llvm-project/clang-tools-extra/clang-tidy/android/CloexecOpenCheck.h

//===--- CloexecOpenCheck.h - clang-tidy-----------------------------------===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//

#ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_ANDROID_CLOEXEC_OPEN_H
#define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_ANDROID_CLOEXEC_OPEN_H

#include "CloexecCheck.h"

namespace clang {
namespace tidy {
namespace android {

/// Finds code that opens file without using the O_CLOEXEC flag.
///
/// open(), openat(), and open64() had better to include O_CLOEXEC in their
/// flags argument. Only consider simple cases that the corresponding argument
/// is constant or binary operation OR among constants like 'O_CLOEXEC' or
/// 'O_CLOEXEC | O_RDONLY'. No constant propagation is performed.
///
/// Only the symbolic 'O_CLOEXEC' macro definition is checked, not the concrete
/// value.
class CloexecOpenCheck : public CloexecCheck {
public:
  CloexecOpenCheck(StringRef Name, ClangTidyContext *Context)
      : CloexecCheck(Name, Context) {}
  void registerMatchers(ast_matchers::MatchFinder *Finder) override;
  void check(const ast_matchers::MatchFinder::MatchResult &Result) override;
};

} // namespace android
} // namespace tidy
} // namespace clang

#endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_ANDROID_CLOEXEC_OPEN_H
[clang-tidy] Rename android-file-open-flag and fix a bug Summary: 1. Rename android-file-open-flag to android-cloexec-open. 2. Handle a case when the function is passed as an argument of a function-like macro. Reviewers: chh Reviewed By: chh Subscribers: srhines, mgorny, JDevlieghere, xazax.hun, cfe-commits Tags: #clang-tools-extra Differential Revision: https://reviews.llvm.org/D34633 llvm-svn: 306728 2017-06-30 03:13:29 +08:00			`//===--- CloexecOpenCheck.h - clang-tidy-----------------------------------===//`
[clang-tidy][Part1] Add a new module Android and three new checks. Summary: A common source of security bugs is code that opens a file descriptors without using the O_CLOEXEC flag. (Without that flag, an opened sensitive file would remain open across a fork+exec to a lower-privileged SELinux domain, leaking that sensitive data.). Add a new Android module and one checks in clang-tidy. -- open(), openat(), and open64() should include O_CLOEXEC in their flags argument. [android-file-open-flag] Links to part2 and part3: https://reviews.llvm.org/D33745 https://reviews.llvm.org/D33747 Reviewers: chh, alexfh, aaron.ballman, hokein Reviewed By: alexfh, hokein Subscribers: jbcoe, joerg, malcolm.parsons, Eugene.Zelenko, srhines, mgorny, xazax.hun, cfe-commits, krytarowski Tags: #clang-tools-extra Differential Revision: https://reviews.llvm.org/D33304 llvm-svn: 306165 2017-06-24 05:37:29 +08:00			`//`
Update the file headers across all of the LLVM projects in the monorepo to reflect the new license. We understand that people may be surprised that we're moving the header entirely to discuss the new license. We checked this carefully with the Foundation's lawyer and we believe this is the correct approach. Essentially, all code in the project is now made available by the LLVM project under our new license, so you will see that the license headers include that license only. Some of our contributors have contributed code under our old license, and accordingly, we have retained a copy of our old license notice in the top-level files in each project and repository. llvm-svn: 351636 2019-01-19 16:50:56 +08:00			`// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.`
			`// See https://llvm.org/LICENSE.txt for license information.`
			`// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception`
[clang-tidy][Part1] Add a new module Android and three new checks. Summary: A common source of security bugs is code that opens a file descriptors without using the O_CLOEXEC flag. (Without that flag, an opened sensitive file would remain open across a fork+exec to a lower-privileged SELinux domain, leaking that sensitive data.). Add a new Android module and one checks in clang-tidy. -- open(), openat(), and open64() should include O_CLOEXEC in their flags argument. [android-file-open-flag] Links to part2 and part3: https://reviews.llvm.org/D33745 https://reviews.llvm.org/D33747 Reviewers: chh, alexfh, aaron.ballman, hokein Reviewed By: alexfh, hokein Subscribers: jbcoe, joerg, malcolm.parsons, Eugene.Zelenko, srhines, mgorny, xazax.hun, cfe-commits, krytarowski Tags: #clang-tools-extra Differential Revision: https://reviews.llvm.org/D33304 llvm-svn: 306165 2017-06-24 05:37:29 +08:00			`//`
			`//===----------------------------------------------------------------------===//`

[clang-tidy] Rename android-file-open-flag and fix a bug Summary: 1. Rename android-file-open-flag to android-cloexec-open. 2. Handle a case when the function is passed as an argument of a function-like macro. Reviewers: chh Reviewed By: chh Subscribers: srhines, mgorny, JDevlieghere, xazax.hun, cfe-commits Tags: #clang-tools-extra Differential Revision: https://reviews.llvm.org/D34633 llvm-svn: 306728 2017-06-30 03:13:29 +08:00			`#ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_ANDROID_CLOEXEC_OPEN_H`
			`#define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_ANDROID_CLOEXEC_OPEN_H`
[clang-tidy][Part1] Add a new module Android and three new checks. Summary: A common source of security bugs is code that opens a file descriptors without using the O_CLOEXEC flag. (Without that flag, an opened sensitive file would remain open across a fork+exec to a lower-privileged SELinux domain, leaking that sensitive data.). Add a new Android module and one checks in clang-tidy. -- open(), openat(), and open64() should include O_CLOEXEC in their flags argument. [android-file-open-flag] Links to part2 and part3: https://reviews.llvm.org/D33745 https://reviews.llvm.org/D33747 Reviewers: chh, alexfh, aaron.ballman, hokein Reviewed By: alexfh, hokein Subscribers: jbcoe, joerg, malcolm.parsons, Eugene.Zelenko, srhines, mgorny, xazax.hun, cfe-commits, krytarowski Tags: #clang-tools-extra Differential Revision: https://reviews.llvm.org/D33304 llvm-svn: 306165 2017-06-24 05:37:29 +08:00
[clang-tidy] Use CloexecCheck as base class. Summary: Simplify registerMatchers and check functions in CloexecCreatCheck, CloexecSocketCheck, CloexecFopenCheck, and CloexecOpenCheck. Differential Revision: https://reviews.llvm.org/D36761 llvm-svn: 311020 2017-08-17 00:59:26 +08:00			`#include "CloexecCheck.h"`
[clang-tidy][Part1] Add a new module Android and three new checks. Summary: A common source of security bugs is code that opens a file descriptors without using the O_CLOEXEC flag. (Without that flag, an opened sensitive file would remain open across a fork+exec to a lower-privileged SELinux domain, leaking that sensitive data.). Add a new Android module and one checks in clang-tidy. -- open(), openat(), and open64() should include O_CLOEXEC in their flags argument. [android-file-open-flag] Links to part2 and part3: https://reviews.llvm.org/D33745 https://reviews.llvm.org/D33747 Reviewers: chh, alexfh, aaron.ballman, hokein Reviewed By: alexfh, hokein Subscribers: jbcoe, joerg, malcolm.parsons, Eugene.Zelenko, srhines, mgorny, xazax.hun, cfe-commits, krytarowski Tags: #clang-tools-extra Differential Revision: https://reviews.llvm.org/D33304 llvm-svn: 306165 2017-06-24 05:37:29 +08:00
			`namespace clang {`
			`namespace tidy {`
			`namespace android {`

			`/// Finds code that opens file without using the O_CLOEXEC flag.`
			`///`
			`/// open(), openat(), and open64() had better to include O_CLOEXEC in their`
			`/// flags argument. Only consider simple cases that the corresponding argument`
			`/// is constant or binary operation OR among constants like 'O_CLOEXEC' or`
			`/// 'O_CLOEXEC \| O_RDONLY'. No constant propagation is performed.`
			`///`
			`/// Only the symbolic 'O_CLOEXEC' macro definition is checked, not the concrete`
			`/// value.`
[clang-tidy] Use CloexecCheck as base class. Summary: Simplify registerMatchers and check functions in CloexecCreatCheck, CloexecSocketCheck, CloexecFopenCheck, and CloexecOpenCheck. Differential Revision: https://reviews.llvm.org/D36761 llvm-svn: 311020 2017-08-17 00:59:26 +08:00			`class CloexecOpenCheck : public CloexecCheck {`
[clang-tidy][Part1] Add a new module Android and three new checks. Summary: A common source of security bugs is code that opens a file descriptors without using the O_CLOEXEC flag. (Without that flag, an opened sensitive file would remain open across a fork+exec to a lower-privileged SELinux domain, leaking that sensitive data.). Add a new Android module and one checks in clang-tidy. -- open(), openat(), and open64() should include O_CLOEXEC in their flags argument. [android-file-open-flag] Links to part2 and part3: https://reviews.llvm.org/D33745 https://reviews.llvm.org/D33747 Reviewers: chh, alexfh, aaron.ballman, hokein Reviewed By: alexfh, hokein Subscribers: jbcoe, joerg, malcolm.parsons, Eugene.Zelenko, srhines, mgorny, xazax.hun, cfe-commits, krytarowski Tags: #clang-tools-extra Differential Revision: https://reviews.llvm.org/D33304 llvm-svn: 306165 2017-06-24 05:37:29 +08:00			`public:`
[clang-tidy] Rename android-file-open-flag and fix a bug Summary: 1. Rename android-file-open-flag to android-cloexec-open. 2. Handle a case when the function is passed as an argument of a function-like macro. Reviewers: chh Reviewed By: chh Subscribers: srhines, mgorny, JDevlieghere, xazax.hun, cfe-commits Tags: #clang-tools-extra Differential Revision: https://reviews.llvm.org/D34633 llvm-svn: 306728 2017-06-30 03:13:29 +08:00			`CloexecOpenCheck(StringRef Name, ClangTidyContext *Context)`
[clang-tidy] Use CloexecCheck as base class. Summary: Simplify registerMatchers and check functions in CloexecCreatCheck, CloexecSocketCheck, CloexecFopenCheck, and CloexecOpenCheck. Differential Revision: https://reviews.llvm.org/D36761 llvm-svn: 311020 2017-08-17 00:59:26 +08:00			`: CloexecCheck(Name, Context) {}`
[clang-tidy][Part1] Add a new module Android and three new checks. Summary: A common source of security bugs is code that opens a file descriptors without using the O_CLOEXEC flag. (Without that flag, an opened sensitive file would remain open across a fork+exec to a lower-privileged SELinux domain, leaking that sensitive data.). Add a new Android module and one checks in clang-tidy. -- open(), openat(), and open64() should include O_CLOEXEC in their flags argument. [android-file-open-flag] Links to part2 and part3: https://reviews.llvm.org/D33745 https://reviews.llvm.org/D33747 Reviewers: chh, alexfh, aaron.ballman, hokein Reviewed By: alexfh, hokein Subscribers: jbcoe, joerg, malcolm.parsons, Eugene.Zelenko, srhines, mgorny, xazax.hun, cfe-commits, krytarowski Tags: #clang-tools-extra Differential Revision: https://reviews.llvm.org/D33304 llvm-svn: 306165 2017-06-24 05:37:29 +08:00			`void registerMatchers(ast_matchers::MatchFinder *Finder) override;`
			`void check(const ast_matchers::MatchFinder::MatchResult &Result) override;`
			`};`

			`} // namespace android`
			`} // namespace tidy`
			`} // namespace clang`

[clang-tidy] Rename android-file-open-flag and fix a bug Summary: 1. Rename android-file-open-flag to android-cloexec-open. 2. Handle a case when the function is passed as an argument of a function-like macro. Reviewers: chh Reviewed By: chh Subscribers: srhines, mgorny, JDevlieghere, xazax.hun, cfe-commits Tags: #clang-tools-extra Differential Revision: https://reviews.llvm.org/D34633 llvm-svn: 306728 2017-06-30 03:13:29 +08:00			`#endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_ANDROID_CLOEXEC_OPEN_H`