clang-tools 18.0.0git
CERTTidyModule.cpp
Go to the documentation of this file.
1//===--- CERTTidyModule.cpp - clang-tidy ----------------------------------===//
2//
3// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4// See https://llvm.org/LICENSE.txt for license information.
5// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6//
7//===----------------------------------------------------------------------===//
8
9#include "../ClangTidy.h"
10#include "../ClangTidyModule.h"
11#include "../ClangTidyModuleRegistry.h"
12#include "../bugprone/BadSignalToKillThreadCheck.h"
13#include "../bugprone/ReservedIdentifierCheck.h"
14#include "../bugprone/SignalHandlerCheck.h"
15#include "../bugprone/SignedCharMisuseCheck.h"
16#include "../bugprone/SpuriouslyWakeUpFunctionsCheck.h"
17#include "../bugprone/SuspiciousMemoryComparisonCheck.h"
18#include "../bugprone/UnhandledSelfAssignmentCheck.h"
19#include "../bugprone/UnsafeFunctionsCheck.h"
20#include "../bugprone/UnusedReturnValueCheck.h"
21#include "../concurrency/ThreadCanceltypeAsynchronousCheck.h"
22#include "../google/UnnamedNamespaceInHeaderCheck.h"
23#include "../misc/NewDeleteOverloadsCheck.h"
24#include "../misc/NonCopyableObjects.h"
25#include "../misc/StaticAssertCheck.h"
26#include "../misc/ThrowByValueCatchByReferenceCheck.h"
27#include "../performance/MoveConstructorInitCheck.h"
28#include "../readability/UppercaseLiteralSuffixCheck.h"
32#include "FloatLoopCounter.h"
34#include "MutatingCopyCheck.h"
38#include "SetLongJmpCheck.h"
40#include "StrToNumCheck.h"
43
44namespace {
45
46// Checked functions for cert-err33-c.
47// The following functions are deliberately excluded because they can be called
48// with NULL argument and in this case the check is not applicable:
49// `mblen, mbrlen, mbrtowc, mbtowc, wctomb, wctomb_s`.
50// FIXME: The check can be improved to handle such cases.
51const llvm::StringRef CertErr33CCheckedFunctions = "::aligned_alloc;"
52 "::asctime_s;"
53 "::at_quick_exit;"
54 "::atexit;"
55 "::bsearch;"
56 "::bsearch_s;"
57 "::btowc;"
58 "::c16rtomb;"
59 "::c32rtomb;"
60 "::calloc;"
61 "::clock;"
62 "::cnd_broadcast;"
63 "::cnd_init;"
64 "::cnd_signal;"
65 "::cnd_timedwait;"
66 "::cnd_wait;"
67 "::ctime_s;"
68 "::fclose;"
69 "::fflush;"
70 "::fgetc;"
71 "::fgetpos;"
72 "::fgets;"
73 "::fgetwc;"
74 "::fopen;"
75 "::fopen_s;"
76 "::fprintf;"
77 "::fprintf_s;"
78 "::fputc;"
79 "::fputs;"
80 "::fputwc;"
81 "::fputws;"
82 "::fread;"
83 "::freopen;"
84 "::freopen_s;"
85 "::fscanf;"
86 "::fscanf_s;"
87 "::fseek;"
88 "::fsetpos;"
89 "::ftell;"
90 "::fwprintf;"
91 "::fwprintf_s;"
92 "::fwrite;"
93 "::fwscanf;"
94 "::fwscanf_s;"
95 "::getc;"
96 "::getchar;"
97 "::getenv;"
98 "::getenv_s;"
99 "::gets_s;"
100 "::getwc;"
101 "::getwchar;"
102 "::gmtime;"
103 "::gmtime_s;"
104 "::localtime;"
105 "::localtime_s;"
106 "::malloc;"
107 "::mbrtoc16;"
108 "::mbrtoc32;"
109 "::mbsrtowcs;"
110 "::mbsrtowcs_s;"
111 "::mbstowcs;"
112 "::mbstowcs_s;"
113 "::memchr;"
114 "::mktime;"
115 "::mtx_init;"
116 "::mtx_lock;"
117 "::mtx_timedlock;"
118 "::mtx_trylock;"
119 "::mtx_unlock;"
120 "::printf_s;"
121 "::putc;"
122 "::putwc;"
123 "::raise;"
124 "::realloc;"
125 "::remove;"
126 "::rename;"
127 "::scanf;"
128 "::scanf_s;"
129 "::setlocale;"
130 "::setvbuf;"
131 "::signal;"
132 "::snprintf;"
133 "::snprintf_s;"
134 "::sprintf;"
135 "::sprintf_s;"
136 "::sscanf;"
137 "::sscanf_s;"
138 "::strchr;"
139 "::strerror_s;"
140 "::strftime;"
141 "::strpbrk;"
142 "::strrchr;"
143 "::strstr;"
144 "::strtod;"
145 "::strtof;"
146 "::strtoimax;"
147 "::strtok;"
148 "::strtok_s;"
149 "::strtol;"
150 "::strtold;"
151 "::strtoll;"
152 "::strtoul;"
153 "::strtoull;"
154 "::strtoumax;"
155 "::strxfrm;"
156 "::swprintf;"
157 "::swprintf_s;"
158 "::swscanf;"
159 "::swscanf_s;"
160 "::thrd_create;"
161 "::thrd_detach;"
162 "::thrd_join;"
163 "::thrd_sleep;"
164 "::time;"
165 "::timespec_get;"
166 "::tmpfile;"
167 "::tmpfile_s;"
168 "::tmpnam;"
169 "::tmpnam_s;"
170 "::tss_create;"
171 "::tss_get;"
172 "::tss_set;"
173 "::ungetc;"
174 "::ungetwc;"
175 "::vfprintf;"
176 "::vfprintf_s;"
177 "::vfscanf;"
178 "::vfscanf_s;"
179 "::vfwprintf;"
180 "::vfwprintf_s;"
181 "::vfwscanf;"
182 "::vfwscanf_s;"
183 "::vprintf_s;"
184 "::vscanf;"
185 "::vscanf_s;"
186 "::vsnprintf;"
187 "::vsnprintf_s;"
188 "::vsprintf;"
189 "::vsprintf_s;"
190 "::vsscanf;"
191 "::vsscanf_s;"
192 "::vswprintf;"
193 "::vswprintf_s;"
194 "::vswscanf;"
195 "::vswscanf_s;"
196 "::vwprintf_s;"
197 "::vwscanf;"
198 "::vwscanf_s;"
199 "::wcrtomb;"
200 "::wcschr;"
201 "::wcsftime;"
202 "::wcspbrk;"
203 "::wcsrchr;"
204 "::wcsrtombs;"
205 "::wcsrtombs_s;"
206 "::wcsstr;"
207 "::wcstod;"
208 "::wcstof;"
209 "::wcstoimax;"
210 "::wcstok;"
211 "::wcstok_s;"
212 "::wcstol;"
213 "::wcstold;"
214 "::wcstoll;"
215 "::wcstombs;"
216 "::wcstombs_s;"
217 "::wcstoul;"
218 "::wcstoull;"
219 "::wcstoumax;"
220 "::wcsxfrm;"
221 "::wctob;"
222 "::wctrans;"
223 "::wctype;"
224 "::wmemchr;"
225 "::wprintf_s;"
226 "::wscanf;"
227 "::wscanf_s;";
228
229} // namespace
230
231namespace clang::tidy {
232namespace cert {
233
235public:
236 void addCheckFactories(ClangTidyCheckFactories &CheckFactories) override {
237 // C++ checkers
238 // CON
240 "cert-con54-cpp");
241 // DCL
242 CheckFactories.registerCheck<PostfixOperatorCheck>(
243 "cert-dcl21-cpp");
244 CheckFactories.registerCheck<VariadicFunctionDefCheck>("cert-dcl50-cpp");
246 "cert-dcl51-cpp");
248 "cert-dcl54-cpp");
250 "cert-dcl58-cpp");
252 "cert-dcl59-cpp");
253 // ERR
255 "cert-err09-cpp");
256 CheckFactories.registerCheck<SetLongJmpCheck>("cert-err52-cpp");
257 CheckFactories.registerCheck<StaticObjectExceptionCheck>("cert-err58-cpp");
258 CheckFactories.registerCheck<ThrownExceptionTypeCheck>("cert-err60-cpp");
260 "cert-err61-cpp");
261 // MEM
263 "cert-mem57-cpp");
264 // MSC
265 CheckFactories.registerCheck<LimitedRandomnessCheck>("cert-msc50-cpp");
267 "cert-msc51-cpp");
269 "cert-msc54-cpp");
270 // OOP
272 "cert-oop11-cpp");
274 "cert-oop54-cpp");
276 "cert-oop57-cpp");
277 CheckFactories.registerCheck<MutatingCopyCheck>(
278 "cert-oop58-cpp");
279
280 // C checkers
281 // CON
283 "cert-con36-c");
284 // DCL
285 CheckFactories.registerCheck<misc::StaticAssertCheck>("cert-dcl03-c");
287 "cert-dcl16-c");
289 "cert-dcl37-c");
290 // ENV
291 CheckFactories.registerCheck<CommandProcessorCheck>("cert-env33-c");
292 // ERR
294 "cert-err33-c");
295 CheckFactories.registerCheck<StrToNumCheck>("cert-err34-c");
296 // EXP
298 "cert-exp42-c");
299 // FLP
300 CheckFactories.registerCheck<FloatLoopCounter>("cert-flp30-c");
302 "cert-flp37-c");
303 // FIO
304 CheckFactories.registerCheck<misc::NonCopyableObjectsCheck>("cert-fio38-c");
305 // MSC
307 "cert-msc24-c");
308 CheckFactories.registerCheck<LimitedRandomnessCheck>("cert-msc30-c");
310 "cert-msc32-c");
312 "cert-msc33-c");
313 // POS
315 "cert-pos44-c");
316 CheckFactories
318 "cert-pos47-c");
319 // SIG
320 CheckFactories.registerCheck<bugprone::SignalHandlerCheck>("cert-sig30-c");
321 // STR
323 "cert-str34-c");
324 }
325
327 ClangTidyOptions Options;
329 Opts["cert-dcl16-c.NewSuffixes"] = "L;LL;LU;LLU";
330 Opts["cert-err33-c.CheckedFunctions"] = CertErr33CCheckedFunctions;
331 Opts["cert-err33-c.AllowCastToVoid"] = "true";
332 Opts["cert-oop54-cpp.WarnOnlyIfThisHasSuspiciousField"] = "false";
333 Opts["cert-str34-c.DiagnoseSignedUnsignedCharComparisons"] = "false";
334 return Options;
335 }
336};
337
338} // namespace cert
339
340// Register the MiscTidyModule using this statically initialized variable.
341static ClangTidyModuleRegistry::Add<cert::CERTModule>
342 X("cert-module",
343 "Adds lint checks corresponding to CERT secure coding guidelines.");
344
345// This anchor is used to force the linker to link in the generated object file
346// and thus register the CERTModule.
347volatile int CERTModuleAnchorSource = 0;
348
349} // namespace clang::tidy
int X
A collection of ClangTidyCheckFactory instances.
void registerCheck(llvm::StringRef CheckName)
Registers the CheckType with the name Name.
A clang-tidy module groups a number of ClangTidyChecks and gives them a prefixed name.
Finds pthread_kill function calls when thread is terminated by SIGTERM signal.
Checks for usages of identifiers reserved for use by the implementation.
Checker for signal handler functions.
Finds those signed char -> integer conversions which might indicate a programming error.
Finds cnd_wait, cnd_timedwait, wait, wait_for, or wait_until function calls when the function is not ...
Finds potentially incorrect calls to memcmp() based on properties of the arguments.
Finds user-defined copy assignment operators which do not protect the code against self-assignment ei...
Checks for functions that have safer, more secure replacements available, or are considered deprecate...
Detects function calls where the return value is unused.
void addCheckFactories(ClangTidyCheckFactories &CheckFactories) override
Implement this function in order to register all CheckFactories belonging to this module.
ClangTidyOptions getModuleOptions() override
Gets default options for checks defined in this module.
Execution of a command processor can lead to security vulnerabilities, and is generally not required.
Checks if an object of type with extended alignment is allocated by using the default operator new.
Modification of the std or posix namespace can result in undefined behavior.
This check diagnoses when the loop induction expression of a for loop has floating-point type.
Pseudorandom number generators are not genuinely random.
Finds assignments to the copied object and its direct or indirect members in copy constructors and co...
Flags use of the C standard library functions 'memset', 'memcpy' and 'memcmp' and similar derivatives...
Checks if the overloaded postfix ++ and – operator return a constant object.
Guards against use of setjmp/longjmp in C++ code.
Checks whether the constructor for a static or thread_local object will throw.
Guards against use of string conversion functions that do not have reasonable error handling for conv...
Definition: StrToNumCheck.h:21
Checks whether a thrown object is nothrow copy constructible.
Guards against any C-style variadic function definitions (not declarations).
Finds pthread_setcanceltype function calls where a thread's cancellation type is set to asynchronous.
The check flags dereferences and non-pointer declarations of objects that are not meant to be passed ...
Replaces assert() with static_assert() if the condition is evaluatable at compile time.
The check flags user-defined move constructors that have a ctor-initializer initializing a member or ...
Detects when the integral literal or floating point literal has non-uppercase suffix,...
volatile int CERTModuleAnchorSource
Contains options for clang-tidy.
OptionMap CheckOptions
Key-value mapping used to store check-specific options.
llvm::StringMap< ClangTidyValue > OptionMap