Summary:
New checker called bugprone-not-null-terminated-result. This checker finds
function calls where it is possible to cause a not null-terminated result.
Usually the proper length of a string is `strlen(src) + 1` or equal length
of this expression, because the null terminator needs an extra space.
Without the null terminator it can result in undefined behaviour when the
string is read.
The following and their respective `wchar_t` based functions are checked:
`memcpy`, `memcpy_s`, `memchr`, `memmove`, `memmove_s`, `strerror_s`,
`strncmp`, `strxfrm`
The following is a real-world example where the programmer forgot to
increase the passed third argument, which is `size_t length`.
That is why the length of the allocated memory is not enough to hold the
null terminator.
```
static char *stringCpy(const std::string &str) {
char *result = reinterpret_cast<char *>(malloc(str.size()));
memcpy(result, str.data(), str.size());
return result;
}
```
In addition to issuing warnings, fix-it rewrites all the necessary code.
It also tries to adjust the capacity of the destination array:
```
static char *stringCpy(const std::string &str) {
char *result = reinterpret_cast<char *>(malloc(str.size() + 1));
strcpy(result, str.data());
return result;
}
```
Note: It cannot guarantee to rewrite every of the path-sensitive memory
allocations.
Reviewed By: JonasToth, aaron.ballman, whisperity, alexfh
Tags: #clang-tools-extra, #clang
Differential Revision: https://reviews.llvm.org/D45050
llvm-svn: 374707
This checks finds all primitive type local variables (integers, doubles, pointers) that are declared without an initial value. Includes fixit functionality to initialize said variables with a default value. This is zero for most types and NaN for floating point types. The use of NaNs is copied from the D programming language.
Patch by Jussi Pakkanen.
llvm-svn: 373489
The patch committed was not the accepted version but the
previous one. This commit fixes this issue.
Differential Revision: https://reviews.llvm.org/D64736
llvm-svn: 373428
Summary:
OSSpinLock* are Apple/Darwin functions, but were previously located with ObjC checks as those were most closely tied to Apple platforms before.
Now that there's a specific Darwin module, relocating the check there.
This change was prepared by running rename_check.py.
Contributed By: mwyman
Reviewers: stephanemoore, dmaclach
Reviewed By: stephanemoore
Subscribers: Eugene.Zelenko, mgorny, xazax.hun, cfe-commits
Tags: #clang-tools-extra, #clang, #llvm
Differential Revision: https://reviews.llvm.org/D68148
llvm-svn: 373392
Summary:
Creates a new darwin ClangTidy module and adds the darwin-dispatch-once-nonstatic check that warns about dispatch_once_t variables not in static or global storage. This catches a missing static for local variables in e.g. singleton initialization behavior, and also warns on storing dispatch_once_t values in Objective-C instance variables. C/C++ struct/class instances may potentially live in static/global storage, and are ignored for this check.
The osx.API static analysis checker can find the non-static storage use of dispatch_once_t; I thought it useful to also catch this issue in clang-tidy when possible.
This is a re-land of https://reviews.llvm.org/D67567
Reviewers: thakis, gribozavr, stephanemoore
Subscribers: Eugene.Zelenko, mgorny, xazax.hun, jkorous, arphaman, kadircet, usaxena95
Tags: #clang-tools-extra, #clang, #llvm
Differential Revision: https://reviews.llvm.org/D68109
llvm-svn: 373065
Summary:
Creates a new darwin ClangTidy module and adds the darwin-dispatch-once-nonstatic check that warns about dispatch_once_t variables not in static or global storage. This catches a missing static for local variables in e.g. singleton initialization behavior, and also warns on storing dispatch_once_t values in Objective-C instance variables. C/C++ struct/class instances may potentially live in static/global storage, and are ignored for this check.
The osx.API static analysis checker can find the non-static storage use of dispatch_once_t; I thought it useful to also catch this issue in clang-tidy when possible.
Contributed By: mwyman
Reviewers: benhamilton, hokein, stephanemoore, aaron.ballman, gribozavr
Reviewed By: stephanemoore, gribozavr
Subscribers: jkorous, arphaman, kadircet, usaxena95, NoQ, xazax.hun, lebedev.ri, mgorny, cfe-commits
Tags: #clang, #clang-tools-extra
Differential Revision: https://reviews.llvm.org/D67567
llvm-svn: 373028
Finding infinite loops is well-known to be impossible (halting problem).
However, it is possible to detect some obvious infinite loops, for example,
if the loop condition is not changed. Detecting such loops is beneficial
since the tests will hang on programs containing infinite loops so
testing-time detection may be costly in large systems. Obvious cases are
where the programmer forgets to increment/decrement the counter or
increments/decrements the wrong variable.
Differential Revision: https://reviews.llvm.org/D64736
-------
Broke some buildbots "No SOURCES given to target: obj.clangTidyBugproneModule"
llvm-svn: 372704
Finding infinite loops is well-known to be impossible (halting problem).
However, it is possible to detect some obvious infinite loops, for example,
if the loop condition is not changed. Detecting such loops is beneficial
since the tests will hang on programs containing infinite loops so
testing-time detection may be costly in large systems. Obvious cases are
where the programmer forgets to increment/decrement the counter or
increments/decrements the wrong variable.
Differential Revision: https://reviews.llvm.org/D64736
llvm-svn: 372693
Summary:
Apple documentation states that:
"If two objects are equal, they must have the same hash value. This last
point is particularly important if you define isEqual: in a subclass and
intend to put instances of that subclass into a collection. Make sure
you also define hash in your subclass."
https://developer.apple.com/documentation/objectivec/1418956-nsobject/1418795-isequal?language=objc
In many or all versions of libobjc, -[NSObject isEqual:] is a pointer
equality check and -[NSObject hash] returns the messaged object's
pointer. A relatively common form of developer error is for a developer to
override -isEqual: in a subclass without overriding -hash to ensure that
hashes are equal for objects that are equal.
It is assumed that an override of -isEqual: is a strong signal for
changing the object's equality operator to something other than pointer
equality which implies that a missing override of -hash could result in
distinct objects being equal but having distinct hashes because they are
independent instances. This added check flags classes that override
-isEqual: but inherit NSObject's implementation of -hash to warn of the
potential for unexpected behavior.
The proper implementation of -hash is the responsibility of the
developer and the check will only verify that the developer made an
effort to properly implement -hash. Developers can set up unit tests
to verify that their implementation of -hash is appropriate.
Test Notes:
Ran check-clang-tools.
Reviewers: aaron.ballman, benhamilton
Reviewed By: aaron.ballman
Subscribers: Eugene.Zelenko, mgorny, xazax.hun, cfe-commits
Tags: #clang
Differential Revision: https://reviews.llvm.org/D67737
llvm-svn: 372445
This check now also checks if any calls to pthread_* functions expect negative return values. These functions return either 0 on success or an errno on failure, which is positive only.
llvm-svn: 372037
Summary:
Finds calls that add element to protobuf repeated field in a loop
without calling Reserve() before the loop. Calling Reserve() first can avoid
unnecessary memory reallocations.
A new option EnableProto is added to guard this feature.
Patch by Cong Liu!
Reviewers: gribozavr, alexfh, hokein, aaron.ballman
Reviewed By: hokein
Subscribers: lebedev.ri, xazax.hun, Eugene.Zelenko, cfe-commits
Tags: #clang, #clang-tools-extra
Differential Revision: https://reviews.llvm.org/D67135
llvm-svn: 371963
Summary:
Add bugprone-argument-comment option: IgnoreSingleArgument.
When true, the check will ignore the single argument.
Sometimes, it's not necessary to add comment to single argument.
For example:
> std::string name("Yubo Xie");
> pScreen->SetWidth(1920);
> pScreen->SetHeight(1080);
This option can ignore such single argument in bugprone-argument-comment check.
Reviewers: alexfh
Reviewed By: alexfh
Subscribers: cfe-commits
Tags: #clang
Patch by Yubo Xie.
Differential Revision: https://reviews.llvm.org/D67056
llvm-svn: 371075
The clang-tidy-vs visual studio plugin in clang-tools-extra contains a
security vulnerability in the YamlDotNet package [1]. I posted to cfe-dev [2],
asking if there was anyone who was interested in updating the the plugin
to address the vulnerability. Reid mentioned that Zach (the original committer),
said that there's another plugin (Clang Power Tools) that provides clang-tidy support,
with additional extra features, so it would be ok to remove clang-tidy-vs.
This commit removes the plugin to address the security vulnerability, and adds
a section to the release notes that mentions that the plugin was removed, and
suggests to use Clang Power Tools.
Fixes PR 41791.
[1]: https://nvd.nist.gov/vuln/detail/CVE-2018-1000210
[2]: http://lists.llvm.org/pipermail/cfe-dev/2019-August/063196.html
Differential Revision: https://reviews.llvm.org/D66813
llvm-svn: 370096
Summary:
This is a first step in documenting different configuration knobs we
have in clangd.
Reviewers: sammccall
Subscribers: ilya-biryukov, MaskRay, jkorous, arphaman, cfe-commits
Tags: #clang
Differential Revision: https://reviews.llvm.org/D66740
llvm-svn: 369917
Finds instances where variables with static storage are initialized dynamically in header files.
Reviewed By: aaron.ballman, alexfh
Patch by Charles Zhang!
Differential Revision: https://reviews.llvm.org/D62829
llvm-svn: 369568
Also update the semantic coloring entry to reflect it being supported in
clangd now.
Reviewers: sammccall
Subscribers: ilya-biryukov, MaskRay, jkorous, arphaman, kadircet, cfe-commits
Tags: #clang
Differential Revision: https://reviews.llvm.org/D65373
llvm-svn: 369229
The new design includes a header (contains the project name), a main section, and a footer.
The main section is divided into three subsections. Left, middle, right. The left section contains the general index, the middle contains the info's data, and the right contains the index for the info's content.
The CSS has been updated.
A flag --project-name is added.
The Attributes attribute of the TagNode struct is now a vector of pairs because these attributes should be rendered in the insertion order.
The functions (cpp and js) that converts an Index tree structure into HTML were slightly modified; the first ul tag created is now a ol tag. The inner lists are still ul.
Differential Revision: https://reviews.llvm.org/D66353
llvm-svn: 369139
Two command line options have been added to clang-doc.
--repository=<string> - URL of repository that hosts code; used for links to definition locations.
--source-root=<string> - Directory where processed files are stored. Links to definition locations will only be generated if the file is in this dir.
If the file is in the source-root and a repository options is passed;
a link to the source code will be rendered by the HTML generator.
Differential Revision: https://reviews.llvm.org/D65483
llvm-svn: 368460
HTML generator has been included in clang-tools-extra release notes.
clang-doc documentation file has been updated.
Differential Revision: https://reviews.llvm.org/D65622
llvm-svn: 367743
Summary:
Since clang-tidy supports use of the static analyzer there
should be documentation of how to invoke the static analyzer
checks.
Reviewers: JonasToth, aaron.ballman, NoQ, Szelethus
Reviewed By: aaron.ballman
Subscribers: nickdesaulniers, lebedev.ri, jfb, NoQ, Eugene.Zelenko, xazax.hun, baloghadamsoftware, a.sidorin, Szelethus, donat.nagy, dkrupp, cfe-commits
Tags: #clang
Differential Revision: https://reviews.llvm.org/D64454
llvm-svn: 367694
Summary: The minimum compilers support all have alignas, and we don't use LLVM_ALIGNAS anywhere anymore. This also removes an MSVC diagnostic which, according to the comment above, isn't relevant anymore.
Reviewers: rnk
Subscribers: mgorny, jkorous, dexonsmith, cfe-commits, llvm-commits
Tags: #clang, #llvm
Differential Revision: https://reviews.llvm.org/D65458
llvm-svn: 367383
Summary:
This changes ReleaseNotes.txt to have the first sentence of the full
documentation from linuxkernel-must-use-errs.rst.
This addresses a comment from the review of rL367071 in
https://reviews.llvm.org/D59963.
Reviewers: Eugene.Zelenko
Subscribers: xazax.hun, cfe-commits
Tags: #clang
Differential Revision: https://reviews.llvm.org/D65343
llvm-svn: 367333
Introduce a new check to upgrade user code based on API changes in Googletest.
The check finds uses of old Googletest APIs with "case" in their name and replaces them with the new APIs named with "suite".
Patch by Alex Strelnikov (strel@google.com)
Reviewed as D62977.
llvm-svn: 367263
Summary:
Now that clang is going to be able to build the Linux kernel again on
x86, and we have gen_compile_commands.py upstream for generating
compile_commands.json, clang-tidy can be used on the Linux kernel
source.
To that end, this commit adds a new clang-tidy module to be used for
checks specific to Linux kernel source. The Linux kernel follows its own
style of C, and it will be useful to separate those checks into their
own module.
This also adds an initial check that makes sure that return values from
the kernel error functions like PTR_ERR and ERR_PTR are checked. It also
makes sure that any functions that directly return values from these
functions are checked.
Subscribers: xazax.hun, gribozavr, Eugene.Zelenko, lebedev.ri, mgorny, jdoerfert, cfe-commits
Tags: #clang, #clang-tools-extra
Reviewers: aaron.ballman, alexfh, hokein, JonasToth
Differential Revision: https://reviews.llvm.org/D59963
llvm-svn: 367071
CERT removed their C++ secure coding recommendations from public view and so the links within that documentation are stale. This updates various pieces of documentation to make this more clear, and to help add substance where our docs deferred to CERT's wiki.
llvm-svn: 366687
Summary:
Finds non-static member functions that can be made ``static``.
I have run this check (repeatedly) over llvm-project. It made 1708 member functions
``static``. Out of those, I had to exclude 22 via ``NOLINT`` because their address
was taken and stored in a variable of pointer-to-member type (e.g. passed to
llvm::StringSwitch).
It also made 243 member functions ``const``. (This is currently very conservative
to have no false-positives and can hopefully be extended in the future.)
You can find the results here: https://github.com/mgehre/llvm-project/commits/static_const_eval
Reviewers: alexfh, aaron.ballman
Subscribers: mgorny, xazax.hun, cfe-commits
Tags: #clang
Differential Revision: https://reviews.llvm.org/D61749
llvm-svn: 366265
Summary:
Checks if any calls to posix functions (except posix_openpt) expect negative return values.
These functions return either 0 on success or an errno on failure, which is positive only.
Reviewers: JonasToth, gribozavr, alexfh, hokein
Reviewed By: gribozavr
Subscribers: Eugene.Zelenko, lebedev.ri, llozano, george.burgess.iv, xazax.hun, srhines, mgorny, cfe-commits
Tags: #clang
Differential Revision: https://reviews.llvm.org/D63623
Patch by Jian Cai.
llvm-svn: 365007
Splits fuchsia-default-arguments check into two checks. fuchsia-default-arguments-calls warns if a function or method is called with default arguments. fuchsia-default-arguments-declarations warns if a function or method is declared with default parameters.
Committed on behalf of @diegoast (Diego Astiazarán).
Resolves b38051.
Differential Revision: https://reviews.llvm.org/D62437
llvm-svn: 363712
Csaba Dabis