[PATCH] D64883: Add new warning -Walloca for use of builtin alloca function
ziyig updated this revision to Diff 211816. ziyig marked an inline comment as done. CHANGES SINCE LAST ACTION https://reviews.llvm.org/D64883/new/ https://reviews.llvm.org/D64883 Files: clang/include/clang/Basic/DiagnosticSemaKinds.td clang/lib/Sema/SemaChecking.cpp clang/test/Sema/warn-alloca.c Index: clang/test/Sema/warn-alloca.c === --- /dev/null +++ clang/test/Sema/warn-alloca.c @@ -0,0 +1,20 @@ +// RUN: %clang_cc1 -DSILENCE -fsyntax-only -verify -Wall %s +// RUN: %clang_cc1 -fsyntax-only -verify -Walloca %s + +#ifdef SILENCE + // expected-no-diagnostics +#endif + +void test1(int a) { + __builtin_alloca(a); +#ifndef SILENCE + // expected-warning@-2 {{use of function '__builtin_alloca' is discouraged; there is no way to check for failure but failure may still occur, resulting in a possibly exploitable security vulnerability}} +#endif +} + +void test2(int a) { + __builtin_alloca_with_align(a, 32); +#ifndef SILENCE + // expected-warning@-2 {{use of function '__builtin_alloca_with_align' is discouraged; there is no way to check for failure but failure may still occur, resulting in a possibly exploitable security vulnerability}} +#endif +} Index: clang/lib/Sema/SemaChecking.cpp === --- clang/lib/Sema/SemaChecking.cpp +++ clang/lib/Sema/SemaChecking.cpp @@ -1169,6 +1169,10 @@ case Builtin::BI__builtin_alloca_with_align: if (SemaBuiltinAllocaWithAlign(TheCall)) return ExprError(); +LLVM_FALLTHROUGH; + case Builtin::BI__builtin_alloca: +Diag(TheCall->getBeginLoc(), diag::warn_alloca) +<< TheCall->getDirectCallee(); break; case Builtin::BI__assume: case Builtin::BI__builtin_assume: Index: clang/include/clang/Basic/DiagnosticSemaKinds.td === --- clang/include/clang/Basic/DiagnosticSemaKinds.td +++ clang/include/clang/Basic/DiagnosticSemaKinds.td @@ -2772,6 +2772,11 @@ def err_cannot_find_suitable_accessor : Error< "cannot find suitable %select{getter|setter}0 for property %1">; +def warn_alloca : Warning< + "use of function %0 is discouraged; there is no way to check for failure but " + "failure may still occur, resulting in a possibly exploitable security vulnerability">, + InGroup>, DefaultIgnore; + def warn_alloca_align_alignof : Warning< "second argument to __builtin_alloca_with_align is supposed to be in bits">, InGroup>; Index: clang/test/Sema/warn-alloca.c === --- /dev/null +++ clang/test/Sema/warn-alloca.c @@ -0,0 +1,20 @@ +// RUN: %clang_cc1 -DSILENCE -fsyntax-only -verify -Wall %s +// RUN: %clang_cc1 -fsyntax-only -verify -Walloca %s + +#ifdef SILENCE + // expected-no-diagnostics +#endif + +void test1(int a) { + __builtin_alloca(a); +#ifndef SILENCE + // expected-warning@-2 {{use of function '__builtin_alloca' is discouraged; there is no way to check for failure but failure may still occur, resulting in a possibly exploitable security vulnerability}} +#endif +} + +void test2(int a) { + __builtin_alloca_with_align(a, 32); +#ifndef SILENCE + // expected-warning@-2 {{use of function '__builtin_alloca_with_align' is discouraged; there is no way to check for failure but failure may still occur, resulting in a possibly exploitable security vulnerability}} +#endif +} Index: clang/lib/Sema/SemaChecking.cpp === --- clang/lib/Sema/SemaChecking.cpp +++ clang/lib/Sema/SemaChecking.cpp @@ -1169,6 +1169,10 @@ case Builtin::BI__builtin_alloca_with_align: if (SemaBuiltinAllocaWithAlign(TheCall)) return ExprError(); +LLVM_FALLTHROUGH; + case Builtin::BI__builtin_alloca: +Diag(TheCall->getBeginLoc(), diag::warn_alloca) +<< TheCall->getDirectCallee(); break; case Builtin::BI__assume: case Builtin::BI__builtin_assume: Index: clang/include/clang/Basic/DiagnosticSemaKinds.td === --- clang/include/clang/Basic/DiagnosticSemaKinds.td +++ clang/include/clang/Basic/DiagnosticSemaKinds.td @@ -2772,6 +2772,11 @@ def err_cannot_find_suitable_accessor : Error< "cannot find suitable %select{getter|setter}0 for property %1">; +def warn_alloca : Warning< + "use of function %0 is discouraged; there is no way to check for failure but " + "failure may still occur, resulting in a possibly exploitable security vulnerability">, + InGroup>, DefaultIgnore; + def warn_alloca_align_alignof : Warning< "second argument to __builtin_alloca_with_align is supposed to be in bits">, InGroup>; ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D64883: Add new warning -Walloca for use of builtin alloca function
ziyig added inline comments. Comment at: clang/lib/Sema/SemaChecking.cpp:1172 return ExprError(); +LLVM_FALLTHROUGH; + case Builtin::BI__builtin_alloca: aaron.ballman wrote: > Do we want to warn on all uses of alloca(), or just the ones that get past > the call to `SemaBuiltinAllocaWithAlign()`? I don't have strong opinion about this. Which one do you think is better? CHANGES SINCE LAST ACTION https://reviews.llvm.org/D64883/new/ https://reviews.llvm.org/D64883 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D64883: Add new warning -Walloca for use of builtin alloca function
ziyig updated this revision to Diff 211785. ziyig marked 9 inline comments as done. ziyig added a comment. Updated the warning message and the test cases. CHANGES SINCE LAST ACTION https://reviews.llvm.org/D64883/new/ https://reviews.llvm.org/D64883 Files: clang/include/clang/Basic/DiagnosticSemaKinds.td clang/lib/Sema/SemaChecking.cpp clang/test/Sema/warn-alloca.c Index: clang/test/Sema/warn-alloca.c === --- /dev/null +++ clang/test/Sema/warn-alloca.c @@ -0,0 +1,20 @@ +// RUN: %clang_cc1 -DSILENCE -fsyntax-only -verify -Wall %s +// RUN: %clang_cc1 -fsyntax-only -verify -Walloca %s + +#ifdef SILENCE + // expected-no-diagnostics +#endif + +void test1(int a) { + __builtin_alloca(a); +#ifndef SILENCE + // expected-warning@-2 {{use of function __builtin_alloca is discouraged; there is no way to check for failure but failure may still occur, resulting in a possibly exploitable security vulnerability}} +#endif +} + +void test2(int a) { + __builtin_alloca_with_align(a, 32); +#ifndef SILENCE + // expected-warning@-2 {{use of function __builtin_alloca_with_align is discouraged; there is no way to check for failure but failure may still occur, resulting in a possibly exploitable security vulnerability}} +#endif +} Index: clang/lib/Sema/SemaChecking.cpp === --- clang/lib/Sema/SemaChecking.cpp +++ clang/lib/Sema/SemaChecking.cpp @@ -1169,6 +1169,10 @@ case Builtin::BI__builtin_alloca_with_align: if (SemaBuiltinAllocaWithAlign(TheCall)) return ExprError(); +LLVM_FALLTHROUGH; + case Builtin::BI__builtin_alloca: +Diag(TheCall->getBeginLoc(), diag::warn_alloca) +<< TheCall->getDirectCallee()->getNameInfo().getAsString(); break; case Builtin::BI__assume: case Builtin::BI__builtin_assume: Index: clang/include/clang/Basic/DiagnosticSemaKinds.td === --- clang/include/clang/Basic/DiagnosticSemaKinds.td +++ clang/include/clang/Basic/DiagnosticSemaKinds.td @@ -2772,6 +2772,11 @@ def err_cannot_find_suitable_accessor : Error< "cannot find suitable %select{getter|setter}0 for property %1">; +def warn_alloca : Warning< + "use of function %0 is discouraged; there is no way to check for failure but " + "failure may still occur, resulting in a possibly exploitable security vulnerability">, + InGroup>, DefaultIgnore; + def warn_alloca_align_alignof : Warning< "second argument to __builtin_alloca_with_align is supposed to be in bits">, InGroup>; Index: clang/test/Sema/warn-alloca.c === --- /dev/null +++ clang/test/Sema/warn-alloca.c @@ -0,0 +1,20 @@ +// RUN: %clang_cc1 -DSILENCE -fsyntax-only -verify -Wall %s +// RUN: %clang_cc1 -fsyntax-only -verify -Walloca %s + +#ifdef SILENCE + // expected-no-diagnostics +#endif + +void test1(int a) { + __builtin_alloca(a); +#ifndef SILENCE + // expected-warning@-2 {{use of function __builtin_alloca is discouraged; there is no way to check for failure but failure may still occur, resulting in a possibly exploitable security vulnerability}} +#endif +} + +void test2(int a) { + __builtin_alloca_with_align(a, 32); +#ifndef SILENCE + // expected-warning@-2 {{use of function __builtin_alloca_with_align is discouraged; there is no way to check for failure but failure may still occur, resulting in a possibly exploitable security vulnerability}} +#endif +} Index: clang/lib/Sema/SemaChecking.cpp === --- clang/lib/Sema/SemaChecking.cpp +++ clang/lib/Sema/SemaChecking.cpp @@ -1169,6 +1169,10 @@ case Builtin::BI__builtin_alloca_with_align: if (SemaBuiltinAllocaWithAlign(TheCall)) return ExprError(); +LLVM_FALLTHROUGH; + case Builtin::BI__builtin_alloca: +Diag(TheCall->getBeginLoc(), diag::warn_alloca) +<< TheCall->getDirectCallee()->getNameInfo().getAsString(); break; case Builtin::BI__assume: case Builtin::BI__builtin_assume: Index: clang/include/clang/Basic/DiagnosticSemaKinds.td === --- clang/include/clang/Basic/DiagnosticSemaKinds.td +++ clang/include/clang/Basic/DiagnosticSemaKinds.td @@ -2772,6 +2772,11 @@ def err_cannot_find_suitable_accessor : Error< "cannot find suitable %select{getter|setter}0 for property %1">; +def warn_alloca : Warning< + "use of function %0 is discouraged; there is no way to check for failure but " + "failure may still occur, resulting in a possibly exploitable security vulnerability">, + InGroup>, DefaultIgnore; + def warn_alloca_align_alignof : Warning< "second argument to __builtin_alloca_with_align is supposed to be in bits">, InGroup>; ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm
[PATCH] D64883: Add new warning -Walloca for use of builtin alloca function
ziyig created this revision. ziyig added reviewers: gbiv, aaron.ballman. Herald added a reviewer: george.burgess.iv. Herald added subscribers: cfe-commits, kristina. Herald added a project: clang. Add new warning -Walloca for use of builtin alloca function. Also warns the use of __builtin_alloca_with_align. GCC has this warning, and we'd like to have this for compatibility. Repository: rC Clang https://reviews.llvm.org/D64883 Files: clang/include/clang/Basic/DiagnosticSemaKinds.td clang/lib/Sema/SemaChecking.cpp clang/test/Sema/warn-alloca.c Index: clang/test/Sema/warn-alloca.c === --- /dev/null +++ clang/test/Sema/warn-alloca.c @@ -0,0 +1,10 @@ +// RUN: %clang_cc1 -fsyntax-only -verify -Walloca %s + +void test1(int a) { + __builtin_alloca(a); // expected-warning {{use of builtin function __builtin_alloca}} +} + +void test2(int a) { + __builtin_alloca_with_align(a, 32); // expected-warning {{use of builtin function __builtin_alloca_with_align}} +} + Index: clang/lib/Sema/SemaChecking.cpp === --- clang/lib/Sema/SemaChecking.cpp +++ clang/lib/Sema/SemaChecking.cpp @@ -1169,6 +1169,10 @@ case Builtin::BI__builtin_alloca_with_align: if (SemaBuiltinAllocaWithAlign(TheCall)) return ExprError(); +LLVM_FALLTHROUGH; + case Builtin::BI__builtin_alloca: +Diag(TheCall->getBeginLoc(), diag::warn_alloca) +<< Context.BuiltinInfo.getName(BuiltinID); break; case Builtin::BI__assume: case Builtin::BI__builtin_assume: Index: clang/include/clang/Basic/DiagnosticSemaKinds.td === --- clang/include/clang/Basic/DiagnosticSemaKinds.td +++ clang/include/clang/Basic/DiagnosticSemaKinds.td @@ -2772,6 +2772,10 @@ def err_cannot_find_suitable_accessor : Error< "cannot find suitable %select{getter|setter}0 for property %1">; +def warn_alloca : Warning< + "use of builtin function %0">, + InGroup>, DefaultIgnore; + def warn_alloca_align_alignof : Warning< "second argument to __builtin_alloca_with_align is supposed to be in bits">, InGroup>; Index: clang/test/Sema/warn-alloca.c === --- /dev/null +++ clang/test/Sema/warn-alloca.c @@ -0,0 +1,10 @@ +// RUN: %clang_cc1 -fsyntax-only -verify -Walloca %s + +void test1(int a) { + __builtin_alloca(a); // expected-warning {{use of builtin function __builtin_alloca}} +} + +void test2(int a) { + __builtin_alloca_with_align(a, 32); // expected-warning {{use of builtin function __builtin_alloca_with_align}} +} + Index: clang/lib/Sema/SemaChecking.cpp === --- clang/lib/Sema/SemaChecking.cpp +++ clang/lib/Sema/SemaChecking.cpp @@ -1169,6 +1169,10 @@ case Builtin::BI__builtin_alloca_with_align: if (SemaBuiltinAllocaWithAlign(TheCall)) return ExprError(); +LLVM_FALLTHROUGH; + case Builtin::BI__builtin_alloca: +Diag(TheCall->getBeginLoc(), diag::warn_alloca) +<< Context.BuiltinInfo.getName(BuiltinID); break; case Builtin::BI__assume: case Builtin::BI__builtin_assume: Index: clang/include/clang/Basic/DiagnosticSemaKinds.td === --- clang/include/clang/Basic/DiagnosticSemaKinds.td +++ clang/include/clang/Basic/DiagnosticSemaKinds.td @@ -2772,6 +2772,10 @@ def err_cannot_find_suitable_accessor : Error< "cannot find suitable %select{getter|setter}0 for property %1">; +def warn_alloca : Warning< + "use of builtin function %0">, + InGroup>, DefaultIgnore; + def warn_alloca_align_alignof : Warning< "second argument to __builtin_alloca_with_align is supposed to be in bits">, InGroup>; ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits