diff options
Diffstat (limited to 'clang-tools-extra/clang-tidy/cert')
16 files changed, 23 insertions, 766 deletions
diff --git a/clang-tools-extra/clang-tidy/cert/CERTTidyModule.cpp b/clang-tools-extra/clang-tidy/cert/CERTTidyModule.cpp index fa1eb4a..16d4be98 100644 --- a/clang-tools-extra/clang-tidy/cert/CERTTidyModule.cpp +++ b/clang-tools-extra/clang-tidy/cert/CERTTidyModule.cpp @@ -11,13 +11,19 @@ #include "../ClangTidyModuleRegistry.h" #include "../bugprone/BadSignalToKillThreadCheck.h" #include "../bugprone/CommandProcessorCheck.h" +#include "../bugprone/CopyConstructorMutatesArgumentCheck.h" +#include "../bugprone/DefaultOperatorNewOnOveralignedTypeCheck.h" +#include "../bugprone/ExceptionCopyConstructorThrowsCheck.h" +#include "../bugprone/FloatLoopCounterCheck.h" #include "../bugprone/PointerArithmeticOnPolymorphicObjectCheck.h" +#include "../bugprone/RandomGeneratorSeedCheck.h" #include "../bugprone/RawMemoryCallOnNonTrivialTypeCheck.h" #include "../bugprone/ReservedIdentifierCheck.h" #include "../bugprone/SignalHandlerCheck.h" #include "../bugprone/SignedCharMisuseCheck.h" #include "../bugprone/SizeofExpressionCheck.h" #include "../bugprone/SpuriouslyWakeUpFunctionsCheck.h" +#include "../bugprone/StdNamespaceModificationCheck.h" #include "../bugprone/SuspiciousMemoryComparisonCheck.h" #include "../bugprone/ThrowingStaticInitializationCheck.h" #include "../bugprone/UncheckedStringToNumberConversionCheck.h" @@ -27,7 +33,8 @@ #include "../concurrency/ThreadCanceltypeAsynchronousCheck.h" #include "../google/UnnamedNamespaceInHeaderCheck.h" #include "../misc/NewDeleteOverloadsCheck.h" -#include "../misc/NonCopyableObjects.h" +#include "../misc/NonCopyableObjectsCheck.h" +#include "../misc/PredictableRandCheck.h" #include "../misc/StaticAssertCheck.h" #include "../misc/ThrowByValueCatchByReferenceCheck.h" #include "../modernize/AvoidSetjmpLongjmpCheck.h" @@ -35,13 +42,6 @@ #include "../performance/MoveConstructorInitCheck.h" #include "../readability/EnumInitialValueCheck.h" #include "../readability/UppercaseLiteralSuffixCheck.h" -#include "DefaultOperatorNewAlignmentCheck.h" -#include "DontModifyStdNamespaceCheck.h" -#include "FloatLoopCounter.h" -#include "LimitedRandomnessCheck.h" -#include "MutatingCopyCheck.h" -#include "ProperlySeededRandomGeneratorCheck.h" -#include "ThrownExceptionTypeCheck.h" namespace { @@ -251,7 +251,8 @@ public: "cert-dcl51-cpp"); CheckFactories.registerCheck<misc::NewDeleteOverloadsCheck>( "cert-dcl54-cpp"); - CheckFactories.registerCheck<DontModifyStdNamespaceCheck>("cert-dcl58-cpp"); + CheckFactories.registerCheck<bugprone::StdNamespaceModificationCheck>( + "cert-dcl58-cpp"); CheckFactories.registerCheck<google::build::UnnamedNamespaceInHeaderCheck>( "cert-dcl59-cpp"); // ERR @@ -261,15 +262,17 @@ public: "cert-err52-cpp"); CheckFactories.registerCheck<bugprone::ThrowingStaticInitializationCheck>( "cert-err58-cpp"); - CheckFactories.registerCheck<ThrownExceptionTypeCheck>("cert-err60-cpp"); + CheckFactories.registerCheck<bugprone::ExceptionCopyConstructorThrowsCheck>( + "cert-err60-cpp"); CheckFactories.registerCheck<misc::ThrowByValueCatchByReferenceCheck>( "cert-err61-cpp"); // MEM - CheckFactories.registerCheck<DefaultOperatorNewAlignmentCheck>( - "cert-mem57-cpp"); + CheckFactories + .registerCheck<bugprone::DefaultOperatorNewOnOveralignedTypeCheck>( + "cert-mem57-cpp"); // MSC - CheckFactories.registerCheck<LimitedRandomnessCheck>("cert-msc50-cpp"); - CheckFactories.registerCheck<ProperlySeededRandomGeneratorCheck>( + CheckFactories.registerCheck<misc::PredictableRandCheck>("cert-msc50-cpp"); + CheckFactories.registerCheck<bugprone::RandomGeneratorSeedCheck>( "cert-msc51-cpp"); CheckFactories.registerCheck<bugprone::SignalHandlerCheck>( "cert-msc54-cpp"); @@ -280,7 +283,8 @@ public: "cert-oop54-cpp"); CheckFactories.registerCheck<bugprone::RawMemoryCallOnNonTrivialTypeCheck>( "cert-oop57-cpp"); - CheckFactories.registerCheck<MutatingCopyCheck>("cert-oop58-cpp"); + CheckFactories.registerCheck<bugprone::CopyConstructorMutatesArgumentCheck>( + "cert-oop58-cpp"); // C checkers // ARR @@ -308,7 +312,8 @@ public: CheckFactories.registerCheck<bugprone::SuspiciousMemoryComparisonCheck>( "cert-exp42-c"); // FLP - CheckFactories.registerCheck<FloatLoopCounter>("cert-flp30-c"); + CheckFactories.registerCheck<bugprone::FloatLoopCounterCheck>( + "cert-flp30-c"); CheckFactories.registerCheck<bugprone::SuspiciousMemoryComparisonCheck>( "cert-flp37-c"); // FIO @@ -319,8 +324,8 @@ public: // MSC CheckFactories.registerCheck<bugprone::UnsafeFunctionsCheck>( "cert-msc24-c"); - CheckFactories.registerCheck<LimitedRandomnessCheck>("cert-msc30-c"); - CheckFactories.registerCheck<ProperlySeededRandomGeneratorCheck>( + CheckFactories.registerCheck<misc::PredictableRandCheck>("cert-msc30-c"); + CheckFactories.registerCheck<bugprone::RandomGeneratorSeedCheck>( "cert-msc32-c"); CheckFactories.registerCheck<bugprone::UnsafeFunctionsCheck>( "cert-msc33-c"); diff --git a/clang-tools-extra/clang-tidy/cert/CMakeLists.txt b/clang-tools-extra/clang-tidy/cert/CMakeLists.txt index ce57faa..3137903 100644 --- a/clang-tools-extra/clang-tidy/cert/CMakeLists.txt +++ b/clang-tools-extra/clang-tidy/cert/CMakeLists.txt @@ -5,13 +5,6 @@ set(LLVM_LINK_COMPONENTS add_clang_library(clangTidyCERTModule STATIC CERTTidyModule.cpp - DefaultOperatorNewAlignmentCheck.cpp - DontModifyStdNamespaceCheck.cpp - FloatLoopCounter.cpp - LimitedRandomnessCheck.cpp - MutatingCopyCheck.cpp - ProperlySeededRandomGeneratorCheck.cpp - ThrownExceptionTypeCheck.cpp LINK_LIBS clangTidy diff --git a/clang-tools-extra/clang-tidy/cert/DefaultOperatorNewAlignmentCheck.cpp b/clang-tools-extra/clang-tidy/cert/DefaultOperatorNewAlignmentCheck.cpp deleted file mode 100644 index 45c170e..0000000 --- a/clang-tools-extra/clang-tidy/cert/DefaultOperatorNewAlignmentCheck.cpp +++ /dev/null @@ -1,64 +0,0 @@ -//===----------------------------------------------------------------------===// -// -// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. -// See https://llvm.org/LICENSE.txt for license information. -// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception -// -//===----------------------------------------------------------------------===// - -#include "DefaultOperatorNewAlignmentCheck.h" -#include "clang/AST/ASTContext.h" -#include "clang/ASTMatchers/ASTMatchFinder.h" -#include "clang/Basic/TargetInfo.h" - -using namespace clang::ast_matchers; - -namespace clang::tidy::cert { - -void DefaultOperatorNewAlignmentCheck::registerMatchers(MatchFinder *Finder) { - Finder->addMatcher( - cxxNewExpr(unless(hasAnyPlacementArg(anything()))).bind("new"), this); -} - -void DefaultOperatorNewAlignmentCheck::check( - const MatchFinder::MatchResult &Result) { - // Get the found 'new' expression. - const auto *NewExpr = Result.Nodes.getNodeAs<CXXNewExpr>("new"); - - QualType T = NewExpr->getAllocatedType(); - // Dependent types do not have fixed alignment. - if (T->isDependentType()) - return; - const TagDecl *D = T->getAsTagDecl(); - // Alignment can not be obtained for undefined type. - if (!D || !D->isCompleteDefinition()) - return; - - ASTContext &Context = D->getASTContext(); - - // Check if no alignment was specified for the type. - if (!Context.isAlignmentRequired(T)) - return; - - // The user-specified alignment (in bits). - unsigned SpecifiedAlignment = D->getMaxAlignment(); - // Double-check if no alignment was specified. - if (!SpecifiedAlignment) - return; - // The alignment used by default 'operator new' (in bits). - unsigned DefaultNewAlignment = Context.getTargetInfo().getNewAlign(); - - bool OverAligned = SpecifiedAlignment > DefaultNewAlignment; - bool HasDefaultOperatorNew = - !NewExpr->getOperatorNew() || NewExpr->getOperatorNew()->isImplicit(); - - unsigned CharWidth = Context.getTargetInfo().getCharWidth(); - if (HasDefaultOperatorNew && OverAligned) - diag(NewExpr->getBeginLoc(), - "allocation function returns a pointer with alignment %0 but the " - "over-aligned type being allocated requires alignment %1") - << (DefaultNewAlignment / CharWidth) - << (SpecifiedAlignment / CharWidth); -} - -} // namespace clang::tidy::cert diff --git a/clang-tools-extra/clang-tidy/cert/DefaultOperatorNewAlignmentCheck.h b/clang-tools-extra/clang-tidy/cert/DefaultOperatorNewAlignmentCheck.h deleted file mode 100644 index 8f9d0e4..0000000 --- a/clang-tools-extra/clang-tidy/cert/DefaultOperatorNewAlignmentCheck.h +++ /dev/null @@ -1,34 +0,0 @@ -//===----------------------------------------------------------------------===// -// -// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. -// See https://llvm.org/LICENSE.txt for license information. -// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception -// -//===----------------------------------------------------------------------===// - -#ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_DEFAULTOPERATORNEWALIGNMENTCHECK_H -#define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_DEFAULTOPERATORNEWALIGNMENTCHECK_H - -#include "../ClangTidyCheck.h" - -namespace clang::tidy::cert { - -/// Checks if an object of type with extended alignment is allocated by using -/// the default operator new. -/// -/// For the user-facing documentation see: -/// https://clang.llvm.org/extra/clang-tidy/checks/cert/mem57-cpp.html -class DefaultOperatorNewAlignmentCheck : public ClangTidyCheck { -public: - DefaultOperatorNewAlignmentCheck(StringRef Name, ClangTidyContext *Context) - : ClangTidyCheck(Name, Context) {} - bool isLanguageVersionSupported(const LangOptions &LangOpts) const override { - return !LangOpts.CPlusPlus17; - } - void registerMatchers(ast_matchers::MatchFinder *Finder) override; - void check(const ast_matchers::MatchFinder::MatchResult &Result) override; -}; - -} // namespace clang::tidy::cert - -#endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_DEFAULTOPERATORNEWALIGNMENTCHECK_H diff --git a/clang-tools-extra/clang-tidy/cert/DontModifyStdNamespaceCheck.cpp b/clang-tools-extra/clang-tidy/cert/DontModifyStdNamespaceCheck.cpp deleted file mode 100644 index 79fbc66..0000000 --- a/clang-tools-extra/clang-tidy/cert/DontModifyStdNamespaceCheck.cpp +++ /dev/null @@ -1,129 +0,0 @@ -//===----------------------------------------------------------------------===// -// -// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. -// See https://llvm.org/LICENSE.txt for license information. -// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception -// -//===----------------------------------------------------------------------===// - -#include "DontModifyStdNamespaceCheck.h" -#include "clang/ASTMatchers/ASTMatchFinder.h" -#include "clang/ASTMatchers/ASTMatchersInternal.h" - -using namespace clang; -using namespace clang::ast_matchers; - -namespace { - -AST_POLYMORPHIC_MATCHER_P( - hasAnyTemplateArgumentIncludingPack, - AST_POLYMORPHIC_SUPPORTED_TYPES(ClassTemplateSpecializationDecl, - TemplateSpecializationType, FunctionDecl), - clang::ast_matchers::internal::Matcher<TemplateArgument>, InnerMatcher) { - ArrayRef<TemplateArgument> Args = - clang::ast_matchers::internal::getTemplateSpecializationArgs(Node); - for (const auto &Arg : Args) { - if (Arg.getKind() != TemplateArgument::Pack) - continue; - ArrayRef<TemplateArgument> PackArgs = Arg.getPackAsArray(); - if (matchesFirstInRange(InnerMatcher, PackArgs.begin(), PackArgs.end(), - Finder, Builder) != PackArgs.end()) - return true; - } - return matchesFirstInRange(InnerMatcher, Args.begin(), Args.end(), Finder, - Builder) != Args.end(); -} - -} // namespace - -namespace clang::tidy::cert { - -void DontModifyStdNamespaceCheck::registerMatchers(MatchFinder *Finder) { - auto HasStdParent = - hasDeclContext(namespaceDecl(hasAnyName("std", "posix"), - unless(hasParent(namespaceDecl()))) - .bind("nmspc")); - auto UserDefinedType = qualType( - hasUnqualifiedDesugaredType(tagType(unless(hasDeclaration(tagDecl( - hasAncestor(namespaceDecl(hasAnyName("std", "posix"), - unless(hasParent(namespaceDecl())))))))))); - auto HasNoProgramDefinedTemplateArgument = unless( - hasAnyTemplateArgumentIncludingPack(refersToType(UserDefinedType))); - auto InsideStdClassOrClassTemplateSpecialization = hasDeclContext( - anyOf(cxxRecordDecl(HasStdParent), - classTemplateSpecializationDecl( - HasStdParent, HasNoProgramDefinedTemplateArgument))); - - // Try to follow exactly CERT rule DCL58-CPP (this text is taken from C++ - // standard into the CERT rule): - // " - // 1 The behavior of a C++ program is undefined if it adds declarations or - // definitions to namespace std or to a namespace within namespace std unless - // otherwise specified. A program may add a template specialization for any - // standard library template to namespace std only if the declaration depends - // on a user-defined type and the specialization meets the standard library - // requirements for the original template and is not explicitly prohibited. 2 - // The behavior of a C++ program is undefined if it declares — an explicit - // specialization of any member function of a standard library class template, - // or — an explicit specialization of any member function template of a - // standard library class or class template, or — an explicit or partial - // specialization of any member class template of a standard library class or - // class template. - // " - // The "standard library requirements" and explicit prohibition are not - // checked. - - auto BadNonTemplateSpecializationDecl = - decl(unless(anyOf(functionDecl(isExplicitTemplateSpecialization()), - varDecl(isExplicitTemplateSpecialization()), - cxxRecordDecl(isExplicitTemplateSpecialization()))), - HasStdParent); - auto BadClassTemplateSpec = classTemplateSpecializationDecl( - HasNoProgramDefinedTemplateArgument, HasStdParent); - auto BadInnerClassTemplateSpec = classTemplateSpecializationDecl( - InsideStdClassOrClassTemplateSpecialization); - auto BadFunctionTemplateSpec = - functionDecl(unless(cxxMethodDecl()), isExplicitTemplateSpecialization(), - HasNoProgramDefinedTemplateArgument, HasStdParent); - auto BadMemberFunctionSpec = - cxxMethodDecl(isExplicitTemplateSpecialization(), - InsideStdClassOrClassTemplateSpecialization); - - Finder->addMatcher(decl(anyOf(BadNonTemplateSpecializationDecl, - BadClassTemplateSpec, BadInnerClassTemplateSpec, - BadFunctionTemplateSpec, BadMemberFunctionSpec), - unless(isExpansionInSystemHeader())) - .bind("decl"), - this); -} -} // namespace clang::tidy::cert - -static const NamespaceDecl *getTopLevelLexicalNamespaceDecl(const Decl *D) { - const NamespaceDecl *LastNS = nullptr; - while (D) { - if (const auto *NS = dyn_cast<NamespaceDecl>(D)) - LastNS = NS; - D = dyn_cast_or_null<Decl>(D->getLexicalDeclContext()); - } - return LastNS; -} - -void clang::tidy::cert::DontModifyStdNamespaceCheck::check( - const MatchFinder::MatchResult &Result) { - const auto *D = Result.Nodes.getNodeAs<Decl>("decl"); - const auto *NS = Result.Nodes.getNodeAs<NamespaceDecl>("nmspc"); - if (!D || !NS) - return; - - diag(D->getLocation(), - "modification of %0 namespace can result in undefined behavior") - << NS; - // 'NS' is not always the namespace declaration that lexically contains 'D', - // try to find such a namespace. - if (const NamespaceDecl *LexNS = getTopLevelLexicalNamespaceDecl(D)) { - assert(NS->getCanonicalDecl() == LexNS->getCanonicalDecl() && - "Mismatch in found namespace"); - diag(LexNS->getLocation(), "%0 namespace opened here", DiagnosticIDs::Note) - << LexNS; - } -} diff --git a/clang-tools-extra/clang-tidy/cert/DontModifyStdNamespaceCheck.h b/clang-tools-extra/clang-tidy/cert/DontModifyStdNamespaceCheck.h deleted file mode 100644 index cfcd8786..0000000 --- a/clang-tools-extra/clang-tidy/cert/DontModifyStdNamespaceCheck.h +++ /dev/null @@ -1,34 +0,0 @@ -//===----------------------------------------------------------------------===// -// -// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. -// See https://llvm.org/LICENSE.txt for license information. -// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception -// -//===----------------------------------------------------------------------===// - -#ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_DONT_MODIFY_STD_NAMESPACE_H -#define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_DONT_MODIFY_STD_NAMESPACE_H - -#include "../ClangTidyCheck.h" - -namespace clang::tidy::cert { - -/// Modification of the std or posix namespace can result in undefined behavior. -/// This check warns for such modifications. -/// -/// For the user-facing documentation see: -/// https://clang.llvm.org/extra/clang-tidy/checks/cert/dcl58-cpp.html -class DontModifyStdNamespaceCheck : public ClangTidyCheck { -public: - DontModifyStdNamespaceCheck(StringRef Name, ClangTidyContext *Context) - : ClangTidyCheck(Name, Context) {} - bool isLanguageVersionSupported(const LangOptions &LangOpts) const override { - return LangOpts.CPlusPlus; - } - void registerMatchers(ast_matchers::MatchFinder *Finder) override; - void check(const ast_matchers::MatchFinder::MatchResult &Result) override; -}; - -} // namespace clang::tidy::cert - -#endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_DONT_MODIFY_STD_NAMESPACE_H diff --git a/clang-tools-extra/clang-tidy/cert/FloatLoopCounter.cpp b/clang-tools-extra/clang-tidy/cert/FloatLoopCounter.cpp deleted file mode 100644 index 01299e0..0000000 --- a/clang-tools-extra/clang-tidy/cert/FloatLoopCounter.cpp +++ /dev/null @@ -1,46 +0,0 @@ -//===----------------------------------------------------------------------===// -// -// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. -// See https://llvm.org/LICENSE.txt for license information. -// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception -// -//===----------------------------------------------------------------------===// - -#include "FloatLoopCounter.h" -#include "clang/AST/ASTContext.h" -#include "clang/ASTMatchers/ASTMatchFinder.h" -#include "clang/ASTMatchers/ASTMatchers.h" - -using namespace clang::ast_matchers; - -namespace clang::tidy::cert { - -void FloatLoopCounter::registerMatchers(MatchFinder *Finder) { - Finder->addMatcher( - forStmt(hasIncrement(forEachDescendant( - declRefExpr(hasType(realFloatingPointType()), - to(varDecl().bind("var"))) - .bind("inc"))), - hasCondition(forEachDescendant( - declRefExpr(hasType(realFloatingPointType()), - to(varDecl(equalsBoundNode("var")))) - .bind("cond")))) - .bind("for"), - this); -} - -void FloatLoopCounter::check(const MatchFinder::MatchResult &Result) { - const auto *FS = Result.Nodes.getNodeAs<ForStmt>("for"); - - diag(FS->getInc()->getBeginLoc(), "loop induction expression should not have " - "floating-point type") - << Result.Nodes.getNodeAs<DeclRefExpr>("inc")->getSourceRange() - << Result.Nodes.getNodeAs<DeclRefExpr>("cond")->getSourceRange(); - - if (!FS->getInc()->getType()->isRealFloatingType()) - if (const auto *V = Result.Nodes.getNodeAs<VarDecl>("var")) - diag(V->getBeginLoc(), "floating-point type loop induction variable", - DiagnosticIDs::Note); -} - -} // namespace clang::tidy::cert diff --git a/clang-tools-extra/clang-tidy/cert/FloatLoopCounter.h b/clang-tools-extra/clang-tidy/cert/FloatLoopCounter.h deleted file mode 100644 index d00c036..0000000 --- a/clang-tools-extra/clang-tidy/cert/FloatLoopCounter.h +++ /dev/null @@ -1,32 +0,0 @@ -//===----------------------------------------------------------------------===// -// -// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. -// See https://llvm.org/LICENSE.txt for license information. -// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception -// -//===----------------------------------------------------------------------===// - -#ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_FLOAT_LOOP_COUNTER_H -#define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_FLOAT_LOOP_COUNTER_H - -#include "../ClangTidyCheck.h" - -namespace clang::tidy::cert { - -/// This check diagnoses when the loop induction expression of a for loop has -/// floating-point type. The check corresponds to: -/// https://www.securecoding.cert.org/confluence/display/c/FLP30-C.+Do+not+use+floating-point+variables+as+loop+counters -/// -/// For the user-facing documentation see: -/// https://clang.llvm.org/extra/clang-tidy/checks/cert/flp30-c.html -class FloatLoopCounter : public ClangTidyCheck { -public: - FloatLoopCounter(StringRef Name, ClangTidyContext *Context) - : ClangTidyCheck(Name, Context) {} - void registerMatchers(ast_matchers::MatchFinder *Finder) override; - void check(const ast_matchers::MatchFinder::MatchResult &Result) override; -}; - -} // namespace clang::tidy::cert - -#endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_FLOAT_LOOP_COUNTER_H diff --git a/clang-tools-extra/clang-tidy/cert/LimitedRandomnessCheck.cpp b/clang-tools-extra/clang-tidy/cert/LimitedRandomnessCheck.cpp deleted file mode 100644 index 4fe9c6c..0000000 --- a/clang-tools-extra/clang-tidy/cert/LimitedRandomnessCheck.cpp +++ /dev/null @@ -1,33 +0,0 @@ -//===----------------------------------------------------------------------===// -// -// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. -// See https://llvm.org/LICENSE.txt for license information. -// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception -// -//===----------------------------------------------------------------------===// - -#include "LimitedRandomnessCheck.h" -#include "clang/AST/ASTContext.h" -#include "clang/ASTMatchers/ASTMatchFinder.h" - -using namespace clang::ast_matchers; - -namespace clang::tidy::cert { - -void LimitedRandomnessCheck::registerMatchers(MatchFinder *Finder) { - Finder->addMatcher(callExpr(callee(functionDecl(namedDecl(hasName("::rand")), - parameterCountIs(0)))) - .bind("randomGenerator"), - this); -} - -void LimitedRandomnessCheck::check(const MatchFinder::MatchResult &Result) { - std::string Msg; - if (getLangOpts().CPlusPlus) - Msg = "; use C++11 random library instead"; - - const auto *MatchedDecl = Result.Nodes.getNodeAs<CallExpr>("randomGenerator"); - diag(MatchedDecl->getBeginLoc(), "rand() has limited randomness" + Msg); -} - -} // namespace clang::tidy::cert diff --git a/clang-tools-extra/clang-tidy/cert/LimitedRandomnessCheck.h b/clang-tools-extra/clang-tidy/cert/LimitedRandomnessCheck.h deleted file mode 100644 index a9d6076..0000000 --- a/clang-tools-extra/clang-tidy/cert/LimitedRandomnessCheck.h +++ /dev/null @@ -1,33 +0,0 @@ -//===----------------------------------------------------------------------===// -// -// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. -// See https://llvm.org/LICENSE.txt for license information. -// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception -// -//===----------------------------------------------------------------------===// - -#ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_LIMITED_RANDOMNESS_H -#define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_LIMITED_RANDOMNESS_H - -#include "../ClangTidyCheck.h" - -namespace clang::tidy::cert { - -/// Pseudorandom number generators are not genuinely random. The result of the -/// std::rand() function makes no guarantees as to the quality of the random -/// sequence produced. -/// This check warns for the usage of std::rand() function. -/// -/// For the user-facing documentation see: -/// https://clang.llvm.org/extra/clang-tidy/checks/cert/msc50-cpp.html -class LimitedRandomnessCheck : public ClangTidyCheck { -public: - LimitedRandomnessCheck(StringRef Name, ClangTidyContext *Context) - : ClangTidyCheck(Name, Context) {} - void registerMatchers(ast_matchers::MatchFinder *Finder) override; - void check(const ast_matchers::MatchFinder::MatchResult &Result) override; -}; - -} // namespace clang::tidy::cert - -#endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_LIMITED_RANDOMNESS_H diff --git a/clang-tools-extra/clang-tidy/cert/MutatingCopyCheck.cpp b/clang-tools-extra/clang-tidy/cert/MutatingCopyCheck.cpp deleted file mode 100644 index fb9d72c..0000000 --- a/clang-tools-extra/clang-tidy/cert/MutatingCopyCheck.cpp +++ /dev/null @@ -1,72 +0,0 @@ -//===----------------------------------------------------------------------===// -// -// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. -// See https://llvm.org/LICENSE.txt for license information. -// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception -// -//===----------------------------------------------------------------------===// - -#include "MutatingCopyCheck.h" -#include "clang/AST/ASTContext.h" -#include "clang/ASTMatchers/ASTMatchFinder.h" - -using namespace clang::ast_matchers; - -namespace clang::tidy::cert { - -static constexpr llvm::StringLiteral SourceDeclName = "ChangedPVD"; -static constexpr llvm::StringLiteral MutatingOperatorName = "MutatingOp"; -static constexpr llvm::StringLiteral MutatingCallName = "MutatingCall"; - -void MutatingCopyCheck::registerMatchers(MatchFinder *Finder) { - const auto MemberExprOrSourceObject = anyOf( - memberExpr(), - declRefExpr(to(decl(equalsBoundNode(std::string(SourceDeclName)))))); - - const auto IsPartOfSource = - allOf(unless(hasDescendant(expr(unless(MemberExprOrSourceObject)))), - MemberExprOrSourceObject); - - const auto IsSourceMutatingAssignment = traverse( - TK_AsIs, binaryOperation(hasOperatorName("="), hasLHS(IsPartOfSource)) - .bind(MutatingOperatorName)); - - const auto MemberExprOrSelf = anyOf(memberExpr(), cxxThisExpr()); - - const auto IsPartOfSelf = allOf( - unless(hasDescendant(expr(unless(MemberExprOrSelf)))), MemberExprOrSelf); - - const auto IsSelfMutatingAssignment = - binaryOperation(isAssignmentOperator(), hasLHS(IsPartOfSelf)); - - const auto IsSelfMutatingMemberFunction = - functionDecl(hasBody(hasDescendant(IsSelfMutatingAssignment))); - - const auto IsSourceMutatingMemberCall = - cxxMemberCallExpr(on(IsPartOfSource), - callee(IsSelfMutatingMemberFunction)) - .bind(MutatingCallName); - - const auto MutatesSource = allOf( - hasParameter( - 0, parmVarDecl(hasType(lValueReferenceType())).bind(SourceDeclName)), - anyOf(forEachDescendant(IsSourceMutatingAssignment), - forEachDescendant(IsSourceMutatingMemberCall))); - - Finder->addMatcher(cxxConstructorDecl(isCopyConstructor(), MutatesSource), - this); - - Finder->addMatcher(cxxMethodDecl(isCopyAssignmentOperator(), MutatesSource), - this); -} - -void MutatingCopyCheck::check(const MatchFinder::MatchResult &Result) { - if (const auto *MemberCall = - Result.Nodes.getNodeAs<CXXMemberCallExpr>(MutatingCallName)) - diag(MemberCall->getBeginLoc(), "call mutates copied object"); - else if (const auto *Assignment = - Result.Nodes.getNodeAs<Expr>(MutatingOperatorName)) - diag(Assignment->getBeginLoc(), "mutating copied object"); -} - -} // namespace clang::tidy::cert diff --git a/clang-tools-extra/clang-tidy/cert/MutatingCopyCheck.h b/clang-tools-extra/clang-tidy/cert/MutatingCopyCheck.h deleted file mode 100644 index c211fa0..0000000 --- a/clang-tools-extra/clang-tidy/cert/MutatingCopyCheck.h +++ /dev/null @@ -1,34 +0,0 @@ -//===----------------------------------------------------------------------===// -// -// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. -// See https://llvm.org/LICENSE.txt for license information. -// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception -// -//===----------------------------------------------------------------------===// - -#ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_MUTATINGCOPYCHECK_H -#define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_MUTATINGCOPYCHECK_H - -#include "../ClangTidyCheck.h" - -namespace clang::tidy::cert { - -/// Finds assignments to the copied object and its direct or indirect members -/// in copy constructors and copy assignment operators. -/// -/// For the user-facing documentation see: -/// https://clang.llvm.org/extra/clang-tidy/checks/cert/oop58-cpp.html -class MutatingCopyCheck : public ClangTidyCheck { -public: - MutatingCopyCheck(StringRef Name, ClangTidyContext *Context) - : ClangTidyCheck(Name, Context) {} - bool isLanguageVersionSupported(const LangOptions &LangOpts) const override { - return LangOpts.CPlusPlus; - } - void registerMatchers(ast_matchers::MatchFinder *Finder) override; - void check(const ast_matchers::MatchFinder::MatchResult &Result) override; -}; - -} // namespace clang::tidy::cert - -#endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_MUTATINGCOPYCHECK_H diff --git a/clang-tools-extra/clang-tidy/cert/ProperlySeededRandomGeneratorCheck.cpp b/clang-tools-extra/clang-tidy/cert/ProperlySeededRandomGeneratorCheck.cpp deleted file mode 100644 index b8bca72..0000000 --- a/clang-tools-extra/clang-tidy/cert/ProperlySeededRandomGeneratorCheck.cpp +++ /dev/null @@ -1,121 +0,0 @@ -//===----------------------------------------------------------------------===// -// -// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. -// See https://llvm.org/LICENSE.txt for license information. -// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception -// -//===----------------------------------------------------------------------===// - -#include "ProperlySeededRandomGeneratorCheck.h" -#include "clang/AST/ASTContext.h" -#include "clang/ASTMatchers/ASTMatchFinder.h" -#include "llvm/ADT/STLExtras.h" - -using namespace clang::ast_matchers; - -namespace clang::tidy::cert { - -ProperlySeededRandomGeneratorCheck::ProperlySeededRandomGeneratorCheck( - StringRef Name, ClangTidyContext *Context) - : ClangTidyCheck(Name, Context), - RawDisallowedSeedTypes( - Options.get("DisallowedSeedTypes", "time_t,std::time_t")) { - RawDisallowedSeedTypes.split(DisallowedSeedTypes, ','); -} - -void ProperlySeededRandomGeneratorCheck::storeOptions( - ClangTidyOptions::OptionMap &Opts) { - Options.store(Opts, "DisallowedSeedTypes", RawDisallowedSeedTypes); -} - -void ProperlySeededRandomGeneratorCheck::registerMatchers(MatchFinder *Finder) { - auto RandomGeneratorEngineDecl = cxxRecordDecl(hasAnyName( - "::std::linear_congruential_engine", "::std::mersenne_twister_engine", - "::std::subtract_with_carry_engine", "::std::discard_block_engine", - "::std::independent_bits_engine", "::std::shuffle_order_engine")); - auto RandomGeneratorEngineTypeMatcher = hasType(hasUnqualifiedDesugaredType( - recordType(hasDeclaration(RandomGeneratorEngineDecl)))); - - // std::mt19937 engine; - // engine.seed(); - // ^ - // engine.seed(1); - // ^ - // const int x = 1; - // engine.seed(x); - // ^ - Finder->addMatcher( - cxxMemberCallExpr( - has(memberExpr(has(declRefExpr(RandomGeneratorEngineTypeMatcher)), - member(hasName("seed")), - unless(hasDescendant(cxxThisExpr()))))) - .bind("seed"), - this); - - // std::mt19937 engine; - // ^ - // std::mt19937 engine(1); - // ^ - // const int x = 1; - // std::mt19937 engine(x); - // ^ - Finder->addMatcher( - traverse(TK_AsIs, - cxxConstructExpr(RandomGeneratorEngineTypeMatcher).bind("ctor")), - this); - - // srand(); - // ^ - // const int x = 1; - // srand(x); - // ^ - Finder->addMatcher( - callExpr(callee(functionDecl(hasAnyName("::srand", "::std::srand")))) - .bind("srand"), - this); -} - -void ProperlySeededRandomGeneratorCheck::check( - const MatchFinder::MatchResult &Result) { - const auto *Ctor = Result.Nodes.getNodeAs<CXXConstructExpr>("ctor"); - if (Ctor) - checkSeed(Result, Ctor); - - const auto *Func = Result.Nodes.getNodeAs<CXXMemberCallExpr>("seed"); - if (Func) - checkSeed(Result, Func); - - const auto *Srand = Result.Nodes.getNodeAs<CallExpr>("srand"); - if (Srand) - checkSeed(Result, Srand); -} - -template <class T> -void ProperlySeededRandomGeneratorCheck::checkSeed( - const MatchFinder::MatchResult &Result, const T *Func) { - if (Func->getNumArgs() == 0 || Func->getArg(0)->isDefaultArgument()) { - diag(Func->getExprLoc(), - "random number generator seeded with a default argument will generate " - "a predictable sequence of values"); - return; - } - - Expr::EvalResult EVResult; - if (Func->getArg(0)->EvaluateAsInt(EVResult, *Result.Context)) { - diag(Func->getExprLoc(), - "random number generator seeded with a constant value will generate a " - "predictable sequence of values"); - return; - } - - const std::string SeedType( - Func->getArg(0)->IgnoreCasts()->getType().getAsString()); - if (llvm::is_contained(DisallowedSeedTypes, SeedType)) { - diag(Func->getExprLoc(), - "random number generator seeded with a disallowed source of seed " - "value will generate a predictable sequence of values"); - return; - } -} - -} // namespace clang::tidy::cert diff --git a/clang-tools-extra/clang-tidy/cert/ProperlySeededRandomGeneratorCheck.h b/clang-tools-extra/clang-tidy/cert/ProperlySeededRandomGeneratorCheck.h deleted file mode 100644 index 7da01cc..0000000 --- a/clang-tools-extra/clang-tidy/cert/ProperlySeededRandomGeneratorCheck.h +++ /dev/null @@ -1,42 +0,0 @@ -//===----------------------------------------------------------------------===// -// -// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. -// See https://llvm.org/LICENSE.txt for license information. -// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception -// -//===----------------------------------------------------------------------===// - -#ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_PROPERLY_SEEDED_RANDOM_GENERATOR_H -#define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_PROPERLY_SEEDED_RANDOM_GENERATOR_H - -#include "../ClangTidyCheck.h" -#include <string> - -namespace clang::tidy::cert { - -/// Random number generator must be seeded properly. -/// -/// A random number generator initialized with default value or a -/// constant expression is a security vulnerability. -/// -/// For the user-facing documentation see: -/// https://clang.llvm.org/extra/clang-tidy/checks/cert/msc51-cpp.html -class ProperlySeededRandomGeneratorCheck : public ClangTidyCheck { -public: - ProperlySeededRandomGeneratorCheck(StringRef Name, ClangTidyContext *Context); - void storeOptions(ClangTidyOptions::OptionMap &Opts) override; - void registerMatchers(ast_matchers::MatchFinder *Finder) override; - void check(const ast_matchers::MatchFinder::MatchResult &Result) override; - -private: - template <class T> - void checkSeed(const ast_matchers::MatchFinder::MatchResult &Result, - const T *Func); - - StringRef RawDisallowedSeedTypes; - SmallVector<StringRef, 5> DisallowedSeedTypes; -}; - -} // namespace clang::tidy::cert - -#endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_PROPERLY_SEEDED_RANDOM_GENERATOR_H diff --git a/clang-tools-extra/clang-tidy/cert/ThrownExceptionTypeCheck.cpp b/clang-tools-extra/clang-tidy/cert/ThrownExceptionTypeCheck.cpp deleted file mode 100644 index 2225a90..0000000 --- a/clang-tools-extra/clang-tidy/cert/ThrownExceptionTypeCheck.cpp +++ /dev/null @@ -1,34 +0,0 @@ -//===----------------------------------------------------------------------===// -// -// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. -// See https://llvm.org/LICENSE.txt for license information. -// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception -// -//===----------------------------------------------------------------------===// - -#include "ThrownExceptionTypeCheck.h" -#include "clang/AST/ASTContext.h" -#include "clang/ASTMatchers/ASTMatchFinder.h" - -using namespace clang::ast_matchers; - -namespace clang::tidy::cert { - -void ThrownExceptionTypeCheck::registerMatchers(MatchFinder *Finder) { - Finder->addMatcher( - traverse( - TK_AsIs, - cxxThrowExpr(has(ignoringParenImpCasts( - cxxConstructExpr(hasDeclaration(cxxConstructorDecl( - isCopyConstructor(), unless(isNoThrow())))) - .bind("expr"))))), - this); -} - -void ThrownExceptionTypeCheck::check(const MatchFinder::MatchResult &Result) { - const auto *E = Result.Nodes.getNodeAs<Expr>("expr"); - diag(E->getExprLoc(), - "thrown exception type is not nothrow copy constructible"); -} - -} // namespace clang::tidy::cert diff --git a/clang-tools-extra/clang-tidy/cert/ThrownExceptionTypeCheck.h b/clang-tools-extra/clang-tidy/cert/ThrownExceptionTypeCheck.h deleted file mode 100644 index 41a51452..0000000 --- a/clang-tools-extra/clang-tidy/cert/ThrownExceptionTypeCheck.h +++ /dev/null @@ -1,33 +0,0 @@ -//===----------------------------------------------------------------------===// -// -// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. -// See https://llvm.org/LICENSE.txt for license information. -// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception -// -//===----------------------------------------------------------------------===// - -#ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_THROWNEXCEPTIONTYPECHECK_H -#define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_THROWNEXCEPTIONTYPECHECK_H - -#include "../ClangTidyCheck.h" - -namespace clang::tidy::cert { - -/// Checks whether a thrown object is nothrow copy constructible. -/// -/// For the user-facing documentation see: -/// https://clang.llvm.org/extra/clang-tidy/checks/cert/err60-cpp.html -class ThrownExceptionTypeCheck : public ClangTidyCheck { -public: - ThrownExceptionTypeCheck(StringRef Name, ClangTidyContext *Context) - : ClangTidyCheck(Name, Context) {} - bool isLanguageVersionSupported(const LangOptions &LangOpts) const override { - return LangOpts.CPlusPlus; - } - void registerMatchers(ast_matchers::MatchFinder *Finder) override; - void check(const ast_matchers::MatchFinder::MatchResult &Result) override; -}; - -} // namespace clang::tidy::cert - -#endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_THROWNEXCEPTIONTYPECHECK_H |