clang-tools 20.0.0git
CERTTidyModule.cpp
Go to the documentation of this file.
1//===--- CERTTidyModule.cpp - clang-tidy ----------------------------------===//
2//
3// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4// See https://llvm.org/LICENSE.txt for license information.
5// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6//
7//===----------------------------------------------------------------------===//
8
9#include "../ClangTidy.h"
10#include "../ClangTidyModule.h"
11#include "../ClangTidyModuleRegistry.h"
12#include "../bugprone/BadSignalToKillThreadCheck.h"
13#include "../bugprone/PointerArithmeticOnPolymorphicObjectCheck.h"
14#include "../bugprone/ReservedIdentifierCheck.h"
15#include "../bugprone/SignalHandlerCheck.h"
16#include "../bugprone/SignedCharMisuseCheck.h"
17#include "../bugprone/SpuriouslyWakeUpFunctionsCheck.h"
18#include "../bugprone/SuspiciousMemoryComparisonCheck.h"
19#include "../bugprone/UnhandledSelfAssignmentCheck.h"
20#include "../bugprone/UnsafeFunctionsCheck.h"
21#include "../bugprone/UnusedReturnValueCheck.h"
22#include "../concurrency/ThreadCanceltypeAsynchronousCheck.h"
23#include "../google/UnnamedNamespaceInHeaderCheck.h"
24#include "../misc/NewDeleteOverloadsCheck.h"
25#include "../misc/NonCopyableObjects.h"
26#include "../misc/StaticAssertCheck.h"
27#include "../misc/ThrowByValueCatchByReferenceCheck.h"
28#include "../performance/MoveConstructorInitCheck.h"
29#include "../readability/EnumInitialValueCheck.h"
30#include "../readability/UppercaseLiteralSuffixCheck.h"
31#include "CommandProcessorCheck.h"
32#include "DefaultOperatorNewAlignmentCheck.h"
33#include "DontModifyStdNamespaceCheck.h"
34#include "FloatLoopCounter.h"
35#include "LimitedRandomnessCheck.h"
36#include "MutatingCopyCheck.h"
37#include "NonTrivialTypesLibcMemoryCallsCheck.h"
38#include "ProperlySeededRandomGeneratorCheck.h"
39#include "SetLongJmpCheck.h"
40#include "StaticObjectExceptionCheck.h"
41#include "StrToNumCheck.h"
42#include "ThrownExceptionTypeCheck.h"
43#include "VariadicFunctionDefCheck.h"
44
45namespace {
46
47// Checked functions for cert-err33-c.
48// The following functions are deliberately excluded because they can be called
49// with NULL argument and in this case the check is not applicable:
50// `mblen, mbrlen, mbrtowc, mbtowc, wctomb, wctomb_s`.
51// FIXME: The check can be improved to handle such cases.
52const llvm::StringRef CertErr33CCheckedFunctions = "^::aligned_alloc;"
53 "^::asctime_s;"
54 "^::at_quick_exit;"
55 "^::atexit;"
56 "^::bsearch;"
57 "^::bsearch_s;"
58 "^::btowc;"
59 "^::c16rtomb;"
60 "^::c32rtomb;"
61 "^::calloc;"
62 "^::clock;"
63 "^::cnd_broadcast;"
64 "^::cnd_init;"
65 "^::cnd_signal;"
66 "^::cnd_timedwait;"
67 "^::cnd_wait;"
68 "^::ctime_s;"
69 "^::fclose;"
70 "^::fflush;"
71 "^::fgetc;"
72 "^::fgetpos;"
73 "^::fgets;"
74 "^::fgetwc;"
75 "^::fopen;"
76 "^::fopen_s;"
77 "^::fprintf;"
78 "^::fprintf_s;"
79 "^::fputc;"
80 "^::fputs;"
81 "^::fputwc;"
82 "^::fputws;"
83 "^::fread;"
84 "^::freopen;"
85 "^::freopen_s;"
86 "^::fscanf;"
87 "^::fscanf_s;"
88 "^::fseek;"
89 "^::fsetpos;"
90 "^::ftell;"
91 "^::fwprintf;"
92 "^::fwprintf_s;"
93 "^::fwrite;"
94 "^::fwscanf;"
95 "^::fwscanf_s;"
96 "^::getc;"
97 "^::getchar;"
98 "^::getenv;"
99 "^::getenv_s;"
100 "^::gets_s;"
101 "^::getwc;"
102 "^::getwchar;"
103 "^::gmtime;"
104 "^::gmtime_s;"
105 "^::localtime;"
106 "^::localtime_s;"
107 "^::malloc;"
108 "^::mbrtoc16;"
109 "^::mbrtoc32;"
110 "^::mbsrtowcs;"
111 "^::mbsrtowcs_s;"
112 "^::mbstowcs;"
113 "^::mbstowcs_s;"
114 "^::memchr;"
115 "^::mktime;"
116 "^::mtx_init;"
117 "^::mtx_lock;"
118 "^::mtx_timedlock;"
119 "^::mtx_trylock;"
120 "^::mtx_unlock;"
121 "^::printf_s;"
122 "^::putc;"
123 "^::putwc;"
124 "^::raise;"
125 "^::realloc;"
126 "^::remove;"
127 "^::rename;"
128 "^::scanf;"
129 "^::scanf_s;"
130 "^::setlocale;"
131 "^::setvbuf;"
132 "^::signal;"
133 "^::snprintf;"
134 "^::snprintf_s;"
135 "^::sprintf;"
136 "^::sprintf_s;"
137 "^::sscanf;"
138 "^::sscanf_s;"
139 "^::strchr;"
140 "^::strerror_s;"
141 "^::strftime;"
142 "^::strpbrk;"
143 "^::strrchr;"
144 "^::strstr;"
145 "^::strtod;"
146 "^::strtof;"
147 "^::strtoimax;"
148 "^::strtok;"
149 "^::strtok_s;"
150 "^::strtol;"
151 "^::strtold;"
152 "^::strtoll;"
153 "^::strtoul;"
154 "^::strtoull;"
155 "^::strtoumax;"
156 "^::strxfrm;"
157 "^::swprintf;"
158 "^::swprintf_s;"
159 "^::swscanf;"
160 "^::swscanf_s;"
161 "^::thrd_create;"
162 "^::thrd_detach;"
163 "^::thrd_join;"
164 "^::thrd_sleep;"
165 "^::time;"
166 "^::timespec_get;"
167 "^::tmpfile;"
168 "^::tmpfile_s;"
169 "^::tmpnam;"
170 "^::tmpnam_s;"
171 "^::tss_create;"
172 "^::tss_get;"
173 "^::tss_set;"
174 "^::ungetc;"
175 "^::ungetwc;"
176 "^::vfprintf;"
177 "^::vfprintf_s;"
178 "^::vfscanf;"
179 "^::vfscanf_s;"
180 "^::vfwprintf;"
181 "^::vfwprintf_s;"
182 "^::vfwscanf;"
183 "^::vfwscanf_s;"
184 "^::vprintf_s;"
185 "^::vscanf;"
186 "^::vscanf_s;"
187 "^::vsnprintf;"
188 "^::vsnprintf_s;"
189 "^::vsprintf;"
190 "^::vsprintf_s;"
191 "^::vsscanf;"
192 "^::vsscanf_s;"
193 "^::vswprintf;"
194 "^::vswprintf_s;"
195 "^::vswscanf;"
196 "^::vswscanf_s;"
197 "^::vwprintf_s;"
198 "^::vwscanf;"
199 "^::vwscanf_s;"
200 "^::wcrtomb;"
201 "^::wcschr;"
202 "^::wcsftime;"
203 "^::wcspbrk;"
204 "^::wcsrchr;"
205 "^::wcsrtombs;"
206 "^::wcsrtombs_s;"
207 "^::wcsstr;"
208 "^::wcstod;"
209 "^::wcstof;"
210 "^::wcstoimax;"
211 "^::wcstok;"
212 "^::wcstok_s;"
213 "^::wcstol;"
214 "^::wcstold;"
215 "^::wcstoll;"
216 "^::wcstombs;"
217 "^::wcstombs_s;"
218 "^::wcstoul;"
219 "^::wcstoull;"
220 "^::wcstoumax;"
221 "^::wcsxfrm;"
222 "^::wctob;"
223 "^::wctrans;"
224 "^::wctype;"
225 "^::wmemchr;"
226 "^::wprintf_s;"
227 "^::wscanf;"
228 "^::wscanf_s;";
229
230} // namespace
231
232namespace clang::tidy {
233namespace cert {
234
235class CERTModule : public ClangTidyModule {
236public:
237 void addCheckFactories(ClangTidyCheckFactories &CheckFactories) override {
238 // C++ checkers
239 // CON
240 CheckFactories.registerCheck<bugprone::SpuriouslyWakeUpFunctionsCheck>(
241 "cert-con54-cpp");
242 // CTR
243 CheckFactories
244 .registerCheck<bugprone::PointerArithmeticOnPolymorphicObjectCheck>(
245 "cert-ctr56-cpp");
246 // DCL
247 CheckFactories.registerCheck<VariadicFunctionDefCheck>("cert-dcl50-cpp");
248 CheckFactories.registerCheck<bugprone::ReservedIdentifierCheck>(
249 "cert-dcl51-cpp");
250 CheckFactories.registerCheck<misc::NewDeleteOverloadsCheck>(
251 "cert-dcl54-cpp");
252 CheckFactories.registerCheck<DontModifyStdNamespaceCheck>(
253 "cert-dcl58-cpp");
254 CheckFactories.registerCheck<google::build::UnnamedNamespaceInHeaderCheck>(
255 "cert-dcl59-cpp");
256 // ERR
257 CheckFactories.registerCheck<misc::ThrowByValueCatchByReferenceCheck>(
258 "cert-err09-cpp");
259 CheckFactories.registerCheck<SetLongJmpCheck>("cert-err52-cpp");
260 CheckFactories.registerCheck<StaticObjectExceptionCheck>("cert-err58-cpp");
261 CheckFactories.registerCheck<ThrownExceptionTypeCheck>("cert-err60-cpp");
262 CheckFactories.registerCheck<misc::ThrowByValueCatchByReferenceCheck>(
263 "cert-err61-cpp");
264 // MEM
265 CheckFactories.registerCheck<DefaultOperatorNewAlignmentCheck>(
266 "cert-mem57-cpp");
267 // MSC
268 CheckFactories.registerCheck<LimitedRandomnessCheck>("cert-msc50-cpp");
269 CheckFactories.registerCheck<ProperlySeededRandomGeneratorCheck>(
270 "cert-msc51-cpp");
271 CheckFactories.registerCheck<bugprone::SignalHandlerCheck>(
272 "cert-msc54-cpp");
273 // OOP
274 CheckFactories.registerCheck<performance::MoveConstructorInitCheck>(
275 "cert-oop11-cpp");
276 CheckFactories.registerCheck<bugprone::UnhandledSelfAssignmentCheck>(
277 "cert-oop54-cpp");
278 CheckFactories.registerCheck<NonTrivialTypesLibcMemoryCallsCheck>(
279 "cert-oop57-cpp");
280 CheckFactories.registerCheck<MutatingCopyCheck>(
281 "cert-oop58-cpp");
282
283 // C checkers
284 // CON
285 CheckFactories.registerCheck<bugprone::SpuriouslyWakeUpFunctionsCheck>(
286 "cert-con36-c");
287 // DCL
288 CheckFactories.registerCheck<misc::StaticAssertCheck>("cert-dcl03-c");
289 CheckFactories.registerCheck<readability::UppercaseLiteralSuffixCheck>(
290 "cert-dcl16-c");
291 CheckFactories.registerCheck<bugprone::ReservedIdentifierCheck>(
292 "cert-dcl37-c");
293 // ENV
294 CheckFactories.registerCheck<CommandProcessorCheck>("cert-env33-c");
295 // ERR
296 CheckFactories.registerCheck<bugprone::UnusedReturnValueCheck>(
297 "cert-err33-c");
298 CheckFactories.registerCheck<StrToNumCheck>("cert-err34-c");
299 // EXP
300 CheckFactories.registerCheck<bugprone::SuspiciousMemoryComparisonCheck>(
301 "cert-exp42-c");
302 // FLP
303 CheckFactories.registerCheck<FloatLoopCounter>("cert-flp30-c");
304 CheckFactories.registerCheck<bugprone::SuspiciousMemoryComparisonCheck>(
305 "cert-flp37-c");
306 // FIO
307 CheckFactories.registerCheck<misc::NonCopyableObjectsCheck>("cert-fio38-c");
308 // INT
309 CheckFactories.registerCheck<readability::EnumInitialValueCheck>(
310 "cert-int09-c");
311 // MSC
312 CheckFactories.registerCheck<bugprone::UnsafeFunctionsCheck>(
313 "cert-msc24-c");
314 CheckFactories.registerCheck<LimitedRandomnessCheck>("cert-msc30-c");
315 CheckFactories.registerCheck<ProperlySeededRandomGeneratorCheck>(
316 "cert-msc32-c");
317 CheckFactories.registerCheck<bugprone::UnsafeFunctionsCheck>(
318 "cert-msc33-c");
319 // POS
320 CheckFactories.registerCheck<bugprone::BadSignalToKillThreadCheck>(
321 "cert-pos44-c");
322 CheckFactories
323 .registerCheck<concurrency::ThreadCanceltypeAsynchronousCheck>(
324 "cert-pos47-c");
325 // SIG
326 CheckFactories.registerCheck<bugprone::SignalHandlerCheck>("cert-sig30-c");
327 // STR
328 CheckFactories.registerCheck<bugprone::SignedCharMisuseCheck>(
329 "cert-str34-c");
330 }
331
332 ClangTidyOptions getModuleOptions() override {
333 ClangTidyOptions Options;
334 ClangTidyOptions::OptionMap &Opts = Options.CheckOptions;
335 Opts["cert-dcl16-c.NewSuffixes"] = "L;LL;LU;LLU";
336 Opts["cert-err33-c.CheckedFunctions"] = CertErr33CCheckedFunctions;
337 Opts["cert-err33-c.AllowCastToVoid"] = "true";
338 Opts["cert-oop54-cpp.WarnOnlyIfThisHasSuspiciousField"] = "false";
339 Opts["cert-str34-c.DiagnoseSignedUnsignedCharComparisons"] = "false";
340 return Options;
341 }
342};
343
344} // namespace cert
345
346// Register the MiscTidyModule using this statically initialized variable.
347static ClangTidyModuleRegistry::Add<cert::CERTModule>
348 X("cert-module",
349 "Adds lint checks corresponding to CERT secure coding guidelines.");
350
351// This anchor is used to force the linker to link in the generated object file
352// and thus register the CERTModule.
353volatile int CERTModuleAnchorSource = 0;
354
355} // namespace clang::tidy
X
int X
Definition: LSPBinderTests.cpp:26
clang::tidy::ClangTidyCheckFactories
A collection of ClangTidyCheckFactory instances.
Definition: ClangTidyModule.h:27
clang::tidy::ClangTidyCheckFactories::registerCheck
void registerCheck(llvm::StringRef CheckName)
Registers the CheckType with the name Name.
Definition: ClangTidyModule.h:58
clang::tidy::ClangTidyModule
A clang-tidy module groups a number of ClangTidyChecks and gives them a prefixed name.
Definition: ClangTidyModule.h:84
clang::tidy::bugprone::BadSignalToKillThreadCheck
Finds pthread_kill function calls when thread is terminated by SIGTERM signal.
Definition: BadSignalToKillThreadCheck.h:21
clang::tidy::bugprone::PointerArithmeticOnPolymorphicObjectCheck
Finds pointer arithmetic performed on classes that contain a virtual function.
Definition: PointerArithmeticOnPolymorphicObjectCheck.h:21
clang::tidy::bugprone::ReservedIdentifierCheck
Checks for usages of identifiers reserved for use by the implementation.
Definition: ReservedIdentifierCheck.h:31
clang::tidy::bugprone::SignalHandlerCheck
Checker for signal handler functions.
Definition: SignalHandlerCheck.h:23
clang::tidy::bugprone::SignedCharMisuseCheck
Finds those signed char -> integer conversions which might indicate a programming error.
Definition: SignedCharMisuseCheck.h:24
clang::tidy::bugprone::SpuriouslyWakeUpFunctionsCheck
Finds cnd_wait, cnd_timedwait, wait, wait_for, or wait_until function calls when the function is not ...
Definition: SpuriouslyWakeUpFunctionsCheck.h:23
clang::tidy::bugprone::SuspiciousMemoryComparisonCheck
Finds potentially incorrect calls to memcmp() based on properties of the arguments.
Definition: SuspiciousMemoryComparisonCheck.h:21
clang::tidy::bugprone::UnhandledSelfAssignmentCheck
Finds user-defined copy assignment operators which do not protect the code against self-assignment ei...
Definition: UnhandledSelfAssignmentCheck.h:22
clang::tidy::bugprone::UnsafeFunctionsCheck
Checks for functions that have safer, more secure replacements available, or are considered deprecate...
Definition: UnsafeFunctionsCheck.h:23
clang::tidy::bugprone::UnusedReturnValueCheck
Detects function calls where the return value is unused.
Definition: UnusedReturnValueCheck.h:21
clang::tidy::cert::CERTModule::addCheckFactories
void addCheckFactories(ClangTidyCheckFactories &CheckFactories) override
Implement this function in order to register all CheckFactories belonging to this module.
Definition: CERTTidyModule.cpp:237
clang::tidy::cert::CERTModule::getModuleOptions
ClangTidyOptions getModuleOptions() override
Gets default options for checks defined in this module.
Definition: CERTTidyModule.cpp:332
clang::tidy::cert::CommandProcessorCheck
Execution of a command processor can lead to security vulnerabilities, and is generally not required.
Definition: CommandProcessorCheck.h:23
clang::tidy::cert::DefaultOperatorNewAlignmentCheck
Checks if an object of type with extended alignment is allocated by using the default operator new.
Definition: DefaultOperatorNewAlignmentCheck.h:21
clang::tidy::cert::DontModifyStdNamespaceCheck
Modification of the std or posix namespace can result in undefined behavior.
Definition: DontModifyStdNamespaceCheck.h:21
clang::tidy::cert::FloatLoopCounter
This check diagnoses when the loop induction expression of a for loop has floating-point type.
Definition: FloatLoopCounter.h:22
clang::tidy::cert::LimitedRandomnessCheck
Pseudorandom number generators are not genuinely random.
Definition: LimitedRandomnessCheck.h:23
clang::tidy::cert::MutatingCopyCheck
Finds assignments to the copied object and its direct or indirect members in copy constructors and co...
Definition: MutatingCopyCheck.h:21
clang::tidy::cert::NonTrivialTypesLibcMemoryCallsCheck
Flags use of the C standard library functions 'memset', 'memcpy' and 'memcmp' and similar derivatives...
Definition: NonTrivialTypesLibcMemoryCallsCheck.h:21
clang::tidy::cert::SetLongJmpCheck
Guards against use of setjmp/longjmp in C++ code.
Definition: SetLongJmpCheck.h:20
clang::tidy::cert::StaticObjectExceptionCheck
Checks whether the constructor for a static or thread_local object will throw.
Definition: StaticObjectExceptionCheck.h:21
clang::tidy::cert::StrToNumCheck
Guards against use of string conversion functions that do not have reasonable error handling for conv...
Definition: StrToNumCheck.h:21
clang::tidy::cert::ThrownExceptionTypeCheck
Checks whether a thrown object is nothrow copy constructible.
Definition: ThrownExceptionTypeCheck.h:20
clang::tidy::cert::VariadicFunctionDefCheck
Guards against any C-style variadic function definitions (not declarations).
Definition: VariadicFunctionDefCheck.h:20
clang::tidy::concurrency::ThreadCanceltypeAsynchronousCheck
Finds pthread_setcanceltype function calls where a thread's cancellation type is set to asynchronous.
Definition: ThreadCanceltypeAsynchronousCheck.h:20
clang::tidy::misc::NonCopyableObjectsCheck
The check flags dereferences and non-pointer declarations of objects that are not meant to be passed ...
Definition: NonCopyableObjects.h:18
clang::tidy::misc::StaticAssertCheck
Replaces assert() with static_assert() if the condition is evaluatable at compile time.
Definition: StaticAssertCheck.h:23
clang::tidy::performance::MoveConstructorInitCheck
The check flags user-defined move constructors that have a ctor-initializer initializing a member or ...
Definition: MoveConstructorInitCheck.h:21
clang::tidy::readability::EnumInitialValueCheck
Enforces consistent style for enumerators' initialization, covering three styles: none,...
Definition: EnumInitialValueCheck.h:21
clang::tidy::readability::UppercaseLiteralSuffixCheck
Detects when the integral literal or floating point literal has non-uppercase suffix,...
Definition: UppercaseLiteralSuffixCheck.h:23
clang::tidy::CERTModuleAnchorSource
volatile int CERTModuleAnchorSource
Definition: CERTTidyModule.cpp:353
clang::tidy::ClangTidyOptions
Contains options for clang-tidy.
Definition: ClangTidyOptions.h:49
clang::tidy::ClangTidyOptions::CheckOptions
OptionMap CheckOptions
Key-value mapping used to store check-specific options.
Definition: ClangTidyOptions.h:129
clang::tidy::ClangTidyOptions::OptionMap
llvm::StringMap< ClangTidyValue > OptionMap
Definition: ClangTidyOptions.h:126
Generated on Thu Jul 25 2024 03:35:50 for clang-tools by doxygen 1.9.6