void CheckFunctions::invalidFunctionArgError(const Token *tok, const std::string &functionName, int argnr, const ValueFlow::Value *invalidValue, const std::string &validstr)
{
std::ostringstream errmsg;
if (invalidValue && invalidValue->condition)
errmsg << ValueFlow::eitherTheConditionIsRedundant(invalidValue->condition)
<< " or " << functionName << "() argument nr " << argnr
<< " can have invalid value.";
else
errmsg << "Invalid " << functionName << "() argument nr " << argnr << '.';
if (invalidValue)
errmsg << " The value is " << invalidValue->intvalue << " but the valid values are '" << validstr << "'.";
else
errmsg << " The value is 0 or 1 (boolean) but the valid values are '" << validstr << "'.";
if (invalidValue)
reportError(getErrorPath(tok, invalidValue, "Invalid argument"),
invalidValue->errorSeverity() ? Severity::error : Severity::warning,
"invalidFunctionArg",
errmsg.str(),
CWE628,
invalidValue->isInconclusive());
else
reportError(tok,
Severity::error,
"invalidFunctionArg",
errmsg.str(),
CWE628,
false);
}
void CheckNullPointer::redundantConditionWarning(const Token* tok, const ValueFlow::Value *value, const Token *condition, bool inconclusive)
{
std::string arithmetic = arithmeticTypeString(tok);
std::string errmsg;
if (tok && tok->str()[0] == '-') {
errmsg = ValueFlow::eitherTheConditionIsRedundant(condition) + " or there is overflow in pointer " + arithmetic + ".";
} else {
errmsg = ValueFlow::eitherTheConditionIsRedundant(condition) + " or there is pointer arithmetic with NULL pointer.";
}
const ErrorPath errorPath = getErrorPath(tok, value, "Null pointer " + arithmetic);
reportError(errorPath,
Severity::warning,
"nullPointerArithmeticRedundantCheck",
errmsg,
CWE682,
inconclusive);
}
void CheckNullPointer::pointerArithmeticError(const Token* tok, const ValueFlow::Value *value, bool inconclusive)
{
std::string arithmetic = arithmeticTypeString(tok);
std::string errmsg;
if (tok && tok->str()[0] == '-') {
errmsg = "Overflow in pointer arithmetic, NULL pointer is subtracted.";
} else {
errmsg = "Pointer " + arithmetic + " with NULL pointer.";
}
const ErrorPath errorPath = getErrorPath(tok, value, "Null pointer " + arithmetic);
reportError(errorPath,
Severity::error,
"nullPointerArithmetic",
errmsg,
CWE682,
inconclusive);
}
void CheckNullPointer::nullPointerError(const Token *tok, const std::string &varname, const ValueFlow::Value *value, bool inconclusive)
{
const std::string errmsgcond("$symbol:" + varname + '\n' + ValueFlow::eitherTheConditionIsRedundant(value ? value->condition : nullptr) + " or there is possible null pointer dereference: $symbol.");
const std::string errmsgdefarg("$symbol:" + varname + "\nPossible null pointer dereference if the default parameter value is used: $symbol");
if (!tok) {
reportError(tok, Severity::error, "nullPointer", "Null pointer dereference", CWE476, false);
reportError(tok, Severity::warning, "nullPointerDefaultArg", errmsgdefarg, CWE476, false);
reportError(tok, Severity::warning, "nullPointerRedundantCheck", errmsgcond, CWE476, false);
return;
}
if (!value) {
reportError(tok, Severity::error, "nullPointer", "Null pointer dereference", CWE476, inconclusive);
return;
}
if (!mSettings->isEnabled(value, inconclusive))
return;
const ErrorPath errorPath = getErrorPath(tok, value, "Null pointer dereference");
if (value->condition) {
reportError(errorPath, Severity::warning, "nullPointerRedundantCheck", errmsgcond, CWE476, inconclusive || value->isInconclusive());
} else if (value->defaultArg) {
reportError(errorPath, Severity::warning, "nullPointerDefaultArg", errmsgdefarg, CWE476, inconclusive || value->isInconclusive());
} else {
std::string errmsg;
errmsg = std::string(value->isKnown() ? "Null" : "Possible null") + " pointer dereference";
if (!varname.empty())
errmsg = "$symbol:" + varname + '\n' + errmsg + ": $symbol";
reportError(errorPath,
value->isKnown() ? Severity::error : Severity::warning,
"nullPointer",
errmsg,
CWE476, inconclusive || value->isInconclusive());
}
}
