clang-tools 20.0.0git
CommandProcessorCheck.cpp
Go to the documentation of this file.
1//===-- CommandProcessorCheck.cpp - clang-tidy ----------------------------===//
2//
3// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4// See https://llvm.org/LICENSE.txt for license information.
5// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6//
7//===----------------------------------------------------------------------===//
8
10#include "clang/AST/ASTContext.h"
11#include "clang/ASTMatchers/ASTMatchFinder.h"
12
13using namespace clang::ast_matchers;
14
15namespace clang::tidy::cert {
16
17void CommandProcessorCheck::registerMatchers(MatchFinder *Finder) {
18 Finder->addMatcher(
19 callExpr(
20 callee(functionDecl(hasAnyName("::system", "::popen", "::_popen"))
21 .bind("func")),
22 // Do not diagnose when the call expression passes a null pointer
23 // constant to system(); that only checks for the presence of a
24 // command processor, which is not a security risk by itself.
25 unless(callExpr(callee(functionDecl(hasName("::system"))),
26 argumentCountIs(1),
27 hasArgument(0, nullPointerConstant()))))
28 .bind("expr"),
29 this);
30}
31
32void CommandProcessorCheck::check(const MatchFinder::MatchResult &Result) {
33 const auto *Fn = Result.Nodes.getNodeAs<FunctionDecl>("func");
34 const auto *E = Result.Nodes.getNodeAs<CallExpr>("expr");
35
36 diag(E->getExprLoc(), "calling %0 uses a command processor") << Fn;
37}
38
39} // namespace clang::tidy::cert
const Expr * E
DiagnosticBuilder diag(SourceLocation Loc, StringRef Description, DiagnosticIDs::Level Level=DiagnosticIDs::Warning)
Add a diagnostic with the check's name.
void check(const ast_matchers::MatchFinder::MatchResult &Result) override
ClangTidyChecks that register ASTMatchers should do the actual work in here.
void registerMatchers(ast_matchers::MatchFinder *Finder) override
Override this to register AST matchers with Finder.