clang-tools 23.0.0git
CERTTidyModule.cpp
Go to the documentation of this file.
1//===----------------------------------------------------------------------===//
2//
3// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4// See https://llvm.org/LICENSE.txt for license information.
5// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6//
7//===----------------------------------------------------------------------===//
8
9#include "../ClangTidy.h"
10#include "../ClangTidyModule.h"
11#include "../bugprone/BadSignalToKillThreadCheck.h"
12#include "../bugprone/CommandProcessorCheck.h"
13#include "../bugprone/CopyConstructorMutatesArgumentCheck.h"
14#include "../bugprone/DefaultOperatorNewOnOveralignedTypeCheck.h"
15#include "../bugprone/ExceptionCopyConstructorThrowsCheck.h"
16#include "../bugprone/FloatLoopCounterCheck.h"
17#include "../bugprone/PointerArithmeticOnPolymorphicObjectCheck.h"
18#include "../bugprone/RandomGeneratorSeedCheck.h"
19#include "../bugprone/RawMemoryCallOnNonTrivialTypeCheck.h"
20#include "../bugprone/ReservedIdentifierCheck.h"
21#include "../bugprone/SignalHandlerCheck.h"
22#include "../bugprone/SignedCharMisuseCheck.h"
23#include "../bugprone/SizeofExpressionCheck.h"
24#include "../bugprone/SpuriouslyWakeUpFunctionsCheck.h"
25#include "../bugprone/StdNamespaceModificationCheck.h"
26#include "../bugprone/SuspiciousMemoryComparisonCheck.h"
27#include "../bugprone/ThrowingStaticInitializationCheck.h"
28#include "../bugprone/UncheckedStringToNumberConversionCheck.h"
29#include "../bugprone/UnhandledSelfAssignmentCheck.h"
30#include "../bugprone/UnsafeFunctionsCheck.h"
31#include "../bugprone/UnusedReturnValueCheck.h"
32#include "../concurrency/ThreadCanceltypeAsynchronousCheck.h"
33#include "../misc/AnonymousNamespaceInHeaderCheck.h"
34#include "../misc/NewDeleteOverloadsCheck.h"
35#include "../misc/NonCopyableObjectsCheck.h"
36#include "../misc/PredictableRandCheck.h"
37#include "../misc/StaticAssertCheck.h"
38#include "../misc/ThrowByValueCatchByReferenceCheck.h"
39#include "../modernize/AvoidSetjmpLongjmpCheck.h"
40#include "../modernize/AvoidVariadicFunctionsCheck.h"
41#include "../performance/MoveConstructorInitCheck.h"
42#include "../readability/EnumInitialValueCheck.h"
43#include "../readability/UppercaseLiteralSuffixCheck.h"
44
45namespace clang::tidy {
46
47// Checked functions for cert-err33-c.
48// The following functions are deliberately excluded because they can be
49// called with NULL argument and in this case the check is not applicable:
50// `mblen, mbrlen, mbrtowc, mbtowc, wctomb, wctomb_s`.
51// FIXME: The check can be improved to handle such cases.
52static constexpr StringRef CertErr33CCheckedFunctions = "^::aligned_alloc$;"
53 "^::asctime_s$;"
54 "^::at_quick_exit$;"
55 "^::atexit$;"
56 "^::bsearch$;"
57 "^::bsearch_s$;"
58 "^::btowc$;"
59 "^::c16rtomb$;"
60 "^::c32rtomb$;"
61 "^::calloc$;"
62 "^::clock$;"
63 "^::cnd_broadcast$;"
64 "^::cnd_init$;"
65 "^::cnd_signal$;"
66 "^::cnd_timedwait$;"
67 "^::cnd_wait$;"
68 "^::ctime_s$;"
69 "^::fclose$;"
70 "^::fflush$;"
71 "^::fgetc$;"
72 "^::fgetpos$;"
73 "^::fgets$;"
74 "^::fgetwc$;"
75 "^::fopen$;"
76 "^::fopen_s$;"
77 "^::fprintf$;"
78 "^::fprintf_s$;"
79 "^::fputc$;"
80 "^::fputs$;"
81 "^::fputwc$;"
82 "^::fputws$;"
83 "^::fread$;"
84 "^::freopen$;"
85 "^::freopen_s$;"
86 "^::fscanf$;"
87 "^::fscanf_s$;"
88 "^::fseek$;"
89 "^::fsetpos$;"
90 "^::ftell$;"
91 "^::fwprintf$;"
92 "^::fwprintf_s$;"
93 "^::fwrite$;"
94 "^::fwscanf$;"
95 "^::fwscanf_s$;"
96 "^::getc$;"
97 "^::getchar$;"
98 "^::getenv$;"
99 "^::getenv_s$;"
100 "^::gets_s$;"
101 "^::getwc$;"
102 "^::getwchar$;"
103 "^::gmtime$;"
104 "^::gmtime_s$;"
105 "^::localtime$;"
106 "^::localtime_s$;"
107 "^::malloc$;"
108 "^::mbrtoc16$;"
109 "^::mbrtoc32$;"
110 "^::mbsrtowcs$;"
111 "^::mbsrtowcs_s$;"
112 "^::mbstowcs$;"
113 "^::mbstowcs_s$;"
114 "^::memchr$;"
115 "^::mktime$;"
116 "^::mtx_init$;"
117 "^::mtx_lock$;"
118 "^::mtx_timedlock$;"
119 "^::mtx_trylock$;"
120 "^::mtx_unlock$;"
121 "^::printf_s$;"
122 "^::putc$;"
123 "^::putwc$;"
124 "^::raise$;"
125 "^::realloc$;"
126 "^::remove$;"
127 "^::rename$;"
128 "^::scanf$;"
129 "^::scanf_s$;"
130 "^::setlocale$;"
131 "^::setvbuf$;"
132 "^::signal$;"
133 "^::snprintf$;"
134 "^::snprintf_s$;"
135 "^::sprintf$;"
136 "^::sprintf_s$;"
137 "^::sscanf$;"
138 "^::sscanf_s$;"
139 "^::strchr$;"
140 "^::strerror_s$;"
141 "^::strftime$;"
142 "^::strpbrk$;"
143 "^::strrchr$;"
144 "^::strstr$;"
145 "^::strtod$;"
146 "^::strtof$;"
147 "^::strtoimax$;"
148 "^::strtok$;"
149 "^::strtok_s$;"
150 "^::strtol$;"
151 "^::strtold$;"
152 "^::strtoll$;"
153 "^::strtoul$;"
154 "^::strtoull$;"
155 "^::strtoumax$;"
156 "^::strxfrm$;"
157 "^::swprintf$;"
158 "^::swprintf_s$;"
159 "^::swscanf$;"
160 "^::swscanf_s$;"
161 "^::thrd_create$;"
162 "^::thrd_detach$;"
163 "^::thrd_join$;"
164 "^::thrd_sleep$;"
165 "^::time$;"
166 "^::timespec_get$;"
167 "^::tmpfile$;"
168 "^::tmpfile_s$;"
169 "^::tmpnam$;"
170 "^::tmpnam_s$;"
171 "^::tss_create$;"
172 "^::tss_get$;"
173 "^::tss_set$;"
174 "^::ungetc$;"
175 "^::ungetwc$;"
176 "^::vfprintf$;"
177 "^::vfprintf_s$;"
178 "^::vfscanf$;"
179 "^::vfscanf_s$;"
180 "^::vfwprintf$;"
181 "^::vfwprintf_s$;"
182 "^::vfwscanf$;"
183 "^::vfwscanf_s$;"
184 "^::vprintf_s$;"
185 "^::vscanf$;"
186 "^::vscanf_s$;"
187 "^::vsnprintf$;"
188 "^::vsnprintf_s$;"
189 "^::vsprintf$;"
190 "^::vsprintf_s$;"
191 "^::vsscanf$;"
192 "^::vsscanf_s$;"
193 "^::vswprintf$;"
194 "^::vswprintf_s$;"
195 "^::vswscanf$;"
196 "^::vswscanf_s$;"
197 "^::vwprintf_s$;"
198 "^::vwscanf$;"
199 "^::vwscanf_s$;"
200 "^::wcrtomb$;"
201 "^::wcschr$;"
202 "^::wcsftime$;"
203 "^::wcspbrk$;"
204 "^::wcsrchr$;"
205 "^::wcsrtombs$;"
206 "^::wcsrtombs_s$;"
207 "^::wcsstr$;"
208 "^::wcstod$;"
209 "^::wcstof$;"
210 "^::wcstoimax$;"
211 "^::wcstok$;"
212 "^::wcstok_s$;"
213 "^::wcstol$;"
214 "^::wcstold$;"
215 "^::wcstoll$;"
216 "^::wcstombs$;"
217 "^::wcstombs_s$;"
218 "^::wcstoul$;"
219 "^::wcstoull$;"
220 "^::wcstoumax$;"
221 "^::wcsxfrm$;"
222 "^::wctob$;"
223 "^::wctrans$;"
224 "^::wctype$;"
225 "^::wmemchr$;"
226 "^::wprintf_s$;"
227 "^::wscanf$;"
228 "^::wscanf_s$;";
229
230namespace cert {
231namespace {
232
233class CERTModule : public ClangTidyModule {
234public:
235 void addCheckFactories(ClangTidyCheckFactories &CheckFactories) override {
236 // C++ checkers
237 // CON
238 CheckFactories.registerCheck<bugprone::SpuriouslyWakeUpFunctionsCheck>(
239 "cert-con54-cpp");
240 // CTR
241 CheckFactories
242 .registerCheck<bugprone::PointerArithmeticOnPolymorphicObjectCheck>(
243 "cert-ctr56-cpp");
244 // DCL
245 CheckFactories.registerCheck<modernize::AvoidVariadicFunctionsCheck>(
246 "cert-dcl50-cpp");
247 CheckFactories.registerCheck<bugprone::ReservedIdentifierCheck>(
248 "cert-dcl51-cpp");
249 CheckFactories.registerCheck<misc::NewDeleteOverloadsCheck>(
250 "cert-dcl54-cpp");
251 CheckFactories.registerCheck<bugprone::StdNamespaceModificationCheck>(
252 "cert-dcl58-cpp");
253 CheckFactories.registerCheck<misc::AnonymousNamespaceInHeaderCheck>(
254 "cert-dcl59-cpp");
255 // ERR
256 CheckFactories.registerCheck<misc::ThrowByValueCatchByReferenceCheck>(
257 "cert-err09-cpp");
258 CheckFactories.registerCheck<modernize::AvoidSetjmpLongjmpCheck>(
259 "cert-err52-cpp");
260 CheckFactories.registerCheck<bugprone::ThrowingStaticInitializationCheck>(
261 "cert-err58-cpp");
262 CheckFactories.registerCheck<bugprone::ExceptionCopyConstructorThrowsCheck>(
263 "cert-err60-cpp");
264 CheckFactories.registerCheck<misc::ThrowByValueCatchByReferenceCheck>(
265 "cert-err61-cpp");
266 // MEM
267 CheckFactories
268 .registerCheck<bugprone::DefaultOperatorNewOnOveralignedTypeCheck>(
269 "cert-mem57-cpp");
270 // MSC
271 CheckFactories.registerCheck<misc::PredictableRandCheck>("cert-msc50-cpp");
272 CheckFactories.registerCheck<bugprone::RandomGeneratorSeedCheck>(
273 "cert-msc51-cpp");
274 CheckFactories.registerCheck<bugprone::SignalHandlerCheck>(
275 "cert-msc54-cpp");
276 // OOP
277 CheckFactories.registerCheck<performance::MoveConstructorInitCheck>(
278 "cert-oop11-cpp");
279 CheckFactories.registerCheck<bugprone::UnhandledSelfAssignmentCheck>(
280 "cert-oop54-cpp");
281 CheckFactories.registerCheck<bugprone::RawMemoryCallOnNonTrivialTypeCheck>(
282 "cert-oop57-cpp");
283 CheckFactories.registerCheck<bugprone::CopyConstructorMutatesArgumentCheck>(
284 "cert-oop58-cpp");
285
286 // C checkers
287 // ARR
288 CheckFactories.registerCheck<bugprone::SizeofExpressionCheck>(
289 "cert-arr39-c");
290 // CON
291 CheckFactories.registerCheck<bugprone::SpuriouslyWakeUpFunctionsCheck>(
292 "cert-con36-c");
293 // DCL
294 CheckFactories.registerCheck<misc::StaticAssertCheck>("cert-dcl03-c");
295 CheckFactories.registerCheck<readability::UppercaseLiteralSuffixCheck>(
296 "cert-dcl16-c");
297 CheckFactories.registerCheck<bugprone::ReservedIdentifierCheck>(
298 "cert-dcl37-c");
299 // ENV
300 CheckFactories.registerCheck<bugprone::CommandProcessorCheck>(
301 "cert-env33-c");
302 // ERR
303 CheckFactories.registerCheck<bugprone::UnusedReturnValueCheck>(
304 "cert-err33-c");
305 CheckFactories
306 .registerCheck<bugprone::UncheckedStringToNumberConversionCheck>(
307 "cert-err34-c");
308 // EXP
309 CheckFactories.registerCheck<bugprone::SuspiciousMemoryComparisonCheck>(
310 "cert-exp42-c");
311 // FLP
312 CheckFactories.registerCheck<bugprone::FloatLoopCounterCheck>(
313 "cert-flp30-c");
314 CheckFactories.registerCheck<bugprone::SuspiciousMemoryComparisonCheck>(
315 "cert-flp37-c");
316 // FIO
317 CheckFactories.registerCheck<misc::NonCopyableObjectsCheck>("cert-fio38-c");
318 // INT
319 CheckFactories.registerCheck<readability::EnumInitialValueCheck>(
320 "cert-int09-c");
321 // MSC
322 CheckFactories.registerCheck<bugprone::UnsafeFunctionsCheck>(
323 "cert-msc24-c");
324 CheckFactories.registerCheck<misc::PredictableRandCheck>("cert-msc30-c");
325 CheckFactories.registerCheck<bugprone::RandomGeneratorSeedCheck>(
326 "cert-msc32-c");
327 CheckFactories.registerCheck<bugprone::UnsafeFunctionsCheck>(
328 "cert-msc33-c");
329 // POS
330 CheckFactories.registerCheck<bugprone::BadSignalToKillThreadCheck>(
331 "cert-pos44-c");
332 CheckFactories
333 .registerCheck<concurrency::ThreadCanceltypeAsynchronousCheck>(
334 "cert-pos47-c");
335 // SIG
336 CheckFactories.registerCheck<bugprone::SignalHandlerCheck>("cert-sig30-c");
337 // STR
338 CheckFactories.registerCheck<bugprone::SignedCharMisuseCheck>(
339 "cert-str34-c");
340 }
341
342 ClangTidyOptions getModuleOptions() override {
343 ClangTidyOptions Options;
344 ClangTidyOptions::OptionMap &Opts = Options.CheckOptions;
345 Opts["cert-arr39-c.WarnOnSizeOfConstant"] = "false";
346 Opts["cert-arr39-c.WarnOnSizeOfIntegerExpression"] = "false";
347 Opts["cert-arr39-c.WarnOnSizeOfThis"] = "false";
348 Opts["cert-arr39-c.WarnOnSizeOfCompareToConstant"] = "false";
349 Opts["cert-arr39-c.WarnOnSizeOfPointer"] = "false";
350 Opts["cert-arr39-c.WarnOnSizeOfPointerToAggregate"] = "false";
351 Opts["cert-dcl16-c.NewSuffixes"] = "L;LL;LU;LLU";
352 Opts["cert-err33-c.CheckedFunctions"] = CertErr33CCheckedFunctions;
353 Opts["cert-err33-c.AllowCastToVoid"] = "true";
354 Opts["cert-oop54-cpp.WarnOnlyIfThisHasSuspiciousField"] = "false";
355 Opts["cert-str34-c.DiagnoseSignedUnsignedCharComparisons"] = "false";
356 return Options;
357 }
358};
359
360} // namespace
361} // namespace cert
362
363// Register the MiscTidyModule using this statically initialized variable.
364static ClangTidyModuleRegistry::Add<cert::CERTModule>
365 X("cert-module",
366 "Adds lint checks corresponding to CERT secure coding guidelines.");
367
368// This anchor is used to force the linker to link in the generated object file
369// and thus register the CERTModule.
370volatile int CERTModuleAnchorSource = 0; // NOLINT(misc-use-internal-linkage)
371
372} // namespace clang::tidy
clang::tidy::ClangTidyCheckFactories
A collection of ClangTidyCheckFactory instances.
Definition ClangTidyModule.h:28
clang::tidy::ClangTidyCheckFactories::registerCheck
void registerCheck(StringRef CheckName)
Registers the CheckType with the name Name.
Definition ClangTidyModule.h:59
clang::tidy::ClangTidyModule
A clang-tidy module groups a number of ClangTidyChecks and gives them a prefixed name.
Definition ClangTidyModule.h:87
clang::tidy::bugprone::BadSignalToKillThreadCheck
Finds pthread_kill function calls when thread is terminated by / SIGTERM signal.
Definition BadSignalToKillThreadCheck.h:21
clang::tidy::bugprone::CommandProcessorCheck
Execution of a command processor can lead to security vulnerabilities, and is generally not required.
Definition CommandProcessorCheck.h:23
clang::tidy::bugprone::CopyConstructorMutatesArgumentCheck
Finds assignments to the copied object and its direct or indirect members in copy constructors and co...
Definition CopyConstructorMutatesArgumentCheck.h:21
clang::tidy::bugprone::DefaultOperatorNewOnOveralignedTypeCheck
Checks if an object of type with extended alignment is allocated by using the default operator new.
Definition DefaultOperatorNewOnOveralignedTypeCheck.h:21
clang::tidy::bugprone::ExceptionCopyConstructorThrowsCheck
Checks whether a thrown object is nothrow copy constructible.
Definition ExceptionCopyConstructorThrowsCheck.h:20
clang::tidy::bugprone::FloatLoopCounterCheck
This check diagnoses when the loop induction expression of a for loop has floating-point type.
Definition FloatLoopCounterCheck.h:22
clang::tidy::bugprone::PointerArithmeticOnPolymorphicObjectCheck
Finds pointer arithmetic performed on classes that contain a virtual function.
Definition PointerArithmeticOnPolymorphicObjectCheck.h:21
clang::tidy::bugprone::RandomGeneratorSeedCheck
Random number generator must be seeded properly.
Definition RandomGeneratorSeedCheck.h:24
clang::tidy::bugprone::RawMemoryCallOnNonTrivialTypeCheck
Flags use of the C standard library functions 'memset', 'memcpy' and 'memcmp' and similar derivatives...
Definition RawMemoryCallOnNonTrivialTypeCheck.h:21
clang::tidy::bugprone::ReservedIdentifierCheck
Checks for usages of identifiers reserved for use by the implementation.
Definition ReservedIdentifierCheck.h:31
clang::tidy::bugprone::SignalHandlerCheck
Checker for signal handler functions.
Definition SignalHandlerCheck.h:23
clang::tidy::bugprone::SignedCharMisuseCheck
Finds those signed char -> integer conversions which might indicate a / programming error.
Definition SignedCharMisuseCheck.h:24
clang::tidy::bugprone::SizeofExpressionCheck
Find suspicious usages of sizeof expressions.
Definition SizeofExpressionCheck.h:20
clang::tidy::bugprone::SpuriouslyWakeUpFunctionsCheck
Finds cnd_wait, cnd_timedwait, wait, wait_for, or / wait_until function calls when the function is no...
Definition SpuriouslyWakeUpFunctionsCheck.h:23
clang::tidy::bugprone::StdNamespaceModificationCheck
Modification of the std or posix namespace can result in undefined behavior.
Definition StdNamespaceModificationCheck.h:21
clang::tidy::bugprone::SuspiciousMemoryComparisonCheck
Finds potentially incorrect calls to memcmp() based on properties of the arguments.
Definition SuspiciousMemoryComparisonCheck.h:21
clang::tidy::bugprone::ThrowingStaticInitializationCheck
Checks whether the constructor for a static or thread_local object will throw.
Definition ThrowingStaticInitializationCheck.h:21
clang::tidy::bugprone::UncheckedStringToNumberConversionCheck
Guards against use of string conversion functions that do not have reasonable error handling for conv...
Definition UncheckedStringToNumberConversionCheck.h:21
clang::tidy::bugprone::UnhandledSelfAssignmentCheck
Finds user-defined copy assignment operators which do not protect the code against self-assignment ei...
Definition UnhandledSelfAssignmentCheck.h:22
clang::tidy::bugprone::UnsafeFunctionsCheck
Checks for functions that have safer, more secure replacements available, or are considered deprecate...
Definition UnsafeFunctionsCheck.h:24
clang::tidy::bugprone::UnusedReturnValueCheck
Detects function calls where the return value is unused.
Definition UnusedReturnValueCheck.h:21
clang::tidy::concurrency::ThreadCanceltypeAsynchronousCheck
Finds pthread_setcanceltype function calls where a thread's cancellation type is set to asynchronous.
Definition ThreadCanceltypeAsynchronousCheck.h:20
clang::tidy::misc::NonCopyableObjectsCheck
Flags dereferences and non-pointer declarations of objects that are not meant to be passed by value,...
Definition NonCopyableObjectsCheck.h:21
clang::tidy::misc::PredictableRandCheck
Pseudorandom number generators are not genuinely random.
Definition PredictableRandCheck.h:23
clang::tidy::misc::StaticAssertCheck
Replaces assert() with static_assert() if the condition is evaluatable at compile time.
Definition StaticAssertCheck.h:23
clang::tidy::modernize::AvoidSetjmpLongjmpCheck
Guards against use of setjmp/longjmp in C++ code.
Definition AvoidSetjmpLongjmpCheck.h:20
clang::tidy::modernize::AvoidVariadicFunctionsCheck
Find all function definitions of C-style variadic functions.
Definition AvoidVariadicFunctionsCheck.h:20
clang::tidy::performance::MoveConstructorInitCheck
The check flags user-defined move constructors that have a ctor-initializer initializing a member or ...
Definition MoveConstructorInitCheck.h:21
clang::tidy::readability::EnumInitialValueCheck
Enforces consistent style for enumerators' initialization, covering three styles: none,...
Definition EnumInitialValueCheck.h:21
clang::tidy::readability::UppercaseLiteralSuffixCheck
Detects when the integral literal or floating point literal has non-uppercase suffix,...
Definition UppercaseLiteralSuffixCheck.h:22
clang::tidy::CertErr33CCheckedFunctions
static constexpr StringRef CertErr33CCheckedFunctions
Definition CERTTidyModule.cpp:52
clang::tidy::X
static ClangTidyModuleRegistry::Add< altera::AlteraModule > X("altera-module", "Adds Altera FPGA OpenCL lint checks.")
clang::tidy::CERTModuleAnchorSource
volatile int CERTModuleAnchorSource
Definition CERTTidyModule.cpp:370
clang::tidy::ClangTidyOptions
Contains options for clang-tidy.
Definition ClangTidyOptions.h:51
clang::tidy::ClangTidyOptions::CheckOptions
OptionMap CheckOptions
Key-value mapping used to store check-specific options.
Definition ClangTidyOptions.h:131
clang::tidy::ClangTidyOptions::OptionMap
llvm::StringMap< ClangTidyValue > OptionMap
Definition ClangTidyOptions.h:128
Generated on for clang-tools by doxygen 1.14.0