maxjhandsome
/
llvm-project
forked from OSchip/llvm-project
1
0
Fork 0
Code Issues Pull Requests Packages Releases Wiki Activity
252,707 Commits 23 Branches 0 Tags 2.2 GiB
Commit Graph

10 Commits

Author SHA1 Message Date
Aaron Ballman 7bfa685611 Add a new clang-tidy check for cert-msc50-cpp (and cert-msc30-c) that corresponds to the CERT C++ secure coding rule: https://www.securecoding.cert.org/confluence/display/cplusplus/MSC50-CPP.+Do+not+use+std%3A%3Arand%28%29+for+generating+pseudorandom+numbers 
Patch by Benedek Kiss

llvm-svn: 285809
 2016-11-02 14:16:36 +00:00
Aaron Ballman d744e63d90 Add a clang-tidy check that flags string-to-number conversion functions that have insufficient error checking, suggesting a better alternative. 
This check corresponds to: https://www.securecoding.cert.org/confluence/display/c/ERR34-C.+Detect+errors+when+converting+a+string+to+a+number

llvm-svn: 268100
 2016-04-29 20:56:48 +00:00
Aaron Ballman 527a420550 Add a new check, cert-env33-c, that diagnoses uses of system(), popen(), and _popen() to execute a command processor. This check corresponds to the CERT secure coding rule: https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=2130132 
llvm-svn: 261530
 2016-02-22 16:01:06 +00:00
Aaron Ballman 611d2e4ee6 Add a new check, cert-flp30-c, that diagnoses loop induction expressions of floating-point type. This check corresponds to the CERT secure coding rule: https://www.securecoding.cert.org/confluence/display/c/FLP30-C.+Do+not+use+floating-point+variables+as+loop+counters 
llvm-svn: 261324
 2016-02-19 14:03:20 +00:00
Aaron Ballman 43aef4cb9b Add a new checker, cert-err58-cpp, that checks for static or thread_local objects that use a throwing constructor. 
This check corresponds to the CERT secure coding rule: https://www.securecoding.cert.org/confluence/display/cplusplus/ERR58-CPP.+Constructors+of+objects+with+static+or+thread+storage+duration+must+not+throw+exceptions

llvm-svn: 254415
 2015-12-01 14:05:39 +00:00
Aaron Ballman 5a786ddf4c Add a new clang-tidy checker that flags throw expressions whose thrown type is not nothrow copy constructible. While the compiler is free to elide copy constructor calls in some cases, it is under no obligation to do so, which makes the code a portability concern as well as a security concern. 
This checker corresponds to the CERT secure coding rule: https://www.securecoding.cert.org/confluence/display/cplusplus/ERR60-CPP.+Exception+objects+must+be+nothrow+copy+constructible

llvm-svn: 253246
 2015-11-16 19:17:43 +00:00
Aaron Ballman e4b1765a0f Adding a checker (cert-err52-cpp) that detects use of setjmp or longjmp in C++ code. Corresponds to the CERT C++ secure coding rule: https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=1834 
llvm-svn: 249727
 2015-10-08 19:54:43 +00:00
Aaron Ballman 46bc30472b Adding a checker (cert-dcl50-cpp) that detects the definition of a C-style variadic function in C++ code. Corresponds to the CERT C++ secure coding rule: https://www.securecoding.cert.org/confluence/display/cplusplus/DCL50-CPP.+Do+not+define+a+C-style+variadic+function 
llvm-svn: 249343
 2015-10-05 20:08:59 +00:00
Aaron Ballman 67e06ddb51 Hopefully rectifying a build bot issue with: 
http://bb.pgr.jp/builders/i686-mingw32-RA-on-linux/builds/2833/steps/build_llvmclang/logs/stdio

Also, drive-by comment fix in a makefile.

llvm-svn: 249133
 2015-10-02 14:01:55 +00:00
Aaron Ballman ea2f90c96b Adding a new clang-tidy module to house CERT-specific checkers, and map existing checkers to CERT secure coding rules and recommendations for both C (https://www.securecoding.cert.org/confluence/display/c/SEI+CERT+C+Coding+Standard) and C++ (https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=637). 
llvm-svn: 249130
 2015-10-02 13:27:19 +00:00