[clang-tidy][Part1] Add a new module Android and three new checks.
Summary:
A common source of security bugs is code that opens a file descriptors without using the O_CLOEXEC flag. (Without that flag, an opened sensitive file would remain open across a fork+exec to a lower-privileged SELinux domain, leaking that sensitive data.).
Add a new Android module and one checks in clang-tidy.
-- open(), openat(), and open64() should include O_CLOEXEC in their flags argument. [android-file-open-flag]
Links to part2 and part3:
https://reviews.llvm.org/D33745
https://reviews.llvm.org/D33747
Reviewers: chh, alexfh, aaron.ballman, hokein
Reviewed By: alexfh, hokein
Subscribers: jbcoe, joerg, malcolm.parsons, Eugene.Zelenko, srhines, mgorny, xazax.hun, cfe-commits, krytarowski
Tags: #clang-tools-extra
Differential Revision: https://reviews.llvm.org/D33304
llvm-svn: 306165
2017-06-24 05:37:29 +08:00
|
|
|
//===--- AndroidTidyModule.cpp - clang-tidy--------------------------------===//
|
|
|
|
//
|
2019-01-19 16:50:56 +08:00
|
|
|
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
|
|
|
|
// See https://llvm.org/LICENSE.txt for license information.
|
|
|
|
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
|
[clang-tidy][Part1] Add a new module Android and three new checks.
Summary:
A common source of security bugs is code that opens a file descriptors without using the O_CLOEXEC flag. (Without that flag, an opened sensitive file would remain open across a fork+exec to a lower-privileged SELinux domain, leaking that sensitive data.).
Add a new Android module and one checks in clang-tidy.
-- open(), openat(), and open64() should include O_CLOEXEC in their flags argument. [android-file-open-flag]
Links to part2 and part3:
https://reviews.llvm.org/D33745
https://reviews.llvm.org/D33747
Reviewers: chh, alexfh, aaron.ballman, hokein
Reviewed By: alexfh, hokein
Subscribers: jbcoe, joerg, malcolm.parsons, Eugene.Zelenko, srhines, mgorny, xazax.hun, cfe-commits, krytarowski
Tags: #clang-tools-extra
Differential Revision: https://reviews.llvm.org/D33304
llvm-svn: 306165
2017-06-24 05:37:29 +08:00
|
|
|
//
|
|
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
|
|
|
|
#include "../ClangTidy.h"
|
|
|
|
#include "../ClangTidyModule.h"
|
|
|
|
#include "../ClangTidyModuleRegistry.h"
|
2017-08-17 01:46:18 +08:00
|
|
|
#include "CloexecAccept4Check.h"
|
2017-08-17 01:18:16 +08:00
|
|
|
#include "CloexecAcceptCheck.h"
|
2017-06-30 01:40:57 +08:00
|
|
|
#include "CloexecCreatCheck.h"
|
2018-04-07 01:22:36 +08:00
|
|
|
#include "CloexecDupCheck.h"
|
2017-08-17 01:53:12 +08:00
|
|
|
#include "CloexecEpollCreate1Check.h"
|
2017-08-17 02:02:49 +08:00
|
|
|
#include "CloexecEpollCreateCheck.h"
|
2017-06-30 01:42:23 +08:00
|
|
|
#include "CloexecFopenCheck.h"
|
2017-08-15 01:45:48 +08:00
|
|
|
#include "CloexecInotifyInit1Check.h"
|
2017-08-15 01:25:41 +08:00
|
|
|
#include "CloexecInotifyInitCheck.h"
|
2017-08-11 06:09:22 +08:00
|
|
|
#include "CloexecMemfdCreateCheck.h"
|
2017-06-30 03:13:29 +08:00
|
|
|
#include "CloexecOpenCheck.h"
|
2017-07-13 01:43:36 +08:00
|
|
|
#include "CloexecSocketCheck.h"
|
2018-04-11 05:22:22 +08:00
|
|
|
#include "ComparisonInTempFailureRetryCheck.h"
|
[clang-tidy][Part1] Add a new module Android and three new checks.
Summary:
A common source of security bugs is code that opens a file descriptors without using the O_CLOEXEC flag. (Without that flag, an opened sensitive file would remain open across a fork+exec to a lower-privileged SELinux domain, leaking that sensitive data.).
Add a new Android module and one checks in clang-tidy.
-- open(), openat(), and open64() should include O_CLOEXEC in their flags argument. [android-file-open-flag]
Links to part2 and part3:
https://reviews.llvm.org/D33745
https://reviews.llvm.org/D33747
Reviewers: chh, alexfh, aaron.ballman, hokein
Reviewed By: alexfh, hokein
Subscribers: jbcoe, joerg, malcolm.parsons, Eugene.Zelenko, srhines, mgorny, xazax.hun, cfe-commits, krytarowski
Tags: #clang-tools-extra
Differential Revision: https://reviews.llvm.org/D33304
llvm-svn: 306165
2017-06-24 05:37:29 +08:00
|
|
|
|
|
|
|
using namespace clang::ast_matchers;
|
|
|
|
|
|
|
|
namespace clang {
|
|
|
|
namespace tidy {
|
|
|
|
namespace android {
|
|
|
|
|
|
|
|
/// This module is for Android specific checks.
|
|
|
|
class AndroidModule : public ClangTidyModule {
|
|
|
|
public:
|
|
|
|
void addCheckFactories(ClangTidyCheckFactories &CheckFactories) override {
|
2017-08-17 01:46:18 +08:00
|
|
|
CheckFactories.registerCheck<CloexecAccept4Check>("android-cloexec-accept4");
|
2017-08-17 01:18:16 +08:00
|
|
|
CheckFactories.registerCheck<CloexecAcceptCheck>("android-cloexec-accept");
|
2017-06-30 01:40:57 +08:00
|
|
|
CheckFactories.registerCheck<CloexecCreatCheck>("android-cloexec-creat");
|
2018-09-20 08:02:55 +08:00
|
|
|
CheckFactories.registerCheck<CloexecDupCheck>("android-cloexec-dup");
|
2017-08-17 01:53:12 +08:00
|
|
|
CheckFactories.registerCheck<CloexecEpollCreate1Check>(
|
|
|
|
"android-cloexec-epoll-create1");
|
2017-08-17 02:02:49 +08:00
|
|
|
CheckFactories.registerCheck<CloexecEpollCreateCheck>(
|
|
|
|
"android-cloexec-epoll-create");
|
2017-06-30 01:42:23 +08:00
|
|
|
CheckFactories.registerCheck<CloexecFopenCheck>("android-cloexec-fopen");
|
2017-08-15 01:45:48 +08:00
|
|
|
CheckFactories.registerCheck<CloexecInotifyInit1Check>(
|
|
|
|
"android-cloexec-inotify-init1");
|
2018-09-20 08:02:55 +08:00
|
|
|
CheckFactories.registerCheck<CloexecInotifyInitCheck>(
|
|
|
|
"android-cloexec-inotify-init");
|
2017-08-11 06:09:22 +08:00
|
|
|
CheckFactories.registerCheck<CloexecMemfdCreateCheck>(
|
|
|
|
"android-cloexec-memfd-create");
|
2017-06-30 03:13:29 +08:00
|
|
|
CheckFactories.registerCheck<CloexecOpenCheck>("android-cloexec-open");
|
2017-07-13 01:43:36 +08:00
|
|
|
CheckFactories.registerCheck<CloexecSocketCheck>("android-cloexec-socket");
|
2018-04-11 05:22:22 +08:00
|
|
|
CheckFactories.registerCheck<ComparisonInTempFailureRetryCheck>(
|
|
|
|
"android-comparison-in-temp-failure-retry");
|
[clang-tidy][Part1] Add a new module Android and three new checks.
Summary:
A common source of security bugs is code that opens a file descriptors without using the O_CLOEXEC flag. (Without that flag, an opened sensitive file would remain open across a fork+exec to a lower-privileged SELinux domain, leaking that sensitive data.).
Add a new Android module and one checks in clang-tidy.
-- open(), openat(), and open64() should include O_CLOEXEC in their flags argument. [android-file-open-flag]
Links to part2 and part3:
https://reviews.llvm.org/D33745
https://reviews.llvm.org/D33747
Reviewers: chh, alexfh, aaron.ballman, hokein
Reviewed By: alexfh, hokein
Subscribers: jbcoe, joerg, malcolm.parsons, Eugene.Zelenko, srhines, mgorny, xazax.hun, cfe-commits, krytarowski
Tags: #clang-tools-extra
Differential Revision: https://reviews.llvm.org/D33304
llvm-svn: 306165
2017-06-24 05:37:29 +08:00
|
|
|
}
|
|
|
|
};
|
|
|
|
|
|
|
|
// Register the AndroidTidyModule using this statically initialized variable.
|
|
|
|
static ClangTidyModuleRegistry::Add<AndroidModule>
|
|
|
|
X("android-module", "Adds Android platform checks.");
|
|
|
|
|
|
|
|
} // namespace android
|
|
|
|
|
|
|
|
// This anchor is used to force the linker to link in the generated object file
|
|
|
|
// and thus register the AndroidModule.
|
|
|
|
volatile int AndroidModuleAnchorSource = 0;
|
|
|
|
|
|
|
|
} // namespace tidy
|
|
|
|
} // namespace clang
|