llvm-project/clang-tools-extra/clang-tidy/android/CloexecOpenCheck.cpp

//===--- CloexecOpenCheck.cpp - clang-tidy---------------------------------===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//

#include "CloexecOpenCheck.h"
#include "clang/AST/ASTContext.h"
#include "clang/ASTMatchers/ASTMatchFinder.h"

using namespace clang::ast_matchers;

namespace clang {
namespace tidy {
namespace android {

void CloexecOpenCheck::registerMatchers(MatchFinder *Finder) {
  auto CharPointerType = hasType(pointerType(pointee(isAnyCharacter())));
  registerMatchersImpl(Finder,
                       functionDecl(isExternC(), returns(isInteger()),
                                    hasAnyName("open", "open64"),
                                    hasParameter(0, CharPointerType),
                                    hasParameter(1, hasType(isInteger()))));
  registerMatchersImpl(Finder,
                       functionDecl(isExternC(), returns(isInteger()),
                                    hasName("openat"),
                                    hasParameter(0, hasType(isInteger())),
                                    hasParameter(1, CharPointerType),
                                    hasParameter(2, hasType(isInteger()))));
}

void CloexecOpenCheck::check(const MatchFinder::MatchResult &Result) {
  const auto *FD = Result.Nodes.getNodeAs<FunctionDecl>(FuncDeclBindingStr);
  assert(FD->param_size() > 1);
  int ArgPos = (FD->param_size() > 2) ? 2 : 1;
  insertMacroFlag(Result, /*MacroFlag=*/"O_CLOEXEC", ArgPos);
}

} // namespace android
} // namespace tidy
} // namespace clang
[clang-tidy] Rename android-file-open-flag and fix a bug Summary: 1. Rename android-file-open-flag to android-cloexec-open. 2. Handle a case when the function is passed as an argument of a function-like macro. Reviewers: chh Reviewed By: chh Subscribers: srhines, mgorny, JDevlieghere, xazax.hun, cfe-commits Tags: #clang-tools-extra Differential Revision: https://reviews.llvm.org/D34633 llvm-svn: 306728 2017-06-30 03:13:29 +08:00			`//===--- CloexecOpenCheck.cpp - clang-tidy---------------------------------===//`
[clang-tidy][Part1] Add a new module Android and three new checks. Summary: A common source of security bugs is code that opens a file descriptors without using the O_CLOEXEC flag. (Without that flag, an opened sensitive file would remain open across a fork+exec to a lower-privileged SELinux domain, leaking that sensitive data.). Add a new Android module and one checks in clang-tidy. -- open(), openat(), and open64() should include O_CLOEXEC in their flags argument. [android-file-open-flag] Links to part2 and part3: https://reviews.llvm.org/D33745 https://reviews.llvm.org/D33747 Reviewers: chh, alexfh, aaron.ballman, hokein Reviewed By: alexfh, hokein Subscribers: jbcoe, joerg, malcolm.parsons, Eugene.Zelenko, srhines, mgorny, xazax.hun, cfe-commits, krytarowski Tags: #clang-tools-extra Differential Revision: https://reviews.llvm.org/D33304 llvm-svn: 306165 2017-06-24 05:37:29 +08:00			`//`
Update the file headers across all of the LLVM projects in the monorepo to reflect the new license. We understand that people may be surprised that we're moving the header entirely to discuss the new license. We checked this carefully with the Foundation's lawyer and we believe this is the correct approach. Essentially, all code in the project is now made available by the LLVM project under our new license, so you will see that the license headers include that license only. Some of our contributors have contributed code under our old license, and accordingly, we have retained a copy of our old license notice in the top-level files in each project and repository. llvm-svn: 351636 2019-01-19 16:50:56 +08:00			`// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.`
			`// See https://llvm.org/LICENSE.txt for license information.`
			`// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception`
[clang-tidy][Part1] Add a new module Android and three new checks. Summary: A common source of security bugs is code that opens a file descriptors without using the O_CLOEXEC flag. (Without that flag, an opened sensitive file would remain open across a fork+exec to a lower-privileged SELinux domain, leaking that sensitive data.). Add a new Android module and one checks in clang-tidy. -- open(), openat(), and open64() should include O_CLOEXEC in their flags argument. [android-file-open-flag] Links to part2 and part3: https://reviews.llvm.org/D33745 https://reviews.llvm.org/D33747 Reviewers: chh, alexfh, aaron.ballman, hokein Reviewed By: alexfh, hokein Subscribers: jbcoe, joerg, malcolm.parsons, Eugene.Zelenko, srhines, mgorny, xazax.hun, cfe-commits, krytarowski Tags: #clang-tools-extra Differential Revision: https://reviews.llvm.org/D33304 llvm-svn: 306165 2017-06-24 05:37:29 +08:00			`//`
			`//===----------------------------------------------------------------------===//`

[clang-tidy] Rename android-file-open-flag and fix a bug Summary: 1. Rename android-file-open-flag to android-cloexec-open. 2. Handle a case when the function is passed as an argument of a function-like macro. Reviewers: chh Reviewed By: chh Subscribers: srhines, mgorny, JDevlieghere, xazax.hun, cfe-commits Tags: #clang-tools-extra Differential Revision: https://reviews.llvm.org/D34633 llvm-svn: 306728 2017-06-30 03:13:29 +08:00			`#include "CloexecOpenCheck.h"`
[clang-tidy][Part1] Add a new module Android and three new checks. Summary: A common source of security bugs is code that opens a file descriptors without using the O_CLOEXEC flag. (Without that flag, an opened sensitive file would remain open across a fork+exec to a lower-privileged SELinux domain, leaking that sensitive data.). Add a new Android module and one checks in clang-tidy. -- open(), openat(), and open64() should include O_CLOEXEC in their flags argument. [android-file-open-flag] Links to part2 and part3: https://reviews.llvm.org/D33745 https://reviews.llvm.org/D33747 Reviewers: chh, alexfh, aaron.ballman, hokein Reviewed By: alexfh, hokein Subscribers: jbcoe, joerg, malcolm.parsons, Eugene.Zelenko, srhines, mgorny, xazax.hun, cfe-commits, krytarowski Tags: #clang-tools-extra Differential Revision: https://reviews.llvm.org/D33304 llvm-svn: 306165 2017-06-24 05:37:29 +08:00			`#include "clang/AST/ASTContext.h"`
			`#include "clang/ASTMatchers/ASTMatchFinder.h"`

			`using namespace clang::ast_matchers;`

			`namespace clang {`
			`namespace tidy {`
			`namespace android {`

[clang-tidy] Rename android-file-open-flag and fix a bug Summary: 1. Rename android-file-open-flag to android-cloexec-open. 2. Handle a case when the function is passed as an argument of a function-like macro. Reviewers: chh Reviewed By: chh Subscribers: srhines, mgorny, JDevlieghere, xazax.hun, cfe-commits Tags: #clang-tools-extra Differential Revision: https://reviews.llvm.org/D34633 llvm-svn: 306728 2017-06-30 03:13:29 +08:00			`void CloexecOpenCheck::registerMatchers(MatchFinder *Finder) {`
[clang-tidy][Part1] Add a new module Android and three new checks. Summary: A common source of security bugs is code that opens a file descriptors without using the O_CLOEXEC flag. (Without that flag, an opened sensitive file would remain open across a fork+exec to a lower-privileged SELinux domain, leaking that sensitive data.). Add a new Android module and one checks in clang-tidy. -- open(), openat(), and open64() should include O_CLOEXEC in their flags argument. [android-file-open-flag] Links to part2 and part3: https://reviews.llvm.org/D33745 https://reviews.llvm.org/D33747 Reviewers: chh, alexfh, aaron.ballman, hokein Reviewed By: alexfh, hokein Subscribers: jbcoe, joerg, malcolm.parsons, Eugene.Zelenko, srhines, mgorny, xazax.hun, cfe-commits, krytarowski Tags: #clang-tools-extra Differential Revision: https://reviews.llvm.org/D33304 llvm-svn: 306165 2017-06-24 05:37:29 +08:00			`auto CharPointerType = hasType(pointerType(pointee(isAnyCharacter())));`
[clang-tidy] Use CloexecCheck as base class. Summary: Simplify registerMatchers and check functions in CloexecCreatCheck, CloexecSocketCheck, CloexecFopenCheck, and CloexecOpenCheck. Differential Revision: https://reviews.llvm.org/D36761 llvm-svn: 311020 2017-08-17 00:59:26 +08:00			`registerMatchersImpl(Finder,`
			`functionDecl(isExternC(), returns(isInteger()),`
			`hasAnyName("open", "open64"),`
			`hasParameter(0, CharPointerType),`
			`hasParameter(1, hasType(isInteger()))));`
			`registerMatchersImpl(Finder,`
			`functionDecl(isExternC(), returns(isInteger()),`
			`hasName("openat"),`
			`hasParameter(0, hasType(isInteger())),`
			`hasParameter(1, CharPointerType),`
			`hasParameter(2, hasType(isInteger()))));`
[clang-tidy][Part1] Add a new module Android and three new checks. Summary: A common source of security bugs is code that opens a file descriptors without using the O_CLOEXEC flag. (Without that flag, an opened sensitive file would remain open across a fork+exec to a lower-privileged SELinux domain, leaking that sensitive data.). Add a new Android module and one checks in clang-tidy. -- open(), openat(), and open64() should include O_CLOEXEC in their flags argument. [android-file-open-flag] Links to part2 and part3: https://reviews.llvm.org/D33745 https://reviews.llvm.org/D33747 Reviewers: chh, alexfh, aaron.ballman, hokein Reviewed By: alexfh, hokein Subscribers: jbcoe, joerg, malcolm.parsons, Eugene.Zelenko, srhines, mgorny, xazax.hun, cfe-commits, krytarowski Tags: #clang-tools-extra Differential Revision: https://reviews.llvm.org/D33304 llvm-svn: 306165 2017-06-24 05:37:29 +08:00			`}`

[clang-tidy] Rename android-file-open-flag and fix a bug Summary: 1. Rename android-file-open-flag to android-cloexec-open. 2. Handle a case when the function is passed as an argument of a function-like macro. Reviewers: chh Reviewed By: chh Subscribers: srhines, mgorny, JDevlieghere, xazax.hun, cfe-commits Tags: #clang-tools-extra Differential Revision: https://reviews.llvm.org/D34633 llvm-svn: 306728 2017-06-30 03:13:29 +08:00			`void CloexecOpenCheck::check(const MatchFinder::MatchResult &Result) {`
[clang-tidy] Use CloexecCheck as base class. Summary: Simplify registerMatchers and check functions in CloexecCreatCheck, CloexecSocketCheck, CloexecFopenCheck, and CloexecOpenCheck. Differential Revision: https://reviews.llvm.org/D36761 llvm-svn: 311020 2017-08-17 00:59:26 +08:00			`const auto *FD = Result.Nodes.getNodeAs<FunctionDecl>(FuncDeclBindingStr);`
			`assert(FD->param_size() > 1);`
			`int ArgPos = (FD->param_size() > 2) ? 2 : 1;`
[clang-tidy] Kill marco. No functionality change. llvm-svn: 324084 2018-02-02 21:39:07 +08:00			`insertMacroFlag(Result, /MacroFlag=/"O_CLOEXEC", ArgPos);`
[clang-tidy][Part1] Add a new module Android and three new checks. Summary: A common source of security bugs is code that opens a file descriptors without using the O_CLOEXEC flag. (Without that flag, an opened sensitive file would remain open across a fork+exec to a lower-privileged SELinux domain, leaking that sensitive data.). Add a new Android module and one checks in clang-tidy. -- open(), openat(), and open64() should include O_CLOEXEC in their flags argument. [android-file-open-flag] Links to part2 and part3: https://reviews.llvm.org/D33745 https://reviews.llvm.org/D33747 Reviewers: chh, alexfh, aaron.ballman, hokein Reviewed By: alexfh, hokein Subscribers: jbcoe, joerg, malcolm.parsons, Eugene.Zelenko, srhines, mgorny, xazax.hun, cfe-commits, krytarowski Tags: #clang-tools-extra Differential Revision: https://reviews.llvm.org/D33304 llvm-svn: 306165 2017-06-24 05:37:29 +08:00			`}`

			`} // namespace android`
			`} // namespace tidy`
			`} // namespace clang`