clang-tools 22.0.0git
CommandProcessorCheck.cpp
Go to the documentation of this file.
1//===----------------------------------------------------------------------===//
2//
3// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4// See https://llvm.org/LICENSE.txt for license information.
5// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6//
7//===----------------------------------------------------------------------===//
8
9#include "CommandProcessorCheck.h"
10#include "clang/ASTMatchers/ASTMatchFinder.h"
11
12using namespace clang::ast_matchers;
13
14namespace clang::tidy::bugprone {
15
16void CommandProcessorCheck::registerMatchers(MatchFinder *Finder) {
17 Finder->addMatcher(
18 callExpr(
19 callee(functionDecl(hasAnyName("::system", "::popen", "::_popen"))
20 .bind("func")),
21 // Do not diagnose when the call expression passes a null pointer
22 // constant to system(); that only checks for the presence of a
23 // command processor, which is not a security risk by itself.
24 unless(callExpr(callee(functionDecl(hasName("::system"))),
25 argumentCountIs(1),
26 hasArgument(0, nullPointerConstant()))))
27 .bind("expr"),
28 this);
29}
30
31void CommandProcessorCheck::check(const MatchFinder::MatchResult &Result) {
32 const auto *Fn = Result.Nodes.getNodeAs<FunctionDecl>("func");
33 const auto *E = Result.Nodes.getNodeAs<CallExpr>("expr");
34
35 diag(E->getExprLoc(), "calling %0 uses a command processor") << Fn;
36}
37
38} // namespace clang::tidy::bugprone
clang::tidy::bugprone::CommandProcessorCheck::check
void check(const ast_matchers::MatchFinder::MatchResult &Result) override
Definition CommandProcessorCheck.cpp:31
clang::tidy::bugprone::CommandProcessorCheck::registerMatchers
void registerMatchers(ast_matchers::MatchFinder *Finder) override
Definition CommandProcessorCheck.cpp:16
clang::ast_matchers
Definition AbseilMatcher.h:13
Generated on for clang-tools by doxygen 1.14.0