[PATCH] D64883: Add new warning -Walloca for use of builtin alloca function
ziyig updated this revision to Diff 211816.
ziyig marked an inline comment as done.
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D64883/new/
https://reviews.llvm.org/D64883
Files:
clang/include/clang/Basic/DiagnosticSemaKinds.td
clang/lib/Sema/SemaChecking.cpp
clang/test/Sema/warn-alloca.c
Index: clang/test/Sema/warn-alloca.c
===
--- /dev/null
+++ clang/test/Sema/warn-alloca.c
@@ -0,0 +1,20 @@
+// RUN: %clang_cc1 -DSILENCE -fsyntax-only -verify -Wall %s
+// RUN: %clang_cc1 -fsyntax-only -verify -Walloca %s
+
+#ifdef SILENCE
+ // expected-no-diagnostics
+#endif
+
+void test1(int a) {
+ __builtin_alloca(a);
+#ifndef SILENCE
+ // expected-warning@-2 {{use of function '__builtin_alloca' is discouraged;
there is no way to check for failure but failure may still occur, resulting in
a possibly exploitable security vulnerability}}
+#endif
+}
+
+void test2(int a) {
+ __builtin_alloca_with_align(a, 32);
+#ifndef SILENCE
+ // expected-warning@-2 {{use of function '__builtin_alloca_with_align' is
discouraged; there is no way to check for failure but failure may still occur,
resulting in a possibly exploitable security vulnerability}}
+#endif
+}
Index: clang/lib/Sema/SemaChecking.cpp
===
--- clang/lib/Sema/SemaChecking.cpp
+++ clang/lib/Sema/SemaChecking.cpp
@@ -1169,6 +1169,10 @@
case Builtin::BI__builtin_alloca_with_align:
if (SemaBuiltinAllocaWithAlign(TheCall))
return ExprError();
+LLVM_FALLTHROUGH;
+ case Builtin::BI__builtin_alloca:
+Diag(TheCall->getBeginLoc(), diag::warn_alloca)
+<< TheCall->getDirectCallee();
break;
case Builtin::BI__assume:
case Builtin::BI__builtin_assume:
Index: clang/include/clang/Basic/DiagnosticSemaKinds.td
===
--- clang/include/clang/Basic/DiagnosticSemaKinds.td
+++ clang/include/clang/Basic/DiagnosticSemaKinds.td
@@ -2772,6 +2772,11 @@
def err_cannot_find_suitable_accessor : Error<
"cannot find suitable %select{getter|setter}0 for property %1">;
+def warn_alloca : Warning<
+ "use of function %0 is discouraged; there is no way to check for failure but
"
+ "failure may still occur, resulting in a possibly exploitable security
vulnerability">,
+ InGroup>, DefaultIgnore;
+
def warn_alloca_align_alignof : Warning<
"second argument to __builtin_alloca_with_align is supposed to be in bits">,
InGroup>;
Index: clang/test/Sema/warn-alloca.c
===
--- /dev/null
+++ clang/test/Sema/warn-alloca.c
@@ -0,0 +1,20 @@
+// RUN: %clang_cc1 -DSILENCE -fsyntax-only -verify -Wall %s
+// RUN: %clang_cc1 -fsyntax-only -verify -Walloca %s
+
+#ifdef SILENCE
+ // expected-no-diagnostics
+#endif
+
+void test1(int a) {
+ __builtin_alloca(a);
+#ifndef SILENCE
+ // expected-warning@-2 {{use of function '__builtin_alloca' is discouraged; there is no way to check for failure but failure may still occur, resulting in a possibly exploitable security vulnerability}}
+#endif
+}
+
+void test2(int a) {
+ __builtin_alloca_with_align(a, 32);
+#ifndef SILENCE
+ // expected-warning@-2 {{use of function '__builtin_alloca_with_align' is discouraged; there is no way to check for failure but failure may still occur, resulting in a possibly exploitable security vulnerability}}
+#endif
+}
Index: clang/lib/Sema/SemaChecking.cpp
===
--- clang/lib/Sema/SemaChecking.cpp
+++ clang/lib/Sema/SemaChecking.cpp
@@ -1169,6 +1169,10 @@
case Builtin::BI__builtin_alloca_with_align:
if (SemaBuiltinAllocaWithAlign(TheCall))
return ExprError();
+LLVM_FALLTHROUGH;
+ case Builtin::BI__builtin_alloca:
+Diag(TheCall->getBeginLoc(), diag::warn_alloca)
+<< TheCall->getDirectCallee();
break;
case Builtin::BI__assume:
case Builtin::BI__builtin_assume:
Index: clang/include/clang/Basic/DiagnosticSemaKinds.td
===
--- clang/include/clang/Basic/DiagnosticSemaKinds.td
+++ clang/include/clang/Basic/DiagnosticSemaKinds.td
@@ -2772,6 +2772,11 @@
def err_cannot_find_suitable_accessor : Error<
"cannot find suitable %select{getter|setter}0 for property %1">;
+def warn_alloca : Warning<
+ "use of function %0 is discouraged; there is no way to check for failure but "
+ "failure may still occur, resulting in a possibly exploitable security vulnerability">,
+ InGroup>, DefaultIgnore;
+
def warn_alloca_align_alignof : Warning<
"second argument to __builtin_alloca_with_align is supposed to be in bits">,
InGroup>;
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D64883: Add new warning -Walloca for use of builtin alloca function
ziyig added inline comments. Comment at: clang/lib/Sema/SemaChecking.cpp:1172 return ExprError(); +LLVM_FALLTHROUGH; + case Builtin::BI__builtin_alloca: aaron.ballman wrote: > Do we want to warn on all uses of alloca(), or just the ones that get past > the call to `SemaBuiltinAllocaWithAlign()`? I don't have strong opinion about this. Which one do you think is better? CHANGES SINCE LAST ACTION https://reviews.llvm.org/D64883/new/ https://reviews.llvm.org/D64883 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D64883: Add new warning -Walloca for use of builtin alloca function
ziyig updated this revision to Diff 211785.
ziyig marked 9 inline comments as done.
ziyig added a comment.
Updated the warning message and the test cases.
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D64883/new/
https://reviews.llvm.org/D64883
Files:
clang/include/clang/Basic/DiagnosticSemaKinds.td
clang/lib/Sema/SemaChecking.cpp
clang/test/Sema/warn-alloca.c
Index: clang/test/Sema/warn-alloca.c
===
--- /dev/null
+++ clang/test/Sema/warn-alloca.c
@@ -0,0 +1,20 @@
+// RUN: %clang_cc1 -DSILENCE -fsyntax-only -verify -Wall %s
+// RUN: %clang_cc1 -fsyntax-only -verify -Walloca %s
+
+#ifdef SILENCE
+ // expected-no-diagnostics
+#endif
+
+void test1(int a) {
+ __builtin_alloca(a);
+#ifndef SILENCE
+ // expected-warning@-2 {{use of function __builtin_alloca is discouraged;
there is no way to check for failure but failure may still occur, resulting in
a possibly exploitable security vulnerability}}
+#endif
+}
+
+void test2(int a) {
+ __builtin_alloca_with_align(a, 32);
+#ifndef SILENCE
+ // expected-warning@-2 {{use of function __builtin_alloca_with_align is
discouraged; there is no way to check for failure but failure may still occur,
resulting in a possibly exploitable security vulnerability}}
+#endif
+}
Index: clang/lib/Sema/SemaChecking.cpp
===
--- clang/lib/Sema/SemaChecking.cpp
+++ clang/lib/Sema/SemaChecking.cpp
@@ -1169,6 +1169,10 @@
case Builtin::BI__builtin_alloca_with_align:
if (SemaBuiltinAllocaWithAlign(TheCall))
return ExprError();
+LLVM_FALLTHROUGH;
+ case Builtin::BI__builtin_alloca:
+Diag(TheCall->getBeginLoc(), diag::warn_alloca)
+<< TheCall->getDirectCallee()->getNameInfo().getAsString();
break;
case Builtin::BI__assume:
case Builtin::BI__builtin_assume:
Index: clang/include/clang/Basic/DiagnosticSemaKinds.td
===
--- clang/include/clang/Basic/DiagnosticSemaKinds.td
+++ clang/include/clang/Basic/DiagnosticSemaKinds.td
@@ -2772,6 +2772,11 @@
def err_cannot_find_suitable_accessor : Error<
"cannot find suitable %select{getter|setter}0 for property %1">;
+def warn_alloca : Warning<
+ "use of function %0 is discouraged; there is no way to check for failure but
"
+ "failure may still occur, resulting in a possibly exploitable security
vulnerability">,
+ InGroup>, DefaultIgnore;
+
def warn_alloca_align_alignof : Warning<
"second argument to __builtin_alloca_with_align is supposed to be in bits">,
InGroup>;
Index: clang/test/Sema/warn-alloca.c
===
--- /dev/null
+++ clang/test/Sema/warn-alloca.c
@@ -0,0 +1,20 @@
+// RUN: %clang_cc1 -DSILENCE -fsyntax-only -verify -Wall %s
+// RUN: %clang_cc1 -fsyntax-only -verify -Walloca %s
+
+#ifdef SILENCE
+ // expected-no-diagnostics
+#endif
+
+void test1(int a) {
+ __builtin_alloca(a);
+#ifndef SILENCE
+ // expected-warning@-2 {{use of function __builtin_alloca is discouraged; there is no way to check for failure but failure may still occur, resulting in a possibly exploitable security vulnerability}}
+#endif
+}
+
+void test2(int a) {
+ __builtin_alloca_with_align(a, 32);
+#ifndef SILENCE
+ // expected-warning@-2 {{use of function __builtin_alloca_with_align is discouraged; there is no way to check for failure but failure may still occur, resulting in a possibly exploitable security vulnerability}}
+#endif
+}
Index: clang/lib/Sema/SemaChecking.cpp
===
--- clang/lib/Sema/SemaChecking.cpp
+++ clang/lib/Sema/SemaChecking.cpp
@@ -1169,6 +1169,10 @@
case Builtin::BI__builtin_alloca_with_align:
if (SemaBuiltinAllocaWithAlign(TheCall))
return ExprError();
+LLVM_FALLTHROUGH;
+ case Builtin::BI__builtin_alloca:
+Diag(TheCall->getBeginLoc(), diag::warn_alloca)
+<< TheCall->getDirectCallee()->getNameInfo().getAsString();
break;
case Builtin::BI__assume:
case Builtin::BI__builtin_assume:
Index: clang/include/clang/Basic/DiagnosticSemaKinds.td
===
--- clang/include/clang/Basic/DiagnosticSemaKinds.td
+++ clang/include/clang/Basic/DiagnosticSemaKinds.td
@@ -2772,6 +2772,11 @@
def err_cannot_find_suitable_accessor : Error<
"cannot find suitable %select{getter|setter}0 for property %1">;
+def warn_alloca : Warning<
+ "use of function %0 is discouraged; there is no way to check for failure but "
+ "failure may still occur, resulting in a possibly exploitable security vulnerability">,
+ InGroup>, DefaultIgnore;
+
def warn_alloca_align_alignof : Warning<
"second argument to __builtin_alloca_with_align is supposed to be in bits">,
InGroup>;
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm
[PATCH] D64883: Add new warning -Walloca for use of builtin alloca function
ziyig created this revision.
ziyig added reviewers: gbiv, aaron.ballman.
Herald added a reviewer: george.burgess.iv.
Herald added subscribers: cfe-commits, kristina.
Herald added a project: clang.
Add new warning -Walloca for use of builtin alloca function.
Also warns the use of __builtin_alloca_with_align. GCC has this warning, and
we'd like to have this for compatibility.
Repository:
rC Clang
https://reviews.llvm.org/D64883
Files:
clang/include/clang/Basic/DiagnosticSemaKinds.td
clang/lib/Sema/SemaChecking.cpp
clang/test/Sema/warn-alloca.c
Index: clang/test/Sema/warn-alloca.c
===
--- /dev/null
+++ clang/test/Sema/warn-alloca.c
@@ -0,0 +1,10 @@
+// RUN: %clang_cc1 -fsyntax-only -verify -Walloca %s
+
+void test1(int a) {
+ __builtin_alloca(a); // expected-warning {{use of builtin function
__builtin_alloca}}
+}
+
+void test2(int a) {
+ __builtin_alloca_with_align(a, 32); // expected-warning {{use of builtin
function __builtin_alloca_with_align}}
+}
+
Index: clang/lib/Sema/SemaChecking.cpp
===
--- clang/lib/Sema/SemaChecking.cpp
+++ clang/lib/Sema/SemaChecking.cpp
@@ -1169,6 +1169,10 @@
case Builtin::BI__builtin_alloca_with_align:
if (SemaBuiltinAllocaWithAlign(TheCall))
return ExprError();
+LLVM_FALLTHROUGH;
+ case Builtin::BI__builtin_alloca:
+Diag(TheCall->getBeginLoc(), diag::warn_alloca)
+<< Context.BuiltinInfo.getName(BuiltinID);
break;
case Builtin::BI__assume:
case Builtin::BI__builtin_assume:
Index: clang/include/clang/Basic/DiagnosticSemaKinds.td
===
--- clang/include/clang/Basic/DiagnosticSemaKinds.td
+++ clang/include/clang/Basic/DiagnosticSemaKinds.td
@@ -2772,6 +2772,10 @@
def err_cannot_find_suitable_accessor : Error<
"cannot find suitable %select{getter|setter}0 for property %1">;
+def warn_alloca : Warning<
+ "use of builtin function %0">,
+ InGroup>, DefaultIgnore;
+
def warn_alloca_align_alignof : Warning<
"second argument to __builtin_alloca_with_align is supposed to be in bits">,
InGroup>;
Index: clang/test/Sema/warn-alloca.c
===
--- /dev/null
+++ clang/test/Sema/warn-alloca.c
@@ -0,0 +1,10 @@
+// RUN: %clang_cc1 -fsyntax-only -verify -Walloca %s
+
+void test1(int a) {
+ __builtin_alloca(a); // expected-warning {{use of builtin function __builtin_alloca}}
+}
+
+void test2(int a) {
+ __builtin_alloca_with_align(a, 32); // expected-warning {{use of builtin function __builtin_alloca_with_align}}
+}
+
Index: clang/lib/Sema/SemaChecking.cpp
===
--- clang/lib/Sema/SemaChecking.cpp
+++ clang/lib/Sema/SemaChecking.cpp
@@ -1169,6 +1169,10 @@
case Builtin::BI__builtin_alloca_with_align:
if (SemaBuiltinAllocaWithAlign(TheCall))
return ExprError();
+LLVM_FALLTHROUGH;
+ case Builtin::BI__builtin_alloca:
+Diag(TheCall->getBeginLoc(), diag::warn_alloca)
+<< Context.BuiltinInfo.getName(BuiltinID);
break;
case Builtin::BI__assume:
case Builtin::BI__builtin_assume:
Index: clang/include/clang/Basic/DiagnosticSemaKinds.td
===
--- clang/include/clang/Basic/DiagnosticSemaKinds.td
+++ clang/include/clang/Basic/DiagnosticSemaKinds.td
@@ -2772,6 +2772,10 @@
def err_cannot_find_suitable_accessor : Error<
"cannot find suitable %select{getter|setter}0 for property %1">;
+def warn_alloca : Warning<
+ "use of builtin function %0">,
+ InGroup>, DefaultIgnore;
+
def warn_alloca_align_alignof : Warning<
"second argument to __builtin_alloca_with_align is supposed to be in bits">,
InGroup>;
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
