Summary:
A common source of security bugs is code that opens a file descriptors without using the O_CLOEXEC flag. (Without that flag, an opened sensitive file would remain open across a fork+exec to a lower-privileged SELinux domain, leaking that sensitive data.).
Add a new Android module and one checks in clang-tidy.
-- open(), openat(), and open64() should include O_CLOEXEC in their flags argument. [android-file-open-flag]
Links to part2 and part3:
https://reviews.llvm.org/D33745https://reviews.llvm.org/D33747
Reviewers: chh, alexfh, aaron.ballman, hokein
Reviewed By: alexfh, hokein
Subscribers: jbcoe, joerg, malcolm.parsons, Eugene.Zelenko, srhines, mgorny, xazax.hun, cfe-commits, krytarowski
Tags: #clang-tools-extra
Differential Revision: https://reviews.llvm.org/D33304
llvm-svn: 306165
Summary:
The FP happens when a casting nullptr expression is used within a NULL-default-arguemnt cxx constructor.
Before the fix, the check will give a warning on nullptr when running
with the test case, which should not happen:
```
G(g(static_cast<char*>(nullptr)));
^~~~~~~~~~~
nullptr
```
Reviewers: alexfh
Reviewed By: alexfh
Subscribers: cfe-commits, xazax.hun
Differential Revision: https://reviews.llvm.org/D34524
llvm-svn: 306091
Summary:
A followup for D32942.
Malcolm Parsons has provided a valid testcase that the initial version of the check complained about nested `if`'s.
As it turns out, the culprit is the **partially** un-intentional `switch` fallthrough.
So rewrite the NestingThreshold logic without ab-using+mis-using that switch with fallthrough, and add testcases with nested `if`' where there should be a warning and shouldn't be a warning. This results in a cleaner, simpler code, too.
I guess, now it would be actually possible to pick some reasonable default for `NestingThreshold` setting.
Fixes PR33454.
Reviewers: malcolm.parsons, alexfh
Reviewed By: malcolm.parsons
Subscribers: sbenza, xazax.hun, cfe-commits, aaron.ballman
Tags: #clang-tools-extra
Differential Revision: https://reviews.llvm.org/D34202
llvm-svn: 305554
Summary:
This patch adds the priority of a completion item to the sort text of the
returned LSP result.
Reviewers: ilya-biryukov
Reviewed By: ilya-biryukov
Subscribers: cfe-commits
Tags: #clang-tools-extra
Differential Revision: https://reviews.llvm.org/D34137
llvm-svn: 305454
This function was previously making (correct) assumptions
without complete knowledge of MacroArgs guarantees for
Arguments. After going through Macro Args a bunch, I'd
corrected the getNumArguments (and changed its name),
however didn't realize this was depending on the behavior.
This patch has version that depends on the corrected
getNumMacroArguments's behavior, with the rest checked against
my knowledge of the MacroArgs' token list. Commiting no-wait
since the test is broken.
llvm-svn: 305434
Summary:
ClangdServer owned objects passed to it in constructor for no good reason.
Lots of stuff was moved from the heap to the stack thanks to this change.
Reviewers: krasimir
Reviewed By: krasimir
Subscribers: klimek, cfe-commits
Differential Revision: https://reviews.llvm.org/D34148
llvm-svn: 305298
Summary:
This is a reapplied r305280 with a fix to the crash found by build bots
(StringRef to an out-of-scope local std::string).
Reviewers: krasimir
Reviewed By: krasimir
Subscribers: klimek, cfe-commits
Differential Revision: https://reviews.llvm.org/D34146
llvm-svn: 305291
This adds a new flag -style which is passed to clang-apply-replacements and
defaults to file meaning it would pick up the closest .clang-format file in tree.
llvm-svn: 305125
Summary:
Finds compound statements which create next nesting level after `NestingThreshold` and emits a warning.
Do note that it warns about each compound statement that breaches the threshold, but not any of it's sub-statements, to have readable warnings.
I was able to find only one coding style referencing nesting:
- https://www.kernel.org/doc/html/v4.10/process/coding-style.html#indentation
> In short, 8-char indents make things easier to read, and have the added benefit of warning you when you’re nesting your functions too deep.
This seems too basic, i'm not sure what else to test. Are more tests needed?
Reviewers: alexfh, aaron.ballman, sbenza
Reviewed By: alexfh, aaron.ballman
Subscribers: xazax.hun
Tags: #clang-tools-extra
Differential Revision: https://reviews.llvm.org/D32942
llvm-svn: 305082
Summary:
This patch adds information about the parameters and return types of completion
candidates.
Previously, for the following code:
```
struct S {
int func(int a, double b) const;
};
```
the completer would only return the label of the candidate `func`.
Now it will also return the return type `int` and will format the label for the
candidate as `func(int a, double b) const`.
Reviewers: bkramer, ilya-biryukov
Reviewed By: ilya-biryukov
Subscribers: cfe-commits
Tags: #clang-tools-extra
Differential Revision: https://reviews.llvm.org/D34033
llvm-svn: 304980
Summary:
New checker to replace dynamic exception
specifications
This is an alternative to D18575 which relied on reparsing the decl to
find the location of dynamic exception specifications, but couldn't
deal with preprocessor conditionals correctly without reparsing the
entire file.
This approach uses D20428 to find dynamic exception specification
locations and handles all cases correctly.
Reviewers: aaron.ballman, alexfh
Reviewed By: aaron.ballman, alexfh
Subscribers: xazax.hun, mgehre, malcolm.parsons, mgorny, JDevlieghere, cfe-commits, Eugene.Zelenko, etienneb
Patch by Don Hinton!
Differential Revision: https://reviews.llvm.org/D20693
llvm-svn: 304977
Summary: "misc-noexcept-move-constructor" is better not to be issued when "-fno-exceptions" is set.
Reviewers: chh, alexfh, aaron.ballman
Reviewed By: aaron.ballman
Subscribers: aaron.ballman, cfe-commits, xazax.hun
Tags: #clang-tools-extra
Differential Revision: https://reviews.llvm.org/D34002
llvm-svn: 304949
Summary: clang-tidy is better not to issues this warning, which checks where the initializer for the object may throw an exception, when "-fno-exceptions" is used.
Reviewers: chh, aaron.ballman
Reviewed By: aaron.ballman
Subscribers: xazax.hun
Tags: #clang-tools-extra
Differential Revision: https://reviews.llvm.org/D33917
llvm-svn: 304931
The check failed to match iterator->const_iterator conversion that is happening
at least when using the libstdc++'s vector. We might want to make it match even
more flexible patterns, if we see more false negatives.
llvm-svn: 304879
Summary:
In D33899, I'm adding a `raw_ostream &` parameter to the function
objects passed to `cl::SetVersionPrinter`. Adjust the call in
clang-apply-replacements for this.
Reviewers: klimek, alexfh
Subscribers: cfe-commits
Differential Revision: https://reviews.llvm.org/D33959
llvm-svn: 304837
Added negated string literals to the set of IsAlwaysFalse expressions to avoid flagging of assert(!"msg").
Differential Revision: http://reviews.llvm.org/D33827
llvm-svn: 304657
Add a clang-tidy check for using func__/FUNCTION__ inside lambdas. This
evaluates to the string operator(), which is almost never useful and almost
certainly not what the author intended.
Patch by Bryce Liu!
Differential Revision: https://reviews.llvm.org/D33497
llvm-svn: 304570
Summary:
The use-case is when renaming a widely used name, like a lower-level
class in a codebase and clang-rename is simply invoked for each
translation unit based on the compile database. In this case it's not
interesting to show errors: not finding the symbol means there is
simply nothing to do.
Reviewers: klimek
Reviewed By: klimek
Differential Revision: https://reviews.llvm.org/D32403
llvm-svn: 304534
Summary:
This allows an implementation of FileSystemProvider that can track which vfs::FileSystem
were used for each of the requests.
Reviewers: bkramer, krasimir
Reviewed By: bkramer
Subscribers: klimek, cfe-commits
Tags: #clang-tools-extra
Differential Revision: https://reviews.llvm.org/D33678
llvm-svn: 304214
Summary:
Custom vfs::FileSystem is currently used for unit tests.
This revision depends on https://reviews.llvm.org/D33397.
Reviewers: bkramer, krasimir
Reviewed By: bkramer, krasimir
Subscribers: klimek, cfe-commits, mgorny
Differential Revision: https://reviews.llvm.org/D33416
llvm-svn: 303977
MSVC doesn't support C++ operator names (using 'or' instead of ||,
'not' instead of '!', etc), so this was disabled in MSVC mode in r303798.
This fixes the regression noticed on the buildbots.
llvm-svn: 303872
With the change https://reviews.llvm.org/D33013 driver will not build
compilation object if command line is invalid, in particular, if
unrecognized option is provided. In such cases it will prints diagnostics
on stderr. The test 'clang-tidy/diagnostic.cpp' checks reaction on
unrecognized option and will fail when D33013 is applied because it checks
only stdout for test patterns and expects the name of diagnostic category
prepared by clang-tidy. With this change the test makes more general check
and must work in either case.
Differential Revision: https://reviews.llvm.org/D33173
llvm-svn: 303735
Check BaseType before dereference.
Simplified test case is derived from Android Open Source code.
Differential Revision: https://reviews.llvm.org/D33430
llvm-svn: 303645