clang-tools 18.0.0git
CERTTidyModule.cpp
Go to the documentation of this file.
1//===--- CERTTidyModule.cpp - clang-tidy ----------------------------------===//
2//
3// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4// See https://llvm.org/LICENSE.txt for license information.
5// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6//
7//===----------------------------------------------------------------------===//
8
9#include "../ClangTidy.h"
10#include "../ClangTidyModule.h"
11#include "../ClangTidyModuleRegistry.h"
12#include "../bugprone/BadSignalToKillThreadCheck.h"
13#include "../bugprone/ReservedIdentifierCheck.h"
14#include "../bugprone/SignalHandlerCheck.h"
15#include "../bugprone/SignedCharMisuseCheck.h"
16#include "../bugprone/SpuriouslyWakeUpFunctionsCheck.h"
17#include "../bugprone/SuspiciousMemoryComparisonCheck.h"
18#include "../bugprone/UnhandledSelfAssignmentCheck.h"
19#include "../bugprone/UnsafeFunctionsCheck.h"
20#include "../bugprone/UnusedReturnValueCheck.h"
21#include "../concurrency/ThreadCanceltypeAsynchronousCheck.h"
22#include "../google/UnnamedNamespaceInHeaderCheck.h"
23#include "../misc/NewDeleteOverloadsCheck.h"
24#include "../misc/NonCopyableObjects.h"
25#include "../misc/StaticAssertCheck.h"
26#include "../misc/ThrowByValueCatchByReferenceCheck.h"
27#include "../performance/MoveConstructorInitCheck.h"
28#include "../readability/UppercaseLiteralSuffixCheck.h"
29#include "CommandProcessorCheck.h"
30#include "DefaultOperatorNewAlignmentCheck.h"
31#include "DontModifyStdNamespaceCheck.h"
32#include "FloatLoopCounter.h"
33#include "LimitedRandomnessCheck.h"
34#include "MutatingCopyCheck.h"
35#include "NonTrivialTypesLibcMemoryCallsCheck.h"
36#include "PostfixOperatorCheck.h"
37#include "ProperlySeededRandomGeneratorCheck.h"
38#include "SetLongJmpCheck.h"
39#include "StaticObjectExceptionCheck.h"
40#include "StrToNumCheck.h"
41#include "ThrownExceptionTypeCheck.h"
42#include "VariadicFunctionDefCheck.h"
43
44namespace {
45
46// Checked functions for cert-err33-c.
47// The following functions are deliberately excluded because they can be called
48// with NULL argument and in this case the check is not applicable:
49// `mblen, mbrlen, mbrtowc, mbtowc, wctomb, wctomb_s`.
50// FIXME: The check can be improved to handle such cases.
51const llvm::StringRef CertErr33CCheckedFunctions = "::aligned_alloc;"
52 "::asctime_s;"
53 "::at_quick_exit;"
54 "::atexit;"
55 "::bsearch;"
56 "::bsearch_s;"
57 "::btowc;"
58 "::c16rtomb;"
59 "::c32rtomb;"
60 "::calloc;"
61 "::clock;"
62 "::cnd_broadcast;"
63 "::cnd_init;"
64 "::cnd_signal;"
65 "::cnd_timedwait;"
66 "::cnd_wait;"
67 "::ctime_s;"
68 "::fclose;"
69 "::fflush;"
70 "::fgetc;"
71 "::fgetpos;"
72 "::fgets;"
73 "::fgetwc;"
74 "::fopen;"
75 "::fopen_s;"
76 "::fprintf;"
77 "::fprintf_s;"
78 "::fputc;"
79 "::fputs;"
80 "::fputwc;"
81 "::fputws;"
82 "::fread;"
83 "::freopen;"
84 "::freopen_s;"
85 "::fscanf;"
86 "::fscanf_s;"
87 "::fseek;"
88 "::fsetpos;"
89 "::ftell;"
90 "::fwprintf;"
91 "::fwprintf_s;"
92 "::fwrite;"
93 "::fwscanf;"
94 "::fwscanf_s;"
95 "::getc;"
96 "::getchar;"
97 "::getenv;"
98 "::getenv_s;"
99 "::gets_s;"
100 "::getwc;"
101 "::getwchar;"
102 "::gmtime;"
103 "::gmtime_s;"
104 "::localtime;"
105 "::localtime_s;"
106 "::malloc;"
107 "::mbrtoc16;"
108 "::mbrtoc32;"
109 "::mbsrtowcs;"
110 "::mbsrtowcs_s;"
111 "::mbstowcs;"
112 "::mbstowcs_s;"
113 "::memchr;"
114 "::mktime;"
115 "::mtx_init;"
116 "::mtx_lock;"
117 "::mtx_timedlock;"
118 "::mtx_trylock;"
119 "::mtx_unlock;"
120 "::printf_s;"
121 "::putc;"
122 "::putwc;"
123 "::raise;"
124 "::realloc;"
125 "::remove;"
126 "::rename;"
127 "::scanf;"
128 "::scanf_s;"
129 "::setlocale;"
130 "::setvbuf;"
131 "::signal;"
132 "::snprintf;"
133 "::snprintf_s;"
134 "::sprintf;"
135 "::sprintf_s;"
136 "::sscanf;"
137 "::sscanf_s;"
138 "::strchr;"
139 "::strerror_s;"
140 "::strftime;"
141 "::strpbrk;"
142 "::strrchr;"
143 "::strstr;"
144 "::strtod;"
145 "::strtof;"
146 "::strtoimax;"
147 "::strtok;"
148 "::strtok_s;"
149 "::strtol;"
150 "::strtold;"
151 "::strtoll;"
152 "::strtoul;"
153 "::strtoull;"
154 "::strtoumax;"
155 "::strxfrm;"
156 "::swprintf;"
157 "::swprintf_s;"
158 "::swscanf;"
159 "::swscanf_s;"
160 "::thrd_create;"
161 "::thrd_detach;"
162 "::thrd_join;"
163 "::thrd_sleep;"
164 "::time;"
165 "::timespec_get;"
166 "::tmpfile;"
167 "::tmpfile_s;"
168 "::tmpnam;"
169 "::tmpnam_s;"
170 "::tss_create;"
171 "::tss_get;"
172 "::tss_set;"
173 "::ungetc;"
174 "::ungetwc;"
175 "::vfprintf;"
176 "::vfprintf_s;"
177 "::vfscanf;"
178 "::vfscanf_s;"
179 "::vfwprintf;"
180 "::vfwprintf_s;"
181 "::vfwscanf;"
182 "::vfwscanf_s;"
183 "::vprintf_s;"
184 "::vscanf;"
185 "::vscanf_s;"
186 "::vsnprintf;"
187 "::vsnprintf_s;"
188 "::vsprintf;"
189 "::vsprintf_s;"
190 "::vsscanf;"
191 "::vsscanf_s;"
192 "::vswprintf;"
193 "::vswprintf_s;"
194 "::vswscanf;"
195 "::vswscanf_s;"
196 "::vwprintf_s;"
197 "::vwscanf;"
198 "::vwscanf_s;"
199 "::wcrtomb;"
200 "::wcschr;"
201 "::wcsftime;"
202 "::wcspbrk;"
203 "::wcsrchr;"
204 "::wcsrtombs;"
205 "::wcsrtombs_s;"
206 "::wcsstr;"
207 "::wcstod;"
208 "::wcstof;"
209 "::wcstoimax;"
210 "::wcstok;"
211 "::wcstok_s;"
212 "::wcstol;"
213 "::wcstold;"
214 "::wcstoll;"
215 "::wcstombs;"
216 "::wcstombs_s;"
217 "::wcstoul;"
218 "::wcstoull;"
219 "::wcstoumax;"
220 "::wcsxfrm;"
221 "::wctob;"
222 "::wctrans;"
223 "::wctype;"
224 "::wmemchr;"
225 "::wprintf_s;"
226 "::wscanf;"
227 "::wscanf_s;";
228
229} // namespace
230
231namespace clang::tidy {
232namespace cert {
233
234class CERTModule : public ClangTidyModule {
235public:
236 void addCheckFactories(ClangTidyCheckFactories &CheckFactories) override {
237 // C++ checkers
238 // CON
239 CheckFactories.registerCheck<bugprone::SpuriouslyWakeUpFunctionsCheck>(
240 "cert-con54-cpp");
241 // DCL
242 CheckFactories.registerCheck<PostfixOperatorCheck>(
243 "cert-dcl21-cpp");
244 CheckFactories.registerCheck<VariadicFunctionDefCheck>("cert-dcl50-cpp");
245 CheckFactories.registerCheck<bugprone::ReservedIdentifierCheck>(
246 "cert-dcl51-cpp");
247 CheckFactories.registerCheck<misc::NewDeleteOverloadsCheck>(
248 "cert-dcl54-cpp");
249 CheckFactories.registerCheck<DontModifyStdNamespaceCheck>(
250 "cert-dcl58-cpp");
251 CheckFactories.registerCheck<google::build::UnnamedNamespaceInHeaderCheck>(
252 "cert-dcl59-cpp");
253 // ERR
254 CheckFactories.registerCheck<misc::ThrowByValueCatchByReferenceCheck>(
255 "cert-err09-cpp");
256 CheckFactories.registerCheck<SetLongJmpCheck>("cert-err52-cpp");
257 CheckFactories.registerCheck<StaticObjectExceptionCheck>("cert-err58-cpp");
258 CheckFactories.registerCheck<ThrownExceptionTypeCheck>("cert-err60-cpp");
259 CheckFactories.registerCheck<misc::ThrowByValueCatchByReferenceCheck>(
260 "cert-err61-cpp");
261 // MEM
262 CheckFactories.registerCheck<DefaultOperatorNewAlignmentCheck>(
263 "cert-mem57-cpp");
264 // MSC
265 CheckFactories.registerCheck<LimitedRandomnessCheck>("cert-msc50-cpp");
266 CheckFactories.registerCheck<ProperlySeededRandomGeneratorCheck>(
267 "cert-msc51-cpp");
268 CheckFactories.registerCheck<bugprone::SignalHandlerCheck>(
269 "cert-msc54-cpp");
270 // OOP
271 CheckFactories.registerCheck<performance::MoveConstructorInitCheck>(
272 "cert-oop11-cpp");
273 CheckFactories.registerCheck<bugprone::UnhandledSelfAssignmentCheck>(
274 "cert-oop54-cpp");
275 CheckFactories.registerCheck<NonTrivialTypesLibcMemoryCallsCheck>(
276 "cert-oop57-cpp");
277 CheckFactories.registerCheck<MutatingCopyCheck>(
278 "cert-oop58-cpp");
279
280 // C checkers
281 // CON
282 CheckFactories.registerCheck<bugprone::SpuriouslyWakeUpFunctionsCheck>(
283 "cert-con36-c");
284 // DCL
285 CheckFactories.registerCheck<misc::StaticAssertCheck>("cert-dcl03-c");
286 CheckFactories.registerCheck<readability::UppercaseLiteralSuffixCheck>(
287 "cert-dcl16-c");
288 CheckFactories.registerCheck<bugprone::ReservedIdentifierCheck>(
289 "cert-dcl37-c");
290 // ENV
291 CheckFactories.registerCheck<CommandProcessorCheck>("cert-env33-c");
292 // ERR
293 CheckFactories.registerCheck<bugprone::UnusedReturnValueCheck>(
294 "cert-err33-c");
295 CheckFactories.registerCheck<StrToNumCheck>("cert-err34-c");
296 // EXP
297 CheckFactories.registerCheck<bugprone::SuspiciousMemoryComparisonCheck>(
298 "cert-exp42-c");
299 // FLP
300 CheckFactories.registerCheck<FloatLoopCounter>("cert-flp30-c");
301 CheckFactories.registerCheck<bugprone::SuspiciousMemoryComparisonCheck>(
302 "cert-flp37-c");
303 // FIO
304 CheckFactories.registerCheck<misc::NonCopyableObjectsCheck>("cert-fio38-c");
305 // MSC
306 CheckFactories.registerCheck<bugprone::UnsafeFunctionsCheck>(
307 "cert-msc24-c");
308 CheckFactories.registerCheck<LimitedRandomnessCheck>("cert-msc30-c");
309 CheckFactories.registerCheck<ProperlySeededRandomGeneratorCheck>(
310 "cert-msc32-c");
311 CheckFactories.registerCheck<bugprone::UnsafeFunctionsCheck>(
312 "cert-msc33-c");
313 // POS
314 CheckFactories.registerCheck<bugprone::BadSignalToKillThreadCheck>(
315 "cert-pos44-c");
316 CheckFactories
317 .registerCheck<concurrency::ThreadCanceltypeAsynchronousCheck>(
318 "cert-pos47-c");
319 // SIG
320 CheckFactories.registerCheck<bugprone::SignalHandlerCheck>("cert-sig30-c");
321 // STR
322 CheckFactories.registerCheck<bugprone::SignedCharMisuseCheck>(
323 "cert-str34-c");
324 }
325
326 ClangTidyOptions getModuleOptions() override {
327 ClangTidyOptions Options;
328 ClangTidyOptions::OptionMap &Opts = Options.CheckOptions;
329 Opts["cert-dcl16-c.NewSuffixes"] = "L;LL;LU;LLU";
330 Opts["cert-err33-c.CheckedFunctions"] = CertErr33CCheckedFunctions;
331 Opts["cert-err33-c.AllowCastToVoid"] = "true";
332 Opts["cert-oop54-cpp.WarnOnlyIfThisHasSuspiciousField"] = "false";
333 Opts["cert-str34-c.DiagnoseSignedUnsignedCharComparisons"] = "false";
334 return Options;
335 }
336};
337
338} // namespace cert
339
340// Register the MiscTidyModule using this statically initialized variable.
341static ClangTidyModuleRegistry::Add<cert::CERTModule>
342 X("cert-module",
343 "Adds lint checks corresponding to CERT secure coding guidelines.");
344
345// This anchor is used to force the linker to link in the generated object file
346// and thus register the CERTModule.
347volatile int CERTModuleAnchorSource = 0;
348
349} // namespace clang::tidy
X
int X
Definition: LSPBinderTests.cpp:26
clang::tidy::ClangTidyCheckFactories
A collection of ClangTidyCheckFactory instances.
Definition: ClangTidyModule.h:27
clang::tidy::ClangTidyCheckFactories::registerCheck
void registerCheck(llvm::StringRef CheckName)
Registers the CheckType with the name Name.
Definition: ClangTidyModule.h:58
clang::tidy::ClangTidyModule
A clang-tidy module groups a number of ClangTidyChecks and gives them a prefixed name.
Definition: ClangTidyModule.h:84
clang::tidy::bugprone::BadSignalToKillThreadCheck
Finds pthread_kill function calls when thread is terminated by SIGTERM signal.
Definition: BadSignalToKillThreadCheck.h:21
clang::tidy::bugprone::ReservedIdentifierCheck
Checks for usages of identifiers reserved for use by the implementation.
Definition: ReservedIdentifierCheck.h:31
clang::tidy::bugprone::SignalHandlerCheck
Checker for signal handler functions.
Definition: SignalHandlerCheck.h:23
clang::tidy::bugprone::SignedCharMisuseCheck
Finds those signed char -> integer conversions which might indicate a programming error.
Definition: SignedCharMisuseCheck.h:24
clang::tidy::bugprone::SpuriouslyWakeUpFunctionsCheck
Finds cnd_wait, cnd_timedwait, wait, wait_for, or wait_until function calls when the function is not ...
Definition: SpuriouslyWakeUpFunctionsCheck.h:23
clang::tidy::bugprone::SuspiciousMemoryComparisonCheck
Finds potentially incorrect calls to memcmp() based on properties of the arguments.
Definition: SuspiciousMemoryComparisonCheck.h:21
clang::tidy::bugprone::UnhandledSelfAssignmentCheck
Finds user-defined copy assignment operators which do not protect the code against self-assignment ei...
Definition: UnhandledSelfAssignmentCheck.h:22
clang::tidy::bugprone::UnsafeFunctionsCheck
Checks for functions that have safer, more secure replacements available, or are considered deprecate...
Definition: UnsafeFunctionsCheck.h:23
clang::tidy::bugprone::UnusedReturnValueCheck
Detects function calls where the return value is unused.
Definition: UnusedReturnValueCheck.h:21
clang::tidy::cert::CERTModule::addCheckFactories
void addCheckFactories(ClangTidyCheckFactories &CheckFactories) override
Implement this function in order to register all CheckFactories belonging to this module.
Definition: CERTTidyModule.cpp:236
clang::tidy::cert::CERTModule::getModuleOptions
ClangTidyOptions getModuleOptions() override
Gets default options for checks defined in this module.
Definition: CERTTidyModule.cpp:326
clang::tidy::cert::CommandProcessorCheck
Execution of a command processor can lead to security vulnerabilities, and is generally not required.
Definition: CommandProcessorCheck.h:23
clang::tidy::cert::DefaultOperatorNewAlignmentCheck
Checks if an object of type with extended alignment is allocated by using the default operator new.
Definition: DefaultOperatorNewAlignmentCheck.h:21
clang::tidy::cert::DontModifyStdNamespaceCheck
Modification of the std or posix namespace can result in undefined behavior.
Definition: DontModifyStdNamespaceCheck.h:21
clang::tidy::cert::FloatLoopCounter
This check diagnoses when the loop induction expression of a for loop has floating-point type.
Definition: FloatLoopCounter.h:22
clang::tidy::cert::LimitedRandomnessCheck
Pseudorandom number generators are not genuinely random.
Definition: LimitedRandomnessCheck.h:23
clang::tidy::cert::MutatingCopyCheck
Finds assignments to the copied object and its direct or indirect members in copy constructors and co...
Definition: MutatingCopyCheck.h:21
clang::tidy::cert::NonTrivialTypesLibcMemoryCallsCheck
Flags use of the C standard library functions 'memset', 'memcpy' and 'memcmp' and similar derivatives...
Definition: NonTrivialTypesLibcMemoryCallsCheck.h:21
clang::tidy::cert::PostfixOperatorCheck
Checks if the overloaded postfix ++ and – operator return a constant object.
Definition: PostfixOperatorCheck.h:21
clang::tidy::cert::SetLongJmpCheck
Guards against use of setjmp/longjmp in C++ code.
Definition: SetLongJmpCheck.h:20
clang::tidy::cert::StaticObjectExceptionCheck
Checks whether the constructor for a static or thread_local object will throw.
Definition: StaticObjectExceptionCheck.h:21
clang::tidy::cert::StrToNumCheck
Guards against use of string conversion functions that do not have reasonable error handling for conv...
Definition: StrToNumCheck.h:21
clang::tidy::cert::ThrownExceptionTypeCheck
Checks whether a thrown object is nothrow copy constructible.
Definition: ThrownExceptionTypeCheck.h:20
clang::tidy::cert::VariadicFunctionDefCheck
Guards against any C-style variadic function definitions (not declarations).
Definition: VariadicFunctionDefCheck.h:20
clang::tidy::concurrency::ThreadCanceltypeAsynchronousCheck
Finds pthread_setcanceltype function calls where a thread's cancellation type is set to asynchronous.
Definition: ThreadCanceltypeAsynchronousCheck.h:20
clang::tidy::misc::NonCopyableObjectsCheck
The check flags dereferences and non-pointer declarations of objects that are not meant to be passed ...
Definition: NonCopyableObjects.h:18
clang::tidy::misc::StaticAssertCheck
Replaces assert() with static_assert() if the condition is evaluatable at compile time.
Definition: StaticAssertCheck.h:23
clang::tidy::performance::MoveConstructorInitCheck
The check flags user-defined move constructors that have a ctor-initializer initializing a member or ...
Definition: MoveConstructorInitCheck.h:21
clang::tidy::readability::UppercaseLiteralSuffixCheck
Detects when the integral literal or floating point literal has non-uppercase suffix,...
Definition: UppercaseLiteralSuffixCheck.h:23
clang::tidy::CERTModuleAnchorSource
volatile int CERTModuleAnchorSource
Definition: CERTTidyModule.cpp:347
clang::tidy::ClangTidyOptions
Contains options for clang-tidy.
Definition: ClangTidyOptions.h:49
clang::tidy::ClangTidyOptions::CheckOptions
OptionMap CheckOptions
Key-value mapping used to store check-specific options.
Definition: ClangTidyOptions.h:125
clang::tidy::ClangTidyOptions::OptionMap
llvm::StringMap< ClangTidyValue > OptionMap
Definition: ClangTidyOptions.h:122
Generated on Sat Dec 2 2023 18:42:47 for clang-tools by doxygen 1.9.6