Library::Function::formatstr, ExprEngine::FunctionCallArgumentValues, getArguments(), Library::getFunction(), getOrdinalText(), Token::getStrLength(), isLessThan(), Settings::library, Token::Match(), Library::ArgumentChecks::minsizes, Token::previous(), ExprEngine::DataBase::reportError(), ExprEngine::DataBase::settings, Token::simpleMatch(), str(), Token::str(), Library::ArgumentChecks::MinSize::STRLEN, ExprEngine::Value::type, and Library::ArgumentChecks::MinSize::type.
Referenced by addBughuntingChecks().
|
static |
Definition at line 651 of file bughuntingchecks.cpp.
References Token::astOperand2(), Token::astParent(), CWE_INCORRECT_CALCULATION(), Token::getCppcheckAttribute(), ExprEngine::Value::isGreaterThan(), ExprEngine::Value::isLessThan(), ExprEngine::DataBase::reportError(), ExprEngine::DataBase::settings, Token::simpleMatch(), str(), MathLib::toLongNumber(), Token::variable(), and Settings::variableContracts.
Referenced by addBughuntingChecks().
|
static |
Definition at line 544 of file bughuntingchecks.cpp.
References ExprEngine::ArrayValue, Token::astOperand1(), Token::astParent(), CWE, CWE_USE_OF_UNINITIALIZED_VARIABLE(), Library::InvalidArgValue::eq, Library::InvalidArgValue::ge, getArguments(), Token::getCppcheckAttribute(), Library::getInvalidArgValues(), Token::getKnownIntValue(), getOrdinalText(), Library::InvalidArgValue::gt, Token::hasKnownIntValue(), ExprEngine::Value::isEqual(), ExprEngine::Value::isGreaterThan(), ExprEngine::Value::isLessThan(), Library::isnullargbad(), Library::isuninitargbad(), Library::InvalidArgValue::le, Settings::library, Library::InvalidArgValue::lt, Token::Match(), Variable::nameToken(), Library::InvalidArgValue::range, ExprEngine::ArrayValue::read(), ExprEngine::DataBase::reportError(), ExprEngine::DataBase::settings, Token::simpleMatch(), Token::str(), MathLib::toLongNumber(), ExprEngine::Value::type, and Library::validarg().
Referenced by addBughuntingChecks().
|
static |
Definition at line 207 of file bughuntingchecks.cpp.
References Token::astParent(), bailout, ExprEngine::BailoutValue, Settings::clang, CWE, getKnownFloatValue(), Token::getKnownIntValue(), Token::hasKnownIntValue(), ExprEngine::Value::isEqual(), ValueType::isFloat(), Token::isImpossibleIntValue(), ExprEngine::Value::isUninit(), Token::previous(), ExprEngine::DataBase::reportError(), ExprEngine::DataBase::settings, Token::simpleMatch(), ExprEngine::Value::type, and Token::valueType().
Referenced by addBughuntingChecks().
|
static |
Definition at line 44 of file bughuntingchecks.cpp.
References ValueFlow::Value::FLOAT, and Token::values().
Referenced by divByZero().
|
static |
Definition at line 53 of file bughuntingchecks.cpp.
References ExprEngine::BinOpResult::isTrue().
Referenced by bufferOverflow().
|
static |
check if variable is unconditionally assigned
Definition at line 286 of file bughuntingchecks.cpp.
References Variable::declarationId(), Token::link(), Token::Match(), Variable::nameToken(), op1_and_op2, precedes(), Token::previous(), Token::simpleMatch(), Token::tokAt(), and visitAstNodes().
Referenced by uninit().
|
static |
Definition at line 324 of file bughuntingchecks.cpp.
References Token::astOperand1(), Token::astOperand2(), Token::astParent(), ExprEngine::BailoutValue, Settings::certainty, ValueType::container, CWE_USE_OF_UNINITIALIZED_VARIABLE(), Token::expressionString(), Type::False, Token::findmatch(), Library::getFunction(), Token::hasKnownValue(), Certainty::inconclusive, Variable::isArgument(), Variable::isArray(), ExprEngine::DataBase::isC(), Variable::isConst(), SimpleEnableGroup< T >::isEnabled(), Variable::isInit(), Variable::isLocal(), Variable::isPointer(), Variable::isReference(), Variable::isStatic(), ExprEngine::Value::isUninit(), isVariableAssigned(), Settings::library, Token::Match(), Variable::nameToken(), Token::next(), Token::originalName(), ValueType::pointer, Token::previous(), ExprEngine::DataBase::reportError(), ExprEngine::DataBase::settings, Token::simpleMatch(), Token::str(), ExprEngine::Value::type, Token::valueType(), Token::variable(), and Token::varId().
Referenced by addBughuntingChecks().
|
static |
Referenced by arrayIndex().
|
static |
Referenced by arrayIndex().
1.9.1