serge-sans-paille updated this revision to Diff 398195. serge-sans-paille added a comment.
rebased CHANGES SINCE LAST ACTION https://reviews.llvm.org/D112913/new/ https://reviews.llvm.org/D112913 Files: clang-tools-extra/clang-tidy/misc/CMakeLists.txt clang-tools-extra/clang-tidy/misc/MiscTidyModule.cpp clang-tools-extra/clang-tidy/misc/MisleadingBidirectional.cpp clang-tools-extra/clang-tidy/misc/MisleadingBidirectional.h clang-tools-extra/docs/ReleaseNotes.rst clang-tools-extra/docs/clang-tidy/checks/list.rst clang-tools-extra/docs/clang-tidy/checks/misc-misleading-bidirectional.rst clang-tools-extra/test/clang-tidy/checkers/misc-misleading-bidirectional.cpp
Index: clang-tools-extra/docs/clang-tidy/checks/misc-misleading-bidirectional.rst =================================================================== --- /dev/null +++ clang-tools-extra/docs/clang-tidy/checks/misc-misleading-bidirectional.rst @@ -0,0 +1,21 @@ +.. title:: clang-tidy - misc-misleading-bidirectional + +misc-misleading-bidirectional +============================= + +Warn about unterminated bidirectional unicode sequence, detecting potential attack +as described in the `Trojan Source <https://www.trojansource.codes>`_ attack. + +Example: + +.. code-block:: c++ + + #include <iostream> + + int main() { + bool isAdmin = false; + /*â® } â¦if (isAdmin)⩠⦠begin admins only */ + std::cout << "You are an admin.\n"; + /* end admins only â® { â¦*/ + return 0; + } Index: clang-tools-extra/docs/clang-tidy/checks/list.rst =================================================================== --- clang-tools-extra/docs/clang-tidy/checks/list.rst +++ clang-tools-extra/docs/clang-tidy/checks/list.rst @@ -212,7 +212,8 @@ `llvmlibc-implementation-in-namespace <llvmlibc-implementation-in-namespace.html>`_, `llvmlibc-restrict-system-libc-headers <llvmlibc-restrict-system-libc-headers.html>`_, "Yes" `misc-definitions-in-headers <misc-definitions-in-headers.html>`_, "Yes" - `misc-misleading-identifier <misc-misleading-identifier.html>`_, + `misc-misleading-bidirectional <misc-misleading-bidirectional.html>`_, + `misc-misleading-identifier <misc-mileading-identifier.html>`_, `misc-misplaced-const <misc-misplaced-const.html>`_, `misc-new-delete-overloads <misc-new-delete-overloads.html>`_, `misc-no-recursion <misc-no-recursion.html>`_, Index: clang-tools-extra/docs/ReleaseNotes.rst =================================================================== --- clang-tools-extra/docs/ReleaseNotes.rst +++ clang-tools-extra/docs/ReleaseNotes.rst @@ -123,6 +123,10 @@ Reports identifiers whose names are too short. Currently checks local variables and function parameters only. +- New :doc:`misc-misleading-bidirectional <clang-tidy/checks/misc-misleading-bidirectional>` check. + + Inspects string literal and comments for unterminated bidirectional Unicode + characters. New check aliases ^^^^^^^^^^^^^^^^^ Index: clang-tools-extra/clang-tidy/misc/MisleadingBidirectional.h =================================================================== --- /dev/null +++ clang-tools-extra/clang-tidy/misc/MisleadingBidirectional.h @@ -0,0 +1,38 @@ +//===--- MisleadingBidirectionalCheck.h - clang-tidy ------------*- C++ -*-===// +// +// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. +// See https://llvm.org/LICENSE.txt for license information. +// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception +// +//===----------------------------------------------------------------------===// + +#ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_MISC_MISLEADINGBIDIRECTIONALCHECK_H +#define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_MISC_MISLEADINGBIDIRECTIONALCHECK_H + +#include "../ClangTidyCheck.h" + +namespace clang { +namespace tidy { +namespace misc { + +class MisleadingBidirectionalCheck : public ClangTidyCheck { +public: + MisleadingBidirectionalCheck(StringRef Name, ClangTidyContext *Context); + ~MisleadingBidirectionalCheck(); + + void registerPPCallbacks(const SourceManager &SM, Preprocessor *PP, + Preprocessor *ModuleExpanderPP) override; + + void registerMatchers(ast_matchers::MatchFinder *Finder) override; + void check(const ast_matchers::MatchFinder::MatchResult &Result) override; + +private: + class MisleadingBidirectionalHandler; + std::unique_ptr<MisleadingBidirectionalHandler> Handler; +}; + +} // namespace misc +} // namespace tidy +} // namespace clang + +#endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_MISC_MISLEADINGBIDIRECTIONALCHECK_H Index: clang-tools-extra/clang-tidy/misc/MisleadingBidirectional.cpp =================================================================== --- /dev/null +++ clang-tools-extra/clang-tidy/misc/MisleadingBidirectional.cpp @@ -0,0 +1,142 @@ +//===--- MisleadingBidirectional.cpp - clang-tidy -------------------------===// +// +// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. +// See https://llvm.org/LICENSE.txt for license information. +// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception +// +//===----------------------------------------------------------------------===// + +#include "MisleadingBidirectional.h" + +#include "clang/Frontend/CompilerInstance.h" +#include "clang/Lex/Preprocessor.h" +#include "llvm/Support/ConvertUTF.h" + +using namespace clang; + +static bool containsMisleadingBidi(StringRef Buffer, + bool HonorLineBreaks = true) { + const char *CurPtr = Buffer.begin(); + unsigned i = 0; + + enum BidiChar { + PS = 0x2029, + RLO = 0x202E, + RLE = 0x202B, + LRO = 0x202D, + LRE = 0x202A, + PDF = 0x202C, + RLI = 0x2067, + LRI = 0x2066, + FSI = 0x2068, + PDI = 0x2069 + }; + + SmallVector<BidiChar> BidiContexts; + + // Scan each character while maintaining a stack of opened bidi context. + // RLO/RLE/LRO/LRE all are closed by PDF while RLI LRI and FSI are closed by + // PDI. New lines reset the context count. Extra PDF / PDI are ignored. + // + // Warn if we end up with an unclosed context. + while (CurPtr < Buffer.end()) { + ++i; + unsigned char C = *CurPtr; + if (isASCII(C)) { + ++CurPtr; + // Paragraph separator + if (C == 0xA || C == 0xD || (0x1C <= C && C <= 0x1E) || C == 0x85) + BidiContexts.clear(); + // Segment separator + if (C == 0x9 || C == 0xB || C == 0x1F) + BidiContexts.clear(); + continue; + } + llvm::UTF32 CodePoint; + llvm::ConversionResult Result = llvm::convertUTF8Sequence( + (const llvm::UTF8 **)&CurPtr, (const llvm::UTF8 *)Buffer.end(), + &CodePoint, llvm::strictConversion); + + // If conversion fails, utf-8 is designed so that we can just try next char. + if (Result != llvm::conversionOK) { + ++CurPtr; + continue; + } + + // Open a PDF context + if (CodePoint == RLO || CodePoint == RLE || CodePoint == LRO || + CodePoint == LRE) + BidiContexts.push_back(PDF); + // Close PDF Context + else if (CodePoint == PDF) { + if (!BidiContexts.empty() && BidiContexts.back() == PDF) + BidiContexts.pop_back(); + } + // Open PDI Context + else if (CodePoint == RLI || CodePoint == LRI || CodePoint == FSI) + BidiContexts.push_back(PDI); + // Close PDI Context + else if (CodePoint == PDI) { + auto R = std::find(BidiContexts.rbegin(), BidiContexts.rend(), PDI); + if (R != BidiContexts.rend()) + BidiContexts.resize(BidiContexts.rend() - R - 1); + } + // Line break or equivalent + else if (CodePoint == PS) + BidiContexts.clear(); + } + return !BidiContexts.empty(); +} + +class clang::tidy::misc::MisleadingBidirectionalCheck:: + MisleadingBidirectionalHandler : public CommentHandler { +public: + MisleadingBidirectionalHandler(MisleadingBidirectionalCheck &Check, + llvm::Optional<std::string> User) + : Check(Check) {} + + bool HandleComment(Preprocessor &PP, SourceRange Range) override { + // FIXME: check that we are in a /* */ comment + StringRef Text = + Lexer::getSourceText(CharSourceRange::getCharRange(Range), + PP.getSourceManager(), PP.getLangOpts()); + + if (containsMisleadingBidi(Text, true)) + Check.diag( + Range.getBegin(), + "comment contains misleading bidirectional Unicode characters"); + return false; + } + +private: + MisleadingBidirectionalCheck &Check; +}; + +clang::tidy::misc::MisleadingBidirectionalCheck::MisleadingBidirectionalCheck( + StringRef Name, ClangTidyContext *Context) + : ClangTidyCheck(Name, Context), + Handler(std::make_unique<MisleadingBidirectionalHandler>( + *this, Context->getOptions().User)) {} + +clang::tidy::misc::MisleadingBidirectionalCheck:: + ~MisleadingBidirectionalCheck() = default; + +void clang::tidy::misc::MisleadingBidirectionalCheck::registerPPCallbacks( + const SourceManager &SM, Preprocessor *PP, Preprocessor *ModuleExpanderPP) { + PP->addCommentHandler(Handler.get()); +} + +void clang::tidy::misc::MisleadingBidirectionalCheck::check( + const ast_matchers::MatchFinder::MatchResult &Result) { + if (const auto *SL = Result.Nodes.getNodeAs<StringLiteral>("strlit")) { + StringRef Literal = SL->getBytes(); + if (containsMisleadingBidi(Literal, false)) + diag(SL->getBeginLoc(), "string literal contains misleading " + "bidirectional Unicode characters"); + } +} + +void clang::tidy::misc::MisleadingBidirectionalCheck::registerMatchers( + ast_matchers::MatchFinder *Finder) { + Finder->addMatcher(ast_matchers::stringLiteral().bind("strlit"), this); +} Index: clang-tools-extra/clang-tidy/misc/MiscTidyModule.cpp =================================================================== --- clang-tools-extra/clang-tidy/misc/MiscTidyModule.cpp +++ clang-tools-extra/clang-tidy/misc/MiscTidyModule.cpp @@ -10,6 +10,7 @@ #include "../ClangTidyModule.h" #include "../ClangTidyModuleRegistry.h" #include "DefinitionsInHeadersCheck.h" +#include "MisleadingBidirectional.h" #include "MisleadingIdentifier.h" #include "MisplacedConstCheck.h" #include "NewDeleteOverloadsCheck.h" @@ -34,6 +35,8 @@ void addCheckFactories(ClangTidyCheckFactories &CheckFactories) override { CheckFactories.registerCheck<DefinitionsInHeadersCheck>( "misc-definitions-in-headers"); + CheckFactories.registerCheck<MisleadingBidirectionalCheck>( + "misc-misleading-bidirectional"); CheckFactories.registerCheck<MisleadingIdentifierCheck>( "misc-misleading-identifier"); CheckFactories.registerCheck<MisplacedConstCheck>("misc-misplaced-const"); Index: clang-tools-extra/clang-tidy/misc/CMakeLists.txt =================================================================== --- clang-tools-extra/clang-tidy/misc/CMakeLists.txt +++ clang-tools-extra/clang-tidy/misc/CMakeLists.txt @@ -6,6 +6,7 @@ add_clang_library(clangTidyMiscModule DefinitionsInHeadersCheck.cpp MiscTidyModule.cpp + MisleadingBidirectional.cpp MisleadingIdentifier.cpp MisplacedConstCheck.cpp NewDeleteOverloadsCheck.cpp
_______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
