Aaron Ballman
|
527a420550
|
Add a new check, cert-env33-c, that diagnoses uses of system(), popen(), and _popen() to execute a command processor. This check corresponds to the CERT secure coding rule: https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=2130132
llvm-svn: 261530
|
2016-02-22 16:01:06 +00:00 |
Aaron Ballman
|
611d2e4ee6
|
Add a new check, cert-flp30-c, that diagnoses loop induction expressions of floating-point type. This check corresponds to the CERT secure coding rule: https://www.securecoding.cert.org/confluence/display/c/FLP30-C.+Do+not+use+floating-point+variables+as+loop+counters
llvm-svn: 261324
|
2016-02-19 14:03:20 +00:00 |
Aaron Ballman
|
1284f04aed
|
Rename the CERT namespace to cert, and update some checkers to use this namespace consistently.
Patch thanks to Haojian Wu!
llvm-svn: 256756
|
2016-01-04 14:31:14 +00:00 |
Aaron Ballman
|
43aef4cb9b
|
Add a new checker, cert-err58-cpp, that checks for static or thread_local objects that use a throwing constructor.
This check corresponds to the CERT secure coding rule: https://www.securecoding.cert.org/confluence/display/cplusplus/ERR58-CPP.+Constructors+of+objects+with+static+or+thread+storage+duration+must+not+throw+exceptions
llvm-svn: 254415
|
2015-12-01 14:05:39 +00:00 |
Aaron Ballman
|
5a786ddf4c
|
Add a new clang-tidy checker that flags throw expressions whose thrown type is not nothrow copy constructible. While the compiler is free to elide copy constructor calls in some cases, it is under no obligation to do so, which makes the code a portability concern as well as a security concern.
This checker corresponds to the CERT secure coding rule: https://www.securecoding.cert.org/confluence/display/cplusplus/ERR60-CPP.+Exception+objects+must+be+nothrow+copy+constructible
llvm-svn: 253246
|
2015-11-16 19:17:43 +00:00 |
Aaron Ballman
|
a742b84e5d
|
Exposing an existing checker under the name cert-err61-cpp, as it corresponds to the CERT C++ secure coding rule: https://www.securecoding.cert.org/confluence/display/cplusplus/ERR61-CPP.+Catch+exceptions+by+lvalue+reference
llvm-svn: 250221
|
2015-10-13 20:42:41 +00:00 |
Aaron Ballman
|
e4b1765a0f
|
Adding a checker (cert-err52-cpp) that detects use of setjmp or longjmp in C++ code. Corresponds to the CERT C++ secure coding rule: https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=1834
llvm-svn: 249727
|
2015-10-08 19:54:43 +00:00 |
Aaron Ballman
|
46bc30472b
|
Adding a checker (cert-dcl50-cpp) that detects the definition of a C-style variadic function in C++ code. Corresponds to the CERT C++ secure coding rule: https://www.securecoding.cert.org/confluence/display/cplusplus/DCL50-CPP.+Do+not+define+a+C-style+variadic+function
llvm-svn: 249343
|
2015-10-05 20:08:59 +00:00 |
Aaron Ballman
|
ea2f90c96b
|
Adding a new clang-tidy module to house CERT-specific checkers, and map existing checkers to CERT secure coding rules and recommendations for both C (https://www.securecoding.cert.org/confluence/display/c/SEI+CERT+C+Coding+Standard) and C++ (https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=637).
llvm-svn: 249130
|
2015-10-02 13:27:19 +00:00 |