|
1 # ################################################################# |
|
2 # Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies). |
|
3 # All rights reserved. |
|
4 # |
|
5 # Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: |
|
6 # |
|
7 # * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. |
|
8 # * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. |
|
9 # * Neither the name of Nokia Corporation nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. |
|
10 # |
|
11 # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, |
|
12 # THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS |
|
13 # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
|
14 # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
|
15 # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.# |
|
16 # |
|
17 # accessArrayElementWithoutCheck.py |
|
18 # |
|
19 # Checks : Array element accessed by At() function without checking |
|
20 # index is within array range. |
|
21 # |
|
22 # Reason : Whenever an element in an array is accessed, the index |
|
23 # should be checked to ensure that it is less than array.Count(). |
|
24 # CodeScanner checks for explicit calls to a Count() function; so |
|
25 # if the array index is checked in a different way, it gives |
|
26 # false positives. Accessing an invalid index can cause a panic. |
|
27 # |
|
28 # ################################################################# |
|
29 |
|
30 script = CScript("accessArrayElementWithoutCheck") |
|
31 script.iReString = r""" |
|
32 (->|\.) # pointer/instance of array |
|
33 \s* # optional whitespace |
|
34 At |
|
35 \s* # optional whitespace |
|
36 \( # opening bracket |
|
37 """ |
|
38 script.iFileExts = ["cpp"] |
|
39 script.iCategory = KCategoryCodeReviewGuides |
|
40 script.iIgnore = KIgnoreCommentsAndQuotes |
|
41 script.iSeverity = KSeverityLow |
|
42 |
|
43 accessArrayCountFn = re.compile(""" |
|
44 (\.|->) |
|
45 \s* |
|
46 Count |
|
47 \s* |
|
48 \( |
|
49 \s* |
|
50 \) |
|
51 """, re.VERBOSE) |
|
52 |
|
53 accessArrayDeclaration = re.compile(""" |
|
54 \w+ # array type |
|
55 [0-9<>*& ]* # optional array element |
|
56 \w+ # array name |
|
57 \s* |
|
58 \[ |
|
59 .* # array size |
|
60 \] |
|
61 \s* |
|
62 ; |
|
63 """, re.VERBOSE) |
|
64 |
|
65 def isTimerObject(lines, currentline, varname): |
|
66 if (varname.lower().find("array") <> -1) or (varname.lower().find("list") <> -1): |
|
67 return False |
|
68 if (varname.lower().find("heartbeat") <> -1): |
|
69 return True |
|
70 if (varname.lower().find("periodic") <> -1): |
|
71 return True |
|
72 if (varname.lower().find("timer") <> -1): |
|
73 return True |
|
74 |
|
75 vartype = GetLocalVariableType(lines, currentline, varname) |
|
76 if (len(vartype) > 0): |
|
77 if (vartype.lower().find("array") <> -1) or (vartype.lower().find("list") <> -1): |
|
78 return False |
|
79 if (vartype.lower().find("heartbeat") <> -1): |
|
80 return True |
|
81 if (vartype.lower().find("periodic") <> -1): |
|
82 return True |
|
83 if (vartype.lower().find("timer") <> -1): |
|
84 return True |
|
85 |
|
86 return False |
|
87 |
|
88 def arrayAccessCompare(lines, currentline, rematch, filename): |
|
89 line = lines[currentline] |
|
90 m = rematch.search(line) |
|
91 |
|
92 if m: |
|
93 if (line.count("At") == 1): |
|
94 openBracketPos = line.find("At") |
|
95 else: |
|
96 openBracketPos = line.find("At(") |
|
97 cutLine = line[openBracketPos+1:] |
|
98 closeBracketPos = cutLine.find(")") + len(line) - len(cutLine) |
|
99 if (closeBracketPos > openBracketPos) and (openBracketPos >= 0): |
|
100 variable = line[openBracketPos+3:closeBracketPos] |
|
101 variable = TrimVariableName(variable) |
|
102 |
|
103 if (len(variable) == 0): |
|
104 return 0 |
|
105 |
|
106 # if a constant index assume it's going to be ok! |
|
107 if (variable[0] == "E") or (variable[0] == "K"): |
|
108 return 0 |
|
109 |
|
110 variableIsNumeric = 1 |
|
111 varPos = 0 |
|
112 while (varPos < len(variable)): |
|
113 if (variable[varPos] < '0') or (variable[varPos] > '9'): |
|
114 variableIsNumeric = 0 |
|
115 break |
|
116 varPos = varPos + 1 |
|
117 |
|
118 linePos = openBracketPos - 1 |
|
119 while (linePos > 0) and (isNonAlpha(line[linePos])): |
|
120 linePos = linePos - 1 |
|
121 arrayNameEnd = linePos + 1 |
|
122 while (linePos >= 0) and (isNonAlpha(line[linePos]) == 0): |
|
123 linePos = linePos - 1 |
|
124 arrayNameStart = linePos + 1 |
|
125 |
|
126 arrayName = "" |
|
127 if (arrayNameStart >= 0): |
|
128 arrayName = line[arrayNameStart:arrayNameEnd] |
|
129 arrayName = TrimVariableName(arrayName) |
|
130 |
|
131 if (len(arrayName) > 0): |
|
132 # if a constant array assume it's going to be ok! |
|
133 if (arrayName[0] == "E") or (arrayName[0] == "K"): |
|
134 return 0 |
|
135 |
|
136 # ignore any heartbeat/periodic/timer object that is not an array or list |
|
137 if isTimerObject(lines, currentline, arrayName): |
|
138 return 0 |
|
139 |
|
140 if (variableIsNumeric): |
|
141 if (len(arrayName) > 2): |
|
142 if (arrayName[0] == "i") and (arrayName[1] >= 'A') and (arrayName[1] <= 'Z'): |
|
143 return 0 |
|
144 |
|
145 i = currentline |
|
146 |
|
147 while (i >= 0) and (i >= scanner.iCurrentMethodStart): |
|
148 line = lines[i] |
|
149 |
|
150 # check to see if index is compared to array size |
|
151 if (len(arrayName) > 0): |
|
152 arrayNamePos = line.find(arrayName) |
|
153 if (arrayNamePos >= 0): |
|
154 cutLine = line[arrayNamePos + len(arrayName):] |
|
155 if (accessArrayCountFn.search(cutLine)): |
|
156 return 0 |
|
157 |
|
158 if (variableIsNumeric == 1): |
|
159 if (accessArrayDeclaration.search(line)): |
|
160 openBracketPos = line.find("[") |
|
161 cutLine = line[openBracketPos:] |
|
162 closeBracketPos = cutLine.find("]") + len(line) - len(cutLine) |
|
163 if (closeBracketPos > openBracketPos) and (openBracketPos >= 0): |
|
164 declVariable = line[openBracketPos:closeBracketPos] |
|
165 declVariable = TrimVariableName(declVariable) |
|
166 if (len(declVariable) > 0): |
|
167 # if a constant index assume it's going to be ok! |
|
168 if (declVariable[0] == "E") or (declVariable[0] == "K"): |
|
169 return 0 |
|
170 |
|
171 declVariableIsNumeric = 1 |
|
172 varPos = 0 |
|
173 while (varPos < len(declVariable)): |
|
174 if (declVariable[varPos] < '0') or (declVariable[varPos] > '9'): |
|
175 declVariableIsNumeric = 0 |
|
176 break |
|
177 varPos = varPos + 1 |
|
178 if (declVariableIsNumeric == 1): |
|
179 if (int(variable) < int(declVariable)): |
|
180 return 0 |
|
181 |
|
182 i = i - 1 |
|
183 return 1 |
|
184 |
|
185 return 0 |
|
186 |
|
187 script.iCompare = arrayAccessCompare |
|
188 scanner.AddScript(script) |