clang-tools 20.0.0git
CERTTidyModule.cpp
Go to the documentation of this file.
1//===--- CERTTidyModule.cpp - clang-tidy ----------------------------------===//
2//
3// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4// See https://llvm.org/LICENSE.txt for license information.
5// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6//
7//===----------------------------------------------------------------------===//
8
9#include "../ClangTidy.h"
10#include "../ClangTidyModule.h"
11#include "../ClangTidyModuleRegistry.h"
12#include "../bugprone/BadSignalToKillThreadCheck.h"
13#include "../bugprone/PointerArithmeticOnPolymorphicObjectCheck.h"
14#include "../bugprone/ReservedIdentifierCheck.h"
15#include "../bugprone/SignalHandlerCheck.h"
16#include "../bugprone/SignedCharMisuseCheck.h"
17#include "../bugprone/SizeofExpressionCheck.h"
18#include "../bugprone/SpuriouslyWakeUpFunctionsCheck.h"
19#include "../bugprone/SuspiciousMemoryComparisonCheck.h"
20#include "../bugprone/UnhandledSelfAssignmentCheck.h"
21#include "../bugprone/UnsafeFunctionsCheck.h"
22#include "../bugprone/UnusedReturnValueCheck.h"
23#include "../concurrency/ThreadCanceltypeAsynchronousCheck.h"
24#include "../google/UnnamedNamespaceInHeaderCheck.h"
25#include "../misc/NewDeleteOverloadsCheck.h"
26#include "../misc/NonCopyableObjects.h"
27#include "../misc/StaticAssertCheck.h"
28#include "../misc/ThrowByValueCatchByReferenceCheck.h"
29#include "../performance/MoveConstructorInitCheck.h"
30#include "../readability/EnumInitialValueCheck.h"
31#include "../readability/UppercaseLiteralSuffixCheck.h"
35#include "FloatLoopCounter.h"
37#include "MutatingCopyCheck.h"
40#include "SetLongJmpCheck.h"
42#include "StrToNumCheck.h"
45
46namespace {
47
48// Checked functions for cert-err33-c.
49// The following functions are deliberately excluded because they can be called
50// with NULL argument and in this case the check is not applicable:
51// `mblen, mbrlen, mbrtowc, mbtowc, wctomb, wctomb_s`.
52// FIXME: The check can be improved to handle such cases.
53const llvm::StringRef CertErr33CCheckedFunctions = "^::aligned_alloc;"
54 "^::asctime_s;"
55 "^::at_quick_exit;"
56 "^::atexit;"
57 "^::bsearch;"
58 "^::bsearch_s;"
59 "^::btowc;"
60 "^::c16rtomb;"
61 "^::c32rtomb;"
62 "^::calloc;"
63 "^::clock;"
64 "^::cnd_broadcast;"
65 "^::cnd_init;"
66 "^::cnd_signal;"
67 "^::cnd_timedwait;"
68 "^::cnd_wait;"
69 "^::ctime_s;"
70 "^::fclose;"
71 "^::fflush;"
72 "^::fgetc;"
73 "^::fgetpos;"
74 "^::fgets;"
75 "^::fgetwc;"
76 "^::fopen;"
77 "^::fopen_s;"
78 "^::fprintf;"
79 "^::fprintf_s;"
80 "^::fputc;"
81 "^::fputs;"
82 "^::fputwc;"
83 "^::fputws;"
84 "^::fread;"
85 "^::freopen;"
86 "^::freopen_s;"
87 "^::fscanf;"
88 "^::fscanf_s;"
89 "^::fseek;"
90 "^::fsetpos;"
91 "^::ftell;"
92 "^::fwprintf;"
93 "^::fwprintf_s;"
94 "^::fwrite;"
95 "^::fwscanf;"
96 "^::fwscanf_s;"
97 "^::getc;"
98 "^::getchar;"
99 "^::getenv;"
100 "^::getenv_s;"
101 "^::gets_s;"
102 "^::getwc;"
103 "^::getwchar;"
104 "^::gmtime;"
105 "^::gmtime_s;"
106 "^::localtime;"
107 "^::localtime_s;"
108 "^::malloc;"
109 "^::mbrtoc16;"
110 "^::mbrtoc32;"
111 "^::mbsrtowcs;"
112 "^::mbsrtowcs_s;"
113 "^::mbstowcs;"
114 "^::mbstowcs_s;"
115 "^::memchr;"
116 "^::mktime;"
117 "^::mtx_init;"
118 "^::mtx_lock;"
119 "^::mtx_timedlock;"
120 "^::mtx_trylock;"
121 "^::mtx_unlock;"
122 "^::printf_s;"
123 "^::putc;"
124 "^::putwc;"
125 "^::raise;"
126 "^::realloc;"
127 "^::remove;"
128 "^::rename;"
129 "^::scanf;"
130 "^::scanf_s;"
131 "^::setlocale;"
132 "^::setvbuf;"
133 "^::signal;"
134 "^::snprintf;"
135 "^::snprintf_s;"
136 "^::sprintf;"
137 "^::sprintf_s;"
138 "^::sscanf;"
139 "^::sscanf_s;"
140 "^::strchr;"
141 "^::strerror_s;"
142 "^::strftime;"
143 "^::strpbrk;"
144 "^::strrchr;"
145 "^::strstr;"
146 "^::strtod;"
147 "^::strtof;"
148 "^::strtoimax;"
149 "^::strtok;"
150 "^::strtok_s;"
151 "^::strtol;"
152 "^::strtold;"
153 "^::strtoll;"
154 "^::strtoul;"
155 "^::strtoull;"
156 "^::strtoumax;"
157 "^::strxfrm;"
158 "^::swprintf;"
159 "^::swprintf_s;"
160 "^::swscanf;"
161 "^::swscanf_s;"
162 "^::thrd_create;"
163 "^::thrd_detach;"
164 "^::thrd_join;"
165 "^::thrd_sleep;"
166 "^::time;"
167 "^::timespec_get;"
168 "^::tmpfile;"
169 "^::tmpfile_s;"
170 "^::tmpnam;"
171 "^::tmpnam_s;"
172 "^::tss_create;"
173 "^::tss_get;"
174 "^::tss_set;"
175 "^::ungetc;"
176 "^::ungetwc;"
177 "^::vfprintf;"
178 "^::vfprintf_s;"
179 "^::vfscanf;"
180 "^::vfscanf_s;"
181 "^::vfwprintf;"
182 "^::vfwprintf_s;"
183 "^::vfwscanf;"
184 "^::vfwscanf_s;"
185 "^::vprintf_s;"
186 "^::vscanf;"
187 "^::vscanf_s;"
188 "^::vsnprintf;"
189 "^::vsnprintf_s;"
190 "^::vsprintf;"
191 "^::vsprintf_s;"
192 "^::vsscanf;"
193 "^::vsscanf_s;"
194 "^::vswprintf;"
195 "^::vswprintf_s;"
196 "^::vswscanf;"
197 "^::vswscanf_s;"
198 "^::vwprintf_s;"
199 "^::vwscanf;"
200 "^::vwscanf_s;"
201 "^::wcrtomb;"
202 "^::wcschr;"
203 "^::wcsftime;"
204 "^::wcspbrk;"
205 "^::wcsrchr;"
206 "^::wcsrtombs;"
207 "^::wcsrtombs_s;"
208 "^::wcsstr;"
209 "^::wcstod;"
210 "^::wcstof;"
211 "^::wcstoimax;"
212 "^::wcstok;"
213 "^::wcstok_s;"
214 "^::wcstol;"
215 "^::wcstold;"
216 "^::wcstoll;"
217 "^::wcstombs;"
218 "^::wcstombs_s;"
219 "^::wcstoul;"
220 "^::wcstoull;"
221 "^::wcstoumax;"
222 "^::wcsxfrm;"
223 "^::wctob;"
224 "^::wctrans;"
225 "^::wctype;"
226 "^::wmemchr;"
227 "^::wprintf_s;"
228 "^::wscanf;"
229 "^::wscanf_s;";
230
231} // namespace
232
233namespace clang::tidy {
234namespace cert {
235
237public:
238 void addCheckFactories(ClangTidyCheckFactories &CheckFactories) override {
239 // C++ checkers
240 // CON
242 "cert-con54-cpp");
243 // CTR
244 CheckFactories
246 "cert-ctr56-cpp");
247 // DCL
248 CheckFactories.registerCheck<VariadicFunctionDefCheck>("cert-dcl50-cpp");
250 "cert-dcl51-cpp");
252 "cert-dcl54-cpp");
254 "cert-dcl58-cpp");
256 "cert-dcl59-cpp");
257 // ERR
259 "cert-err09-cpp");
260 CheckFactories.registerCheck<SetLongJmpCheck>("cert-err52-cpp");
261 CheckFactories.registerCheck<StaticObjectExceptionCheck>("cert-err58-cpp");
262 CheckFactories.registerCheck<ThrownExceptionTypeCheck>("cert-err60-cpp");
264 "cert-err61-cpp");
265 // MEM
267 "cert-mem57-cpp");
268 // MSC
269 CheckFactories.registerCheck<LimitedRandomnessCheck>("cert-msc50-cpp");
271 "cert-msc51-cpp");
273 "cert-msc54-cpp");
274 // OOP
276 "cert-oop11-cpp");
278 "cert-oop54-cpp");
280 "cert-oop57-cpp");
281 CheckFactories.registerCheck<MutatingCopyCheck>(
282 "cert-oop58-cpp");
283
284 // C checkers
285 // ARR
287 "cert-arr39-c");
288 // CON
290 "cert-con36-c");
291 // DCL
292 CheckFactories.registerCheck<misc::StaticAssertCheck>("cert-dcl03-c");
294 "cert-dcl16-c");
296 "cert-dcl37-c");
297 // ENV
298 CheckFactories.registerCheck<CommandProcessorCheck>("cert-env33-c");
299 // ERR
301 "cert-err33-c");
302 CheckFactories.registerCheck<StrToNumCheck>("cert-err34-c");
303 // EXP
305 "cert-exp42-c");
306 // FLP
307 CheckFactories.registerCheck<FloatLoopCounter>("cert-flp30-c");
309 "cert-flp37-c");
310 // FIO
311 CheckFactories.registerCheck<misc::NonCopyableObjectsCheck>("cert-fio38-c");
312 // INT
314 "cert-int09-c");
315 // MSC
317 "cert-msc24-c");
318 CheckFactories.registerCheck<LimitedRandomnessCheck>("cert-msc30-c");
320 "cert-msc32-c");
322 "cert-msc33-c");
323 // POS
325 "cert-pos44-c");
326 CheckFactories
328 "cert-pos47-c");
329 // SIG
330 CheckFactories.registerCheck<bugprone::SignalHandlerCheck>("cert-sig30-c");
331 // STR
333 "cert-str34-c");
334 }
335
337 ClangTidyOptions Options;
339 Opts["cert-arr39-c.WarnOnSizeOfConstant"] = "false";
340 Opts["cert-arr39-c.WarnOnSizeOfIntegerExpression"] = "false";
341 Opts["cert-arr39-c.WarnOnSizeOfThis"] = "false";
342 Opts["cert-arr39-c.WarnOnSizeOfCompareToConstant"] = "false";
343 Opts["cert-arr39-c.WarnOnSizeOfPointer"] = "false";
344 Opts["cert-arr39-c.WarnOnSizeOfPointerToAggregate"] = "false";
345 Opts["cert-dcl16-c.NewSuffixes"] = "L;LL;LU;LLU";
346 Opts["cert-err33-c.CheckedFunctions"] = CertErr33CCheckedFunctions;
347 Opts["cert-err33-c.AllowCastToVoid"] = "true";
348 Opts["cert-oop54-cpp.WarnOnlyIfThisHasSuspiciousField"] = "false";
349 Opts["cert-str34-c.DiagnoseSignedUnsignedCharComparisons"] = "false";
350 return Options;
351 }
352};
353
354} // namespace cert
355
356// Register the MiscTidyModule using this statically initialized variable.
357static ClangTidyModuleRegistry::Add<cert::CERTModule>
358 X("cert-module",
359 "Adds lint checks corresponding to CERT secure coding guidelines.");
360
361// This anchor is used to force the linker to link in the generated object file
362// and thus register the CERTModule.
363volatile int CERTModuleAnchorSource = 0;
364
365} // namespace clang::tidy
int X
A collection of ClangTidyCheckFactory instances.
void registerCheck(llvm::StringRef CheckName)
Registers the CheckType with the name Name.
A clang-tidy module groups a number of ClangTidyChecks and gives them a prefixed name.
Finds pthread_kill function calls when thread is terminated by SIGTERM signal.
Finds pointer arithmetic performed on classes that contain a virtual function.
Checks for usages of identifiers reserved for use by the implementation.
Checker for signal handler functions.
Finds those signed char -> integer conversions which might indicate a programming error.
Find suspicious usages of sizeof expressions.
Finds cnd_wait, cnd_timedwait, wait, wait_for, or wait_until function calls when the function is not ...
Finds potentially incorrect calls to memcmp() based on properties of the arguments.
Finds user-defined copy assignment operators which do not protect the code against self-assignment ei...
Checks for functions that have safer, more secure replacements available, or are considered deprecate...
Detects function calls where the return value is unused.
void addCheckFactories(ClangTidyCheckFactories &CheckFactories) override
Implement this function in order to register all CheckFactories belonging to this module.
ClangTidyOptions getModuleOptions() override
Gets default options for checks defined in this module.
Execution of a command processor can lead to security vulnerabilities, and is generally not required.
Checks if an object of type with extended alignment is allocated by using the default operator new.
Modification of the std or posix namespace can result in undefined behavior.
This check diagnoses when the loop induction expression of a for loop has floating-point type.
Pseudorandom number generators are not genuinely random.
Finds assignments to the copied object and its direct or indirect members in copy constructors and co...
Flags use of the C standard library functions 'memset', 'memcpy' and 'memcmp' and similar derivatives...
Guards against use of setjmp/longjmp in C++ code.
Checks whether the constructor for a static or thread_local object will throw.
Guards against use of string conversion functions that do not have reasonable error handling for conv...
Definition: StrToNumCheck.h:21
Checks whether a thrown object is nothrow copy constructible.
Guards against any C-style variadic function definitions (not declarations).
Finds pthread_setcanceltype function calls where a thread's cancellation type is set to asynchronous.
The check flags dereferences and non-pointer declarations of objects that are not meant to be passed ...
Replaces assert() with static_assert() if the condition is evaluatable at compile time.
The check flags user-defined move constructors that have a ctor-initializer initializing a member or ...
Enforces consistent style for enumerators' initialization, covering three styles: none,...
Detects when the integral literal or floating point literal has non-uppercase suffix,...
volatile int CERTModuleAnchorSource
Contains options for clang-tidy.
OptionMap CheckOptions
Key-value mapping used to store check-specific options.
llvm::StringMap< ClangTidyValue > OptionMap