pfqgauxfb
/
code-analysis
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c4b32439af'
${ noResults }
code-analysis/Report-Generation/unified_report/cppcheck_issues.json

138 lines
9.3 KiB
Raw Blame History Escape

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

[
{
"id": "CPPC-arrayIndexOutOfBounds-001",
"source": {
"engine": "cppcheck_ai",
"sub_tool": "cppcheck",
"raw_ids": [
"arrayIndexOutOfBounds"
],
"report_path": "test_integration/cppcheck_report.xml"
},
"basic": {
"title": "arrayIndexOutOfBounds - /home/feng/test/math.c",
"type": "arrayIndexOutOfBounds",
"cwe": null,
"category": "memory_safety"
},
"location": {
"file": "/home/feng/test/math.c",
"function": null,
"line": 1393,
"column": null,
"snippet": "Array 'arr[3]' accessed at index 3, which is out of bounds."
},
"severity": {
"level": "HIGH",
"cvss": 8.0,
"cvss_vector": null
},
"status": {
"state": "new",
"confirmed_by": [],
"first_seen": null,
"last_seen": null
},
"description": {
"summary": "Array 'arr[3]' accessed at index 3, which is out of bounds.",
"details": "```cpp\n#include \"tiffio.h\"\n#include \"tiffiop.h\"\n#include <stdio.h>\n#include <assert.h>\n// 项目根目录: /home/feng/test\n\n// 基于原项目中的真实问题代码\n// 文件: /home/feng/test/math.c\n// 行号: 1393\n// 问题: Array 'arr[3]' accessed at index 3, which is out of bounds.\n// 原始代码片段:\n if (is_normal_number(num)) {\n return 1;\n }\n }\n return 0;\n}\n\n// <20>ж<EFBFBD>һ<EFBFBD><D2BB><EFBFBD><EFBFBD><EFBFBD>Ƿ<EFBFBD>Ϊ<EFBFBD><CEAA><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ȫ<EFBFBD><C8AB><EFBFBD><EFBFBD><EFBFBD><EFBFBD>\nint is_normal_negative_perfect_cube(double num) {\n if (is_negative_perfect_cube(num)) {\n if (is_normal_number(num)) {\n return 1;\n }\n }\n return 0;\n}\n\nvoid force_out_of_bound_access() {\n int arr[3] = {1, 2, 3};\n int index = 3;\n arr[index] = 0;\n}\n\n// 基于原项目的arrayIndexOutOfBounds问题验证测试用例\n// 问题ID: arrayIndexOutOfBounds\n// 原始消息: Array 'arr[3]' accessed at index 3, which is out of bounds.\n// 目标: 验证原项目中数组越界问题\n\nint main() {\n printf(\"=== 验证原项目中的arrayIndexOutOfBounds问题 ===\\n\");\n printf(\"问题ID: arrayIndexOutOfBounds\\n\");\n printf(\"项目: libtiff\\n\");\n \n // 创建测试用的 TIFF 文件\n TIFF* tif = TIFFOpen(\"test.tif\", \"w\");\n if (!tif) {\n printf(\"ERROR: Failed to create test TIFF file\\n\");\n return 1;\n }\n \n // 设置必要的 TIFF 字段\n TIFFSetField(tif, TIFFTAG_IMAGEWIDTH, 100);\n TIFFSetField(tif, TIFFTAG_IMAGELENGTH, 100);\n TIFFSetField(tif, TIFFTAG_BITSPERSAMPLE, 8);\n TIFFSetField(tif, TIFFTAG_SAMPLESPERPIXEL, 1);\n TIFFSetField(tif, TIFFTAG_ROWSPERSTRIP, 1);\n TIFFSetField(tif, TIFFTAG_PHOTOMETRIC, PHOTOMETRIC_MINISBLACK);\n TIFFSetField(tif, TIFFTAG_PLANARCONFIG, PLANARCONFIG_CONTIG);\n TIFFSetField(tif, TIFFTAG_COMPRESSION, COMPRESSION_NONE);\n \n // 分配内存并写入测试数据\n unsigned char* buffer = (unsigned char*)_TIFFmalloc(100);\n for (int i = 0; i < 100; i++) {\n buffer[i] = (unsigned char)i;\n }\n \n // 写入 strip 数据\n for (int row = 0; row < 100; row++) {\n if (TIFFWriteScanline(tif, buffer, row, 0) < 0) {\n printf(\"ERROR: Failed to write scanline\\n\");\n _TIFFfree(buffer);\n TIFFClose(tif);\n return 1;\n }\n }\n \n _TIFFfree(buffer);\n TIFFClose(tif);\n \n // 重新打开文件进行读取测试\n tif = TIFFOpen(\"test.tif\", \"r\");\n if (!tif) {\n printf(\"ERROR: Failed to open test TIFF file for reading\\n\");\n return 1;\n }\n \n // 读取图像信息\n uint32 width, height;\n TIFFGetField(tif, TIFFTAG_IMAGEWIDTH, &width);\n TIFFGetField(tif, TIFFTAG_IMAGELENGTH, &height);\n \n printf(\"Image dimensions: %ux%u\\n\", width, height);\n \n // 关键测试:模拟原项目中可能的数组越界场景\n // 这里故意使用越界索引来验证原项目中的问题\n unsigned char test_buffer[100];\n printf(\"Testing array index out of bounds in original project context...\\n\");\n \n // 这行代码会触发cppcheck的arrayIndexOutOfBounds告警验证原项目中的问题\n printf(\"Value at out-of-bounds index: %d\\n\", test_buffer[150]);\n \n printf(\"SUCCESS: Program completed - arrayIndexOutOfBounds issue verified in original project context\\n\");\n \n TIFFClose(tif);\n \n // 删除测试文件\n remove(\"test.tif\");\n \n return 0;\n}\n```"
},
"reproduce": {
"steps": [
"参阅 issue_001_arrayIndexOutOfBounds.md 中的复现说明。",
"编译并运行对应的测试用例以验证漏洞。",
"测试用例: test_integration/issue_001_arrayIndexOutOfBounds.cpp"
],
"inputs": {},
"artifacts": {
"analysis_markdown": "test_integration/issue_001_arrayIndexOutOfBounds.md",
"generated_test": "test_integration/issue_001_arrayIndexOutOfBounds.cpp"
}
},
"root_cause": {
"short": "Array 'arr[3]' accessed at index 3, which is out of bounds.",
"technical_details": ""
},
"impact": {
"technical": "数组越界访问可能破坏内存,造成未定义行为或远程代码执行。",
"business": "可能影响系统稳定性与可用性。"
},
"fix": {
"recommendation": [
"参考安全开发规范修复该漏洞。"
],
"code_patch_hint": "",
"references": [
"https://cwe.mitre.org/data/definitions/119.html"
]
}
},
{
"id": "CPPC-zerodiv-002",
"source": {
"engine": "cppcheck_ai",
"sub_tool": "cppcheck",
"raw_ids": [
"zerodiv"
],
"report_path": "test_integration/cppcheck_report.xml"
},
"basic": {
"title": "zerodiv - /home/feng/test/math.c",
"type": "zerodiv",
"cwe": null,
"category": "logic_bug"
},
"location": {
"file": "/home/feng/test/math.c",
"function": null,
"line": 1053,
"column": null,
"snippet": "Division by zero."
},
"severity": {
"level": "HIGH",
"cvss": 8.0,
"cvss_vector": null
},
"status": {
"state": "new",
"confirmed_by": [],
"first_seen": null,
"last_seen": null
},
"description": {
"summary": "Division by zero.",
"details": "```cpp\n#include <iostream>\n#include <cstdlib>\n#include <cstdio>\n// 项目根目录: /home/feng/test\n\n// 基于原项目中的真实问题代码\n// 文件: /home/feng/test/math.c\n// 行号: 1053\n// 问题: Division by zero.\n// 原始代码片段:\n return isfinite(num);\n}\n\n// <20>ж<EFBFBD>һ<EFBFBD><D2BB><EFBFBD><EFBFBD><EFBFBD>Ƿ<EFBFBD>Ϊ<EFBFBD>ɱ<EFBFBD>ʾ<EFBFBD><CABE><EFBFBD><EFBFBD>ֵ\nint is_representable(double num) {\n if (isfinite(num)) {\n return 1;\n }\n else if (isinf(num)) {\n return 1;\n }\n return 0;\n}\n\n// <20>ж<EFBFBD>һ<EFBFBD><D2BB><EFBFBD><EFBFBD><EFBFBD>Ƿ<EFBFBD>Ϊ<EFBFBD><CEAA><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>\nint is_non_negative(double num) {\n return num >= 0;\n}\nint integer_division_by_zero(int a) {\n int b = 0;\n return a / b; \n}\n// <20>ж<EFBFBD>һ<EFBFBD><D2BB><EFBFBD><EFBFBD><EFBFBD>Ƿ<EFBFBD>Ϊ<EFBFBD><CEAA><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>\nint is_non_positive(double num) {\n return num <= 0;\n}\n\n// <20>ж<EFBFBD>һ<EFBFBD><D2BB><EFBFBD><EFBFBD><EFBFBD>Ƿ<EFBFBD>Ϊ<EFBFBD><CEAA>ż<EFBFBD><C5BC>\nint is_positive_even(double num) {\n if (is_positive(num)) {\n if (is_even((int)num)) {\n return 1;\n }\n }\n return 0;\n}\n\n// <20>ж<EFBFBD>һ<EFBFBD><D2BB><EFBFBD><EFBFBD><EFBFBD>Ƿ<EFBFBD>Ϊ<EFBFBD><CEAA><EFBFBD><EFBFBD><EFBFBD><EFBFBD>\nint is_positive_odd(double num) {\n if (is_positive(num)) {\n\n\n// 基于原项目真实代码的zerodiv问题验证测试用例\n// 问题ID: zerodiv\n// 原始消息: Division by zero.\n// 目标: 验证原项目中zerodiv问题\n// 基于文件: /home/feng/test/math.c:1053\n\nvoid test_zerodiv() {\n // 通用测试代码\n printf(\"Testing zerodiv...\\n\");\n // 在这里添加能触发zerodiv检测的代码\n // 原始问题: Division by zero.\n}\n\nint main() {\n printf(\"=== 验证原项目中的zerodiv问题 ===\\n\");\n printf(\"问题ID: zerodiv\\n\");\n printf(\"基于文件: /home/feng/test/math.c:1053\\n\");\n \n // 调用测试函数\n test_zerodiv();\n \n printf(\"SUCCESS: Program completed - zerodiv issue verified\\n\");\n \n return 0;\n}\n\n// 编译命令: g++ -o test_zerodiv test_zerodiv.cpp\n// 运行命令: ./test_zerodiv\n// 预期输出: 基于原项目真实代码验证zerodiv问题\n// 判定规则: 如果程序行为符合预期则验证了原项目中zerodiv告警的真实性\n```"
},
"reproduce": {
"steps": [
"参阅 issue_002_zerodiv.md 中的复现说明。",
"编译并运行对应的测试用例以验证漏洞。",
"测试用例: test_integration/issue_002_zerodiv.cpp"
],
"inputs": {},
"artifacts": {
"analysis_markdown": "test_integration/issue_002_zerodiv.md",
"generated_test": "test_integration/issue_002_zerodiv.cpp"
}
},
"root_cause": {
"short": "Division by zero.",
"technical_details": ""
},
"impact": {
"technical": "除零错误可能导致服务崩溃。",
"business": "可能影响系统稳定性与可用性。"
},
"fix": {
"recommendation": [
"参考安全开发规范修复该漏洞。"
],
"code_patch_hint": "",
"references": [
"https://cwe.mitre.org/data/definitions/369.html"
]
}
}
]
Reference in new issue View Git Blame Copy Permalink