llvm-project/clang-tools-extra/clang-tidy/cert/CommandProcessorCheck.h

//===--- CommandInterpreterCheck.h - clang-tidy------------------*- C++ -*-===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//

#ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_COMMAND_PROCESSOR_CHECK_H
#define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_COMMAND_PROCESSOR_CHECK_H

#include "../ClangTidyCheck.h"

namespace clang {
namespace tidy {
namespace cert {

/// Execution of a command processor can lead to security vulnerabilities,
/// and is generally not required. Instead, prefer to launch executables
/// directly via mechanisms that give you more control over what executable is
/// actually launched.
///
/// For the user-facing documentation see:
/// http://clang.llvm.org/extra/clang-tidy/checks/cert-env33-c.html
class CommandProcessorCheck : public ClangTidyCheck {
public:
  CommandProcessorCheck(StringRef Name, ClangTidyContext *Context)
      : ClangTidyCheck(Name, Context) {}
  void registerMatchers(ast_matchers::MatchFinder *Finder) override;
  void check(const ast_matchers::MatchFinder::MatchResult &Result) override;
};

} // namespace cert
} // namespace tidy
} // namespace clang

#endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_COMMAND_PROCESSOR_CHECK_H
Add a new check, cert-env33-c, that diagnoses uses of system(), popen(), and _popen() to execute a command processor. This check corresponds to the CERT secure coding rule: https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=2130132 llvm-svn: 261530 2016-02-23 00:01:06 +08:00			`//===--- CommandInterpreterCheck.h - clang-tidy------------------- C++ --===//`
			`//`
Update the file headers across all of the LLVM projects in the monorepo to reflect the new license. We understand that people may be surprised that we're moving the header entirely to discuss the new license. We checked this carefully with the Foundation's lawyer and we believe this is the correct approach. Essentially, all code in the project is now made available by the LLVM project under our new license, so you will see that the license headers include that license only. Some of our contributors have contributed code under our old license, and accordingly, we have retained a copy of our old license notice in the top-level files in each project and repository. llvm-svn: 351636 2019-01-19 16:50:56 +08:00			`// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.`
			`// See https://llvm.org/LICENSE.txt for license information.`
			`// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception`
Add a new check, cert-env33-c, that diagnoses uses of system(), popen(), and _popen() to execute a command processor. This check corresponds to the CERT secure coding rule: https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=2130132 llvm-svn: 261530 2016-02-23 00:01:06 +08:00			`//`
			`//===----------------------------------------------------------------------===//`

			`#ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_COMMAND_PROCESSOR_CHECK_H`
			`#define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_COMMAND_PROCESSOR_CHECK_H`

[clang-tidy] Switch checks to #include "ClangTidyCheck.h" llvm-svn: 356892 2019-03-25 20:38:26 +08:00			`#include "../ClangTidyCheck.h"`
Add a new check, cert-env33-c, that diagnoses uses of system(), popen(), and _popen() to execute a command processor. This check corresponds to the CERT secure coding rule: https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=2130132 llvm-svn: 261530 2016-02-23 00:01:06 +08:00
			`namespace clang {`
			`namespace tidy {`
			`namespace cert {`

			`/// Execution of a command processor can lead to security vulnerabilities,`
			`/// and is generally not required. Instead, prefer to launch executables`
			`/// directly via mechanisms that give you more control over what executable is`
			`/// actually launched.`
			`///`
			`/// For the user-facing documentation see:`
			`/// http://clang.llvm.org/extra/clang-tidy/checks/cert-env33-c.html`
			`class CommandProcessorCheck : public ClangTidyCheck {`
			`public:`
			`CommandProcessorCheck(StringRef Name, ClangTidyContext *Context)`
			`: ClangTidyCheck(Name, Context) {}`
			`void registerMatchers(ast_matchers::MatchFinder *Finder) override;`
			`void check(const ast_matchers::MatchFinder::MatchResult &Result) override;`
			`};`

			`} // namespace cert`
			`} // namespace tidy`
			`} // namespace clang`

			`#endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_COMMAND_PROCESSOR_CHECK_H`