[PATCH] D71033: [analyzer] CERT: STR32-C
Charusso updated this revision to Diff 241761.
Charusso added a comment.
- Rebase.
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D71033/new/
https://reviews.llvm.org/D71033
Files:
clang/docs/analyzer/checkers.rst
clang/include/clang/StaticAnalyzer/Checkers/Checkers.td
clang/include/clang/StaticAnalyzer/Core/PathSensitive/DynamicSize.h
clang/lib/StaticAnalyzer/Checkers/cert/StrChecker.cpp
clang/test/Analysis/Inputs/system-header-simulator.h
clang/test/Analysis/cert/str31-c-notes-warn-on-call-off.cpp
clang/test/Analysis/cert/str31-c-notes-warn-on-call-on.cpp
clang/test/Analysis/cert/str32-c-notes.cpp
clang/test/Analysis/cert/str32-c.cpp
clang/test/Analysis/malloc.c
Index: clang/test/Analysis/malloc.c
===
--- clang/test/Analysis/malloc.c
+++ clang/test/Analysis/malloc.c
@@ -9,21 +9,6 @@
void clang_analyzer_eval(int);
-// Without -fms-compatibility, wchar_t isn't a builtin type. MSVC defines
-// _WCHAR_T_DEFINED if wchar_t is available. Microsoft recommends that you use
-// the builtin type: "Using the typedef version can cause portability
-// problems", but we're ok here because we're not actually running anything.
-// Also of note is this cryptic warning: "The wchar_t type is not supported
-// when you compile C code".
-//
-// See the docs for more:
-// https://msdn.microsoft.com/en-us/library/dh8che7s.aspx
-#if !defined(_WCHAR_T_DEFINED)
-// "Microsoft implements wchar_t as a two-byte unsigned value"
-typedef unsigned short wchar_t;
-#define _WCHAR_T_DEFINED
-#endif // !defined(_WCHAR_T_DEFINED)
-
typedef __typeof(sizeof(int)) size_t;
void *malloc(size_t);
void *alloca(size_t);
Index: clang/test/Analysis/cert/str32-c.cpp
===
--- /dev/null
+++ clang/test/Analysis/cert/str32-c.cpp
@@ -0,0 +1,88 @@
+// RUN: %clang_analyze_cc1 \
+// RUN: -analyzer-checker=core,unix,alpha.security.cert.str.32c \
+// RUN: -verify %s
+
+// See the examples on the page of STR32-C:
+// https://wiki.sei.cmu.edu/confluence/display/c/STR32-C.+Do+not+pass+a+non-null-terminated+character+sequence+to+a+library+function+that+expects+a+string
+
+#include "../Inputs/system-header-simulator.h"
+
+void *realloc(void *memblock, size_t size);
+
+namespace test_strncpy_bad {
+enum { STR_SIZE = 32 };
+
+size_t func(const char *source) {
+ char c_str[STR_SIZE];
+ size_t ret = 0;
+
+ if (source) {
+c_str[sizeof(c_str) - 1] = '\0';
+strncpy(c_str, source, sizeof(c_str));
+ret = strlen(c_str);
+// expected-warning@-1 {{'c_str' is not null-terminated}}
+ }
+ return ret;
+}
+} // namespace test_strncpy_bad
+
+namespace test_strncpy_good {
+enum { STR_SIZE = 32 };
+
+size_t func(const char *src) {
+ char c_str[STR_SIZE];
+ size_t ret = 0;
+
+ if (src) {
+strncpy(c_str, src, sizeof(c_str) - 1);
+c_str[sizeof(c_str) - 1] = '\0';
+ret = strlen(c_str);
+ }
+ return ret;
+}
+} // namespace test_strncpy_good
+
+namespace test_realloc_bad {
+wchar_t *cur_msg = NULL;
+size_t cur_msg_size = 1024;
+size_t cur_msg_len = 0;
+
+void lessen_memory_usage(void) {
+ if (cur_msg == NULL)
+return;
+
+ size_t temp_size = cur_msg_size / 2 + 1;
+ wchar_t *temp = (wchar_t *)realloc(cur_msg, temp_size * sizeof(wchar_t));
+ /* temp and cur_msg may no longer be null-terminated */
+ if (temp == NULL)
+return;
+
+ cur_msg = temp;
+ cur_msg_size = temp_size;
+ cur_msg_len = wcslen(cur_msg);
+ // expected-warning@-1 {{'cur_msg' is not null-terminated}}
+}
+} // namespace test_realloc_bad
+
+namespace test_realloc_good {
+wchar_t *cur_msg = NULL;
+size_t cur_msg_size = 1024;
+size_t cur_msg_len = 0;
+
+void lessen_memory_usage(void) {
+ if (cur_msg == NULL)
+return;
+
+ size_t temp_size = cur_msg_size / 2 + 1;
+ wchar_t *temp = (wchar_t *)realloc(cur_msg, temp_size * sizeof(wchar_t));
+ /* temp and cur_msg may no longer be null-terminated */
+ if (temp == NULL)
+return;
+
+ cur_msg = temp;
+ /* Properly null-terminate cur_msg */
+ cur_msg[temp_size - 1] = L'\0';
+ cur_msg_size = temp_size;
+ cur_msg_len = wcslen(cur_msg);
+}
+} // namespace test_realloc_good
Index: clang/test/Analysis/cert/str32-c-notes.cpp
===
--- /dev/null
+++ clang/test/Analysis/cert/str32-c-notes.cpp
@@ -0,0 +1,64 @@
+// RUN: %clang_analyze_cc1 \
+// RUN: -analyzer-checker=core,unix,alpha.security.cert.str.32c \
+// RUN: -analyzer-output=text -verify %s
+
+// See the examples on the page of STR32-C:
+// https://wiki.sei.cmu.edu/confluence/display/c/STR32-C.+Do+not+pass+a+non-null-terminated+character+sequence+to+a+library+function+that+expects+a+string
+
+#include "../Inputs/system-header-simulator.h"
+
+void *realloc(void *memblock, size_t size);
+
+namespace test_strncpy_bad {
+enum { STR_SIZE = 32 };
+
+size_t func(const char *source) {
+ char c_str[STR_SIZE];
+ // expected-note@-1 {{'c_str' is
[PATCH] D71033: [analyzer] CERT: STR32-C
Charusso added a comment. We need to add the interestingness to the `NoteTags` so that we only emit notes on initialization/function calls which leads to an error. CHANGES SINCE LAST ACTION https://reviews.llvm.org/D71033/new/ https://reviews.llvm.org/D71033 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D71033: [analyzer] CERT: STR32-C
Charusso marked an inline comment as done.
Charusso added inline comments.
Comment at: clang/lib/StaticAnalyzer/Checkers/cert/StrChecker.cpp:479
+if (VD->getType()->getAsArrayTypeUnsafe()) {
+ VD->dumpColor();
+ ProgramStateRef State = C.getState();
-1 line
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D71033/new/
https://reviews.llvm.org/D71033
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D71033: [analyzer] CERT: STR32-C
Charusso updated this revision to Diff 233904.
Charusso retitled this revision from "[analyzer] CERT: StrChecker: 32.c" to
"[analyzer] CERT: STR32-C".
Charusso added a comment.
- Add notes to the initialization of char-arrays.
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D71033/new/
https://reviews.llvm.org/D71033
Files:
clang/docs/analyzer/checkers.rst
clang/include/clang/StaticAnalyzer/Checkers/Checkers.td
clang/include/clang/StaticAnalyzer/Core/PathSensitive/DynamicSize.h
clang/lib/StaticAnalyzer/Checkers/cert/StrChecker.cpp
clang/lib/StaticAnalyzer/Core/DynamicSize.cpp
clang/test/Analysis/Inputs/system-header-simulator.h
clang/test/Analysis/cert/str31-c-notes-warn-on-call-off.cpp
clang/test/Analysis/cert/str31-c-notes-warn-on-call-on.cpp
clang/test/Analysis/cert/str32-c-notes.cpp
clang/test/Analysis/cert/str32-c.cpp
clang/test/Analysis/malloc.c
Index: clang/test/Analysis/malloc.c
===
--- clang/test/Analysis/malloc.c
+++ clang/test/Analysis/malloc.c
@@ -9,21 +9,6 @@
void clang_analyzer_eval(int);
-// Without -fms-compatibility, wchar_t isn't a builtin type. MSVC defines
-// _WCHAR_T_DEFINED if wchar_t is available. Microsoft recommends that you use
-// the builtin type: "Using the typedef version can cause portability
-// problems", but we're ok here because we're not actually running anything.
-// Also of note is this cryptic warning: "The wchar_t type is not supported
-// when you compile C code".
-//
-// See the docs for more:
-// https://msdn.microsoft.com/en-us/library/dh8che7s.aspx
-#if !defined(_WCHAR_T_DEFINED)
-// "Microsoft implements wchar_t as a two-byte unsigned value"
-typedef unsigned short wchar_t;
-#define _WCHAR_T_DEFINED
-#endif // !defined(_WCHAR_T_DEFINED)
-
typedef __typeof(sizeof(int)) size_t;
void *malloc(size_t);
void *alloca(size_t);
Index: clang/test/Analysis/cert/str32-c.cpp
===
--- /dev/null
+++ clang/test/Analysis/cert/str32-c.cpp
@@ -0,0 +1,88 @@
+// RUN: %clang_analyze_cc1 \
+// RUN: -analyzer-checker=core,unix,alpha.security.cert.str.32c \
+// RUN: -verify %s
+
+// See the examples on the page of STR32-C:
+// https://wiki.sei.cmu.edu/confluence/display/c/STR32-C.+Do+not+pass+a+non-null-terminated+character+sequence+to+a+library+function+that+expects+a+string
+
+#include "../Inputs/system-header-simulator.h"
+
+void *realloc(void *memblock, size_t size);
+
+namespace test_strncpy_bad {
+enum { STR_SIZE = 32 };
+
+size_t func(const char *source) {
+ char c_str[STR_SIZE];
+ size_t ret = 0;
+
+ if (source) {
+c_str[sizeof(c_str) - 1] = '\0';
+strncpy(c_str, source, sizeof(c_str));
+ret = strlen(c_str);
+// expected-warning@-1 {{'c_str' is not null-terminated}}
+ }
+ return ret;
+}
+} // namespace test_strncpy_bad
+
+namespace test_strncpy_good {
+enum { STR_SIZE = 32 };
+
+size_t func(const char *src) {
+ char c_str[STR_SIZE];
+ size_t ret = 0;
+
+ if (src) {
+strncpy(c_str, src, sizeof(c_str) - 1);
+c_str[sizeof(c_str) - 1] = '\0';
+ret = strlen(c_str);
+ }
+ return ret;
+}
+} // namespace test_strncpy_good
+
+namespace test_realloc_bad {
+wchar_t *cur_msg = NULL;
+size_t cur_msg_size = 1024;
+size_t cur_msg_len = 0;
+
+void lessen_memory_usage(void) {
+ if (cur_msg == NULL)
+return;
+
+ size_t temp_size = cur_msg_size / 2 + 1;
+ wchar_t *temp = (wchar_t *)realloc(cur_msg, temp_size * sizeof(wchar_t));
+ /* temp and cur_msg may no longer be null-terminated */
+ if (temp == NULL)
+return;
+
+ cur_msg = temp;
+ cur_msg_size = temp_size;
+ cur_msg_len = wcslen(cur_msg);
+ // expected-warning@-1 {{'cur_msg' is not null-terminated}}
+}
+} // namespace test_realloc_bad
+
+namespace test_realloc_good {
+wchar_t *cur_msg = NULL;
+size_t cur_msg_size = 1024;
+size_t cur_msg_len = 0;
+
+void lessen_memory_usage(void) {
+ if (cur_msg == NULL)
+return;
+
+ size_t temp_size = cur_msg_size / 2 + 1;
+ wchar_t *temp = (wchar_t *)realloc(cur_msg, temp_size * sizeof(wchar_t));
+ /* temp and cur_msg may no longer be null-terminated */
+ if (temp == NULL)
+return;
+
+ cur_msg = temp;
+ /* Properly null-terminate cur_msg */
+ cur_msg[temp_size - 1] = L'\0';
+ cur_msg_size = temp_size;
+ cur_msg_len = wcslen(cur_msg);
+}
+} // namespace test_realloc_good
Index: clang/test/Analysis/cert/str32-c-notes.cpp
===
--- /dev/null
+++ clang/test/Analysis/cert/str32-c-notes.cpp
@@ -0,0 +1,64 @@
+// RUN: %clang_analyze_cc1 \
+// RUN: -analyzer-checker=core,unix,alpha.security.cert.str.32c \
+// RUN: -analyzer-output=text -verify %s
+
+// See the examples on the page of STR32-C:
+// https://wiki.sei.cmu.edu/confluence/display/c/STR32-C.+Do+not+pass+a+non-null-terminated+character+sequence+to+a+library+function+that+expects+a+string
+
+#include "../Inputs/system-header-simulator.h"
+
+void
