10#include "../utils/OptionsUtils.h"
11#include "clang/AST/ASTContext.h"
12#include "clang/ASTMatchers/ASTMatchFinder.h"
13#include "clang/Lex/PPCallbacks.h"
14#include "clang/Lex/Preprocessor.h"
25 "ReportDefaultFunctions";
27 "ReportMoreUnsafeFunctions";
30 "FunctionNamesWithAnnexKReplacement";
33 "AdditionalFunctionsNames";
35 "CustomFunctionNames";
36static constexpr llvm::StringLiteral
DeclRefId =
"DRE";
38static std::optional<std::string>
40 return StringSwitch<std::string>(FunctionName)
41 .Case(
"strlen",
"strnlen_s")
42 .Case(
"wcslen",
"wcsnlen_s")
43 .Default((Twine{FunctionName} +
"_s").str());
47 bool IsAnnexKAvailable) {
48 if (IsAnnexKAvailable) {
50 StringRef AnnexKReplacementFunction =
51 StringSwitch<StringRef>(FunctionName)
52 .Cases(
"asctime",
"asctime_r",
"asctime_s")
53 .Case(
"gets",
"gets_s")
55 if (!AnnexKReplacementFunction.empty())
56 return AnnexKReplacementFunction;
61 return StringSwitch<StringRef>(FunctionName)
62 .Cases(
"asctime",
"asctime_r",
"strftime")
63 .Case(
"gets",
"fgets")
64 .Case(
"rewind",
"fseek")
65 .Case(
"setbuf",
"setvbuf");
69 bool IsAnnexKAvailable) {
70 if (IsAnnexKAvailable) {
72 StringRef AnnexKReplacementFunction = StringSwitch<StringRef>(FunctionName)
73 .Case(
"bcopy",
"memcpy_s")
74 .Case(
"bzero",
"memset_s")
77 if (!AnnexKReplacementFunction.empty())
78 return AnnexKReplacementFunction;
81 return StringSwitch<StringRef>(FunctionName)
82 .Case(
"bcmp",
"memcmp")
83 .Case(
"bcopy",
"memcpy")
84 .Case(
"bzero",
"memset")
85 .Case(
"getpw",
"getpwuid")
86 .Case(
"vfork",
"posix_spawn");
92 return StringSwitch<StringRef>(FunctionName)
93 .Cases(
"asctime",
"asctime_r",
"ctime",
94 "is not bounds-checking and non-reentrant")
95 .Cases(
"bcmp",
"bcopy",
"bzero",
"is deprecated")
96 .Cases(
"fopen",
"freopen",
"has no exclusive access to the opened file")
97 .Case(
"gets",
"is insecure, was deprecated and removed in C11 and C++14")
98 .Case(
"getpw",
"is dangerous as it may overflow the provided buffer")
99 .Cases(
"rewind",
"setbuf",
"has no error detection")
100 .Case(
"vfork",
"is insecure as it can lead to denial of service "
101 "situations in the parent process")
102 .Default(
"is not bounds-checking");
110 const LangOptions &LO) {
111 if (CacheVar.has_value())
116 return (CacheVar =
false).value();
118 assert(
PP &&
"No Preprocessor registered.");
120 if (!
PP->isMacroDefined(
"__STDC_LIB_EXT1__") ||
121 !
PP->isMacroDefined(
"__STDC_WANT_LIB_EXT1__"))
122 return (CacheVar =
false).value();
125 PP->getMacroInfo(
PP->getIdentifierInfo(
"__STDC_WANT_LIB_EXT1__"));
126 if (!MI || MI->tokens_empty())
127 return (CacheVar =
false).value();
129 const Token &T = MI->tokens().back();
130 if (!T.isLiteral() || !T.getLiteralData())
131 return (CacheVar =
false).value();
133 CacheVar = StringRef(T.getLiteralData(), T.getLength()) ==
"1";
134 return CacheVar.value();
137static std::vector<UnsafeFunctionsCheck::CheckedFunction>
139 const std::vector<StringRef> Functions =
141 std::vector<UnsafeFunctionsCheck::CheckedFunction> Result;
142 Result.reserve(Functions.size());
144 for (StringRef Function : Functions) {
145 if (Function.empty())
148 const auto [
Name, Rest] = Function.split(
',');
149 const auto [Replacement, Reason] = Rest.split(
',');
151 if (
Name.trim().empty()) {
152 Context->configurationDiag(
"invalid configuration value for option '%0'; "
153 "expected the name of an unsafe function")
161 Replacement.trim().str(), Reason.trim().str()});
168 const std::vector<UnsafeFunctionsCheck::CheckedFunction> &Functions) {
169 std::vector<std::string> Result;
170 Result.reserve(Functions.size());
172 for (
const auto &
Entry : Functions) {
173 if (
Entry.Reason.empty())
174 Result.push_back(
Entry.Name +
"," +
Entry.Replacement);
176 Result.push_back(
Entry.Name +
"," +
Entry.Replacement +
"," +
180 return llvm::join(Result,
";");
188 ReportDefaultFunctions(
190 ReportMoreUnsafeFunctions(
198 ReportMoreUnsafeFunctions);
202 if (ReportDefaultFunctions) {
205 auto FunctionNamesWithAnnexKReplacementMatcher = hasAnyName(
206 "::bsearch",
"::ctime",
"::fopen",
"::fprintf",
"::freopen",
207 "::fscanf",
"::fwprintf",
"::fwscanf",
"::getenv",
"::gmtime",
208 "::localtime",
"::mbsrtowcs",
"::mbstowcs",
"::memcpy",
"::memmove",
209 "::memset",
"::printf",
"::qsort",
"::scanf",
"::snprintf",
210 "::sprintf",
"::sscanf",
"::strcat",
"::strcpy",
"::strerror",
211 "::strlen",
"::strncat",
"::strncpy",
"::strtok",
"::swprintf",
212 "::swscanf",
"::vfprintf",
"::vfscanf",
"::vfwprintf",
"::vfwscanf",
213 "::vprintf",
"::vscanf",
"::vsnprintf",
"::vsprintf",
"::vsscanf",
214 "::vswprintf",
"::vswscanf",
"::vwprintf",
"::vwscanf",
"::wcrtomb",
215 "::wcscat",
"::wcscpy",
"::wcslen",
"::wcsncat",
"::wcsncpy",
216 "::wcsrtombs",
"::wcstok",
"::wcstombs",
"::wctomb",
"::wmemcpy",
217 "::wmemmove",
"::wprintf",
"::wscanf");
219 declRefExpr(to(functionDecl(FunctionNamesWithAnnexKReplacementMatcher)
226 auto FunctionNamesMatcher =
227 hasAnyName(
"::asctime",
"asctime_r",
"::gets",
"::rewind",
"::setbuf");
234 if (ReportMoreUnsafeFunctions) {
236 auto AdditionalFunctionNamesMatcher =
237 hasAnyName(
"::bcmp",
"::bcopy",
"::bzero",
"::getpw",
"::vfork");
239 declRefExpr(to(functionDecl(AdditionalFunctionNamesMatcher)
246 if (!CustomFunctions.empty()) {
247 std::vector<llvm::StringRef> FunctionNames;
248 FunctionNames.reserve(CustomFunctions.size());
250 for (
const auto &
Entry : CustomFunctions)
251 FunctionNames.push_back(
Entry.Name);
255 Finder->addMatcher(declRefExpr(to(functionDecl(CustomFunctionsMatcher)
268 const auto *AnnexK = Result.Nodes.getNodeAs<FunctionDecl>(
270 const auto *Normal = Result.Nodes.getNodeAs<FunctionDecl>(
FunctionNamesId);
271 const auto *Additional =
275 assert((AnnexK || Normal || Additional || Custom) &&
276 "No valid match category.");
278 bool AnnexKIsAvailable =
280 StringRef FunctionName =
FuncDecl->getName();
283 for (
const auto &
Entry : CustomFunctions) {
286 Entry.Reason.empty() ?
"is marked as unsafe" :
Entry.Reason.c_str();
288 if (
Entry.Replacement.empty()) {
289 diag(
DeclRef->getExprLoc(),
"function %0 %1; it should not be used")
294 "function %0 %1; '%2' should be used instead")
303 llvm_unreachable(
"No custom function was matched.");
307 const std::optional<std::string> ReplacementFunctionName =
308 [&]() -> std::optional<std::string> {
310 if (AnnexKIsAvailable)
321 llvm_unreachable(
"Unhandled match category");
323 if (!ReplacementFunctionName)
326 diag(
DeclRef->getExprLoc(),
"function %0 %1; '%2' should be used instead")
328 << ReplacementFunctionName.value() <<
DeclRef->getSourceRange();
332 const SourceManager &SM, Preprocessor *
PP,
339 IsAnnexKAvailable.reset();
llvm::SmallString< 256U > Name
const DeclRefExpr * DeclRef
void store(ClangTidyOptions::OptionMap &Options, StringRef LocalName, StringRef Value) const
Stores an option with the check-local name LocalName with string value Value to Options.
Base class for all clang-tidy checks.
DiagnosticBuilder diag(SourceLocation Loc, StringRef Description, DiagnosticIDs::Level Level=DiagnosticIDs::Warning)
Add a diagnostic with the check's name.
const LangOptions & getLangOpts() const
Returns the language options from the context.
Every ClangTidyCheck reports errors through a DiagnosticsEngine provided by this context.
void registerPPCallbacks(const SourceManager &SM, Preprocessor *PP, Preprocessor *ModuleExpanderPP) override
Override this to register PPCallbacks in the preprocessor.
void check(const ast_matchers::MatchFinder::MatchResult &Result) override
ClangTidyChecks that register ASTMatchers should do the actual work in here.
void storeOptions(ClangTidyOptions::OptionMap &Opts) override
Should store all options supported by this check with their current values or default values for opti...
void onEndOfTranslationUnit() override
UnsafeFunctionsCheck(StringRef Name, ClangTidyContext *Context)
void registerMatchers(ast_matchers::MatchFinder *Finder) override
Override this to register AST matchers with Finder.
static StringRef getReplacementForAdditional(StringRef FunctionName, bool IsAnnexKAvailable)
static constexpr llvm::StringLiteral FunctionNamesWithAnnexKReplacementId
static constexpr llvm::StringLiteral CustomFunctionNamesId
static StringRef getRationaleFor(StringRef FunctionName)
static bool isAnnexKAvailable(std::optional< bool > &CacheVar, Preprocessor *PP, const LangOptions &LO)
Calculates whether Annex K is available for the current translation unit based on the macro definitio...
static std::optional< std::string > getAnnexKReplacementFor(StringRef FunctionName)
static StringRef getReplacementFor(StringRef FunctionName, bool IsAnnexKAvailable)
static constexpr llvm::StringLiteral AdditionalFunctionNamesId
static constexpr llvm::StringLiteral OptionNameReportMoreUnsafeFunctions
static std::vector< UnsafeFunctionsCheck::CheckedFunction > parseCheckedFunctions(StringRef Option, ClangTidyContext *Context)
static constexpr llvm::StringLiteral OptionNameReportDefaultFunctions
static constexpr llvm::StringLiteral FunctionNamesId
static constexpr llvm::StringLiteral OptionNameCustomFunctions
static constexpr llvm::StringLiteral DeclRefId
static std::string serializeCheckedFunctions(const std::vector< UnsafeFunctionsCheck::CheckedFunction > &Functions)
inline ::clang::ast_matchers::internal::Matcher< NamedDecl > matchesAnyListedName(llvm::ArrayRef< StringRef > NameList)
std::vector< StringRef > parseStringList(StringRef Option)
Parse a semicolon separated list of strings.
Some operations such as code completion produce a set of candidates.
llvm::StringMap< ClangTidyValue > OptionMap
static constexpr const char FuncDecl[]