make it more simpler, remove generic for xml, update tests

Author: Nettozx

lib/errorlogger.cpp

@@ -225,39 +225,32 @@ static std::string makeGeneric(const std::string &message)
 {
     std::string result = message;
 
-    // Handle format string patterns first (these are complex and specific)
-    result = std::regex_replace(
-        result,
-        std::regex(
-            R"(%[a-zA-Z0-9]+ in format string \(no\. \d+\) requires '[^']*' but the argument type is '[^']*'\.)"),
-        "Format specifier in format string requires different argument type than provided.");
-    result = std::regex_replace(
-        result,
-        std::regex(R"(%[a-zA-Z0-9]+ in format string \(no\. N\) requires '[^']*' but the argument type is '[^']*'\.)"),
-        "Format specifier in format string requires different argument type than provided.");
+    // Handle format string patterns first (before general single-quoted replacement)
+    result = std::regex_replace(result, std::regex(R"(%[a-zA-Z0-9]+)"), "format specifier");
 
-    // Handle specific pointer casting patterns
-    // Handle multi-word types like "unsigned char", "const float", etc.
+    // Handle specific casting patterns
     result = std::regex_replace(
         result,
         std::regex(
-            R"(Casting between (?:(?:const|unsigned|signed)\s+)*[a-zA-Z_][a-zA-Z0-9_]*\s*\*\s*and (?:(?:const|unsigned|signed)\s+)*[a-zA-Z_][a-zA-Z0-9_]*\s*\*\s*which have)"),
+            R"(Casting between (?:(?:const\s+|unsigned\s+|signed\s+)*[a-zA-Z_][a-zA-Z0-9_]*\s*\*+\s*and\s*(?:const\s+|unsigned\s+|signed\s+)*[a-zA-Z_][a-zA-Z0-9_]*\s*\*+) which have)"),
         "Casting between incompatible pointer types which have");
 
-    // Handle iterator condition patterns - be specific about the pattern
+    // Handle specific pointer type patterns (after casting patterns)
     result = std::regex_replace(
-        result,
-        std::regex(
-            R"(Either the condition '[^']*' is redundant or there is possible dereference of an invalid iterator: [^\.]*\.)"),
-        "Either the condition is redundant or there is possible dereference of an invalid iterator.");
+        result, std::regex(R"(\b(?:const\s+|unsigned\s+|signed\s+)*[a-zA-Z_][a-zA-Z0-9_]*\s*\*+)"), "pointer type");
+
+    // Handle specific patterns that need special treatment
+    // Iterator condition patterns
     result = std::regex_replace(
         result,
         std::regex(
-            R"(Either the condition '[^']*' is redundant or there is possible dereference of an invalid iterator\.)"),
+            R"(Either the condition '[^']*' is redundant or there is possible dereference of an invalid iterator[^.]*\.)"),
         "Either the condition is redundant or there is possible dereference of an invalid iterator.");
 
-    // Handle patterns that can result in empty quotes first
-    // Replace "Variable 'name'" -> "Variable" (avoiding empty quotes)
+    // Access moved variable patterns
+    result = std::regex_replace(result, std::regex(R"(Access of moved variable '[^']*')"), "Access of moved variable");
+
+    // Variable/function/parameter patterns (before general replacement)
     result = std::regex_replace(result, std::regex(R"(Variable '[^']*')"), "Variable");
     result = std::regex_replace(result, std::regex(R"(variable '[^']*')"), "variable");
     result = std::regex_replace(result, std::regex(R"(Function '[^']*')"), "Function");
@@ -267,54 +260,25 @@ static std::string makeGeneric(const std::string &message)
     result = std::regex_replace(result, std::regex(R"(Member variable '[^']*')"), "Member variable");
     result = std::regex_replace(result, std::regex(R"(member variable '[^']*')"), "member variable");
 
-    // Handle patterns like "Memory pointed to by 'var'" -> "Memory pointed to by variable"
-    result = std::regex_replace(result, std::regex(R"(Memory pointed to by '[^']*')"), "Memory pointed to by variable");
-    result = std::regex_replace(result, std::regex(R"(Dereferencing '[^']*')"), "Dereferencing variable");
-    result = std::regex_replace(
-        result, std::regex(R"(assignment of '[^']*' to itself)"), "assignment of variable to itself");
-    result = std::regex_replace(result,
-                                std::regex(R"(Redundant assignment of '[^']*' to itself)"),
-                                "Redundant assignment of variable to itself");
-
-    // Handle function return patterns
-    result = std::regex_replace(
-        result, std::regex(R"(Function '[^']*' should return member '[^']*' by)"), "Function should return member by");
-    result = std::regex_replace(
-        result, std::regex(R"(Function should return member '[^']*' by)"), "Function should return member by");
-
-    // Handle class::member patterns
-    result = std::regex_replace(result, std::regex(R"('[^:]*::[^']*')"), "'ClassName::member'");
+    // Replace double-quoted strings with generic placeholder
+    result = std::regex_replace(result, std::regex(R"("(?:[^"\\]|\\.)*")"), "\"string\"");
 
-    // Handle array patterns - be more specific to avoid overly generic results
-    result = std::regex_replace(result, std::regex(R"(Array '[^']*\[.*?\]')"), "Array 'array[index]'");
-    result = std::regex_replace(result, std::regex(R"('[a-zA-Z_][a-zA-Z0-9_]*\[.*?\]')"), "'array[index]'");
+    // Replace all remaining single-quoted identifiers with generic placeholder
+    result = std::regex_replace(result, std::regex(R"('[^']*')"), "'identifier'");
 
-    // Replace specific numbers with generic terms
+    // Replace all numbers with generic placeholder
     result = std::regex_replace(result, std::regex(R"(\b\d+\b)"), "N");
 
     // Replace array access patterns
     result = std::regex_replace(result, std::regex(R"(\[[^\]]+\])"), "[index]");
 
-    // Replace remaining single-quoted identifiers, but be careful about empty results
-    result = std::regex_replace(result, std::regex(R"('[a-zA-Z_][a-zA-Z0-9_]*')"), "'identifier'");
-
-    // Clean up redundant patterns
+    // Clean up patterns that may have resulted in redundant text
     result = std::regex_replace(result, std::regex(R"(Variable 'identifier')"), "Variable");
     result = std::regex_replace(result, std::regex(R"(Function 'identifier')"), "Function");
     result = std::regex_replace(result, std::regex(R"(Parameter 'identifier')"), "Parameter");
     result = std::regex_replace(result, std::regex(R"(Member variable 'identifier')"), "Member variable");
 
-    // Clean up empty quotes that may have been created by replacements
-    result = std::regex_replace(result, std::regex(R"(\s*''\s*)"), " ");
-    result = std::regex_replace(result, std::regex(R"(^''\s*)"), "");
-    result = std::regex_replace(result, std::regex(R"(\s*''$)"), "");
-    result = std::regex_replace(result, std::regex(R"(\s+'')"), "");
-    result = std::regex_replace(result, std::regex(R"(''\s+)"), "");
-    result = std::regex_replace(result, std::regex(R"('')"), "");
-
     // Clean up trailing colons that don't reference anything
-    // Examples: "Null pointer dereference:" -> "Null pointer dereference"
-    //           "Memory leak:" -> "Memory leak"
     result = std::regex_replace(result, std::regex(R"(:\s*$)"), "");
 
     // Clean up multiple spaces
@@ -616,8 +580,9 @@ std::string ErrorMessage::toXML() const
         printer.PushAttribute("classification", classification.c_str());
     printer.PushAttribute("msg", fixInvalidChars(mShortMessage).c_str());
     printer.PushAttribute("verbose", fixInvalidChars(mVerboseMessage).c_str());
-    if (!mGenericMessage.empty())
-        printer.PushAttribute("generic", fixInvalidChars(mGenericMessage).c_str());
+    // TODO: Generic message was added for SARIF output format, consider whether to include in XML
+    // if (!mGenericMessage.empty())
+    //     printer.PushAttribute("generic", fixInvalidChars(mGenericMessage).c_str());
     if (cwe.id)
         printer.PushAttribute("cwe", cwe.id);
     if (hash)

test/testerrorlogger.cpp

@@ -508,6 +508,7 @@ class TestErrorLogger : public TestFixture {
                       "17 Programming error"
                       "17 Programming error"
                       "0 "
+                      "17 Programming error"
                       "0 ", msg_str);
 
         ErrorMessage msg2;
@@ -550,9 +551,11 @@ class TestErrorLogger : public TestFixture {
                                "1 0"
                                "0 "
                                "8 test.cpp"
+                               "1 0"
                                "17 Programming error"
                                "17 Programming error"
                                "0 "
+                               "17 Programming error"
                                "0 ";
             ErrorMessage msg;
             ASSERT_THROW_INTERNAL_EQUALS(msg.deserialize(str), INTERNAL, "Internal Error: Deserialization of error message failed - invalid CWE ID - not an integer");
@@ -563,12 +566,13 @@ class TestErrorLogger : public TestFixture {
                                "5 error"
                                "1 0"
                                "7 invalid" // hash
-                               "1 0"
                                "0 "
                                "8 test.cpp"
+                               "1 0"
                                "17 Programming error"
                                "17 Programming error"
                                "0 "
+                               "17 Programming error"
                                "0 ";
             ErrorMessage msg;
             ASSERT_THROW_INTERNAL_EQUALS(msg.deserialize(str), INTERNAL, "Internal Error: Deserialization of error message failed - invalid hash - not an integer");
@@ -606,6 +610,7 @@ class TestErrorLogger : public TestFixture {
                       "33 Illegal character in \"foo\\001bar\""
                       "33 Illegal character in \"foo\\001bar\""
                       "0 "
+                      "29 Illegal character in \"string\""
                       "0 ", msg_str);
 
         ErrorMessage msg2;
@@ -634,6 +639,7 @@ class TestErrorLogger : public TestFixture {
                       "17 Programming error"
                       "17 Programming error"
                       "0 "
+                      "17 Programming error"
                       "1 "
                       "27 654\t33\t[]:;,()\t:/,;\tabcd:/,", msg_str);
 

test/testsarif.cpp

@@ -249,7 +249,7 @@ int main() {
         TEST_CASE(sarifCweTags);
         TEST_CASE(sarifRuleCoverage);
         TEST_CASE(sarifSeverityLevels);
-        TEST_CASE(sarifNonSecurityRules);
+        TEST_CASE(sarifSecurityRules);
         TEST_CASE(sarifInvalidScanfArgTypeGeneric);
         TEST_CASE(sarifPassedByValueGeneric);
         TEST_CASE(sarifUninitMemberVarGeneric);
@@ -895,7 +895,7 @@ int main() {
         }
     }
 
-    void sarifNonSecurityRules()
+    void sarifSecurityRules()
     {
         const std::string sarif = runCppcheckSarif(testCode);