clang API Documentation

FixedAddressChecker.cpp
Go to the documentation of this file.
00001 //=== FixedAddressChecker.cpp - Fixed address usage checker ----*- C++ -*--===//
00002 //
00003 //                     The LLVM Compiler Infrastructure
00004 //
00005 // This file is distributed under the University of Illinois Open Source
00006 // License. See LICENSE.TXT for details.
00007 //
00008 //===----------------------------------------------------------------------===//
00009 //
00010 // This files defines FixedAddressChecker, a builtin checker that checks for
00011 // assignment of a fixed address to a pointer.
00012 // This check corresponds to CWE-587.
00013 //
00014 //===----------------------------------------------------------------------===//
00015 
00016 #include "ClangSACheckers.h"
00017 #include "clang/StaticAnalyzer/Core/Checker.h"
00018 #include "clang/StaticAnalyzer/Core/CheckerManager.h"
00019 #include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"
00020 #include "clang/StaticAnalyzer/Core/BugReporter/BugType.h"
00021 
00022 using namespace clang;
00023 using namespace ento;
00024 
00025 namespace {
00026 class FixedAddressChecker 
00027   : public Checker< check::PreStmt<BinaryOperator> > {
00028   mutable OwningPtr<BuiltinBug> BT;
00029 
00030 public:
00031   void checkPreStmt(const BinaryOperator *B, CheckerContext &C) const;
00032 };
00033 }
00034 
00035 void FixedAddressChecker::checkPreStmt(const BinaryOperator *B,
00036                                        CheckerContext &C) const {
00037   // Using a fixed address is not portable because that address will probably
00038   // not be valid in all environments or platforms.
00039 
00040   if (B->getOpcode() != BO_Assign)
00041     return;
00042 
00043   QualType T = B->getType();
00044   if (!T->isPointerType())
00045     return;
00046 
00047   ProgramStateRef state = C.getState();
00048   SVal RV = state->getSVal(B->getRHS(), C.getLocationContext());
00049 
00050   if (!RV.isConstant() || RV.isZeroConstant())
00051     return;
00052 
00053   if (ExplodedNode *N = C.addTransition()) {
00054     if (!BT)
00055       BT.reset(new BuiltinBug("Use fixed address", 
00056                           "Using a fixed address is not portable because that "
00057                           "address will probably not be valid in all "
00058                           "environments or platforms."));
00059     BugReport *R = new BugReport(*BT, BT->getDescription(), N);
00060     R->addRange(B->getRHS()->getSourceRange());
00061     C.EmitReport(R);
00062   }
00063 }
00064 
00065 void ento::registerFixedAddressChecker(CheckerManager &mgr) {
00066   mgr.registerChecker<FixedAddressChecker>();
00067 }

Generated on Sun May 20 2012 02:52:37 by Doxygen 1.7.5.1.

See the Main Clang Web Page for more information.