Commit Graph

27 Commits

Author SHA1 Message Date
Aaron Ballman 7bfa685611 Add a new clang-tidy check for cert-msc50-cpp (and cert-msc30-c) that corresponds to the CERT C++ secure coding rule: https://www.securecoding.cert.org/confluence/display/cplusplus/MSC50-CPP.+Do+not+use+std%3A%3Arand%28%29+for+generating+pseudorandom+numbers
Patch by Benedek Kiss

llvm-svn: 285809
2016-11-02 14:16:36 +00:00
Malcolm Parsons 2792dccb36 [clang-tidy] Update cert-err58-cpp to match its new generalised form.
Summary:
Aaron modified cert-err58-cpp to include all exceptions thrown before main()
Update the check to match.

Reviewers: aaron.ballman

Subscribers: cfe-commits

Differential Revision: https://reviews.llvm.org/D25925

llvm-svn: 285653
2016-10-31 22:47:04 +00:00
Marek Kurdej 2cf1dc2add [clang-tidy] Add cert-err09-cpp check alias.
Summary: This adds cert-err09-cpp alias for completeness, similar to cert-err61-cpp.

Reviewers: alexfh, hokein

Subscribers: cfe-commits

Differential Revision: https://reviews.llvm.org/D25770

llvm-svn: 284596
2016-10-19 14:28:19 +00:00
Malcolm Parsons 778269dd78 [clang-tidy] Use ignoreImplicit in cert-err58-cpp check
Summary:
Fix a false negative in cert-err58-cpp check when calling a constructor
creates objects that require cleanup.

Reviewers: aaron.ballman

Subscribers: cfe-commits

Differential Revision: https://reviews.llvm.org/D25642

llvm-svn: 284332
2016-10-16 09:47:10 +00:00
Aaron Ballman 160572855d Silence a false positive with the cert-err58-cpp check; now allows objects with static or thread storage duration at function block scope.
Patch by Malcolm Parsons

llvm-svn: 282409
2016-09-26 15:00:45 +00:00
Gabor Horvath afad84c04b [clang-tidy] Cleaning up language options.
Differential Revision: https://reviews.llvm.org/D24881

llvm-svn: 282319
2016-09-24 02:13:45 +00:00
Kirill Bobyrev 11cea45cce [clang-tidy] remove trailing whitespaces and retab
llvm-svn: 277340
2016-08-01 12:06:18 +00:00
Piotr Padlewski e93a73fb7a [ASTMatchers] Added ignoringParenImpCasts to has matchers
has matcher changed behaviour, and now it matches "as is" and
doesn't skip implicit and paren casts

http://reviews.llvm.org/D20801

llvm-svn: 271289
2016-05-31 15:26:56 +00:00
Alexander Kornienko 5d08bb72d9 [clang-tidy] Switch to a more common way of customizing check behavior.
This should have been done this way from the start, however I somehow missed
r257177.

llvm-svn: 270215
2016-05-20 13:42:40 +00:00
Etienne Bergeron 456177b98f [clang-tidy] Cleaning namespaces to be more consistant across checkers.
Summary:
The goal of the patch is to bring checkers in their appropriate namespace.
This path doesn't change any behavior.

Reviewers: alexfh

Subscribers: cfe-commits

Differential Revision: http://reviews.llvm.org/D19811

llvm-svn: 268264
2016-05-02 18:00:29 +00:00
Aaron Ballman d744e63d90 Add a clang-tidy check that flags string-to-number conversion functions that have insufficient error checking, suggesting a better alternative.
This check corresponds to: https://www.securecoding.cert.org/confluence/display/c/ERR34-C.+Detect+errors+when+converting+a+string+to+a+number

llvm-svn: 268100
2016-04-29 20:56:48 +00:00
Aaron Ballman 527a420550 Add a new check, cert-env33-c, that diagnoses uses of system(), popen(), and _popen() to execute a command processor. This check corresponds to the CERT secure coding rule: https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=2130132
llvm-svn: 261530
2016-02-22 16:01:06 +00:00
Aaron Ballman 611d2e4ee6 Add a new check, cert-flp30-c, that diagnoses loop induction expressions of floating-point type. This check corresponds to the CERT secure coding rule: https://www.securecoding.cert.org/confluence/display/c/FLP30-C.+Do+not+use+floating-point+variables+as+loop+counters
llvm-svn: 261324
2016-02-19 14:03:20 +00:00
Chris Bieneman 2cc7fec76a Remove autoconf support
Summary:
This patch is provided in preparation for removing autoconf on 1/26. The proposal to remove autoconf on 1/26 was discussed on the llvm-dev thread here: http://lists.llvm.org/pipermail/llvm-dev/2016-January/093875.html

"Now I am become Death, the destroyer of worlds."
-J. Robert Oppenheimer

Reviewers: chandlerc, grosbach, bob.wilson, echristo

Subscribers: cfe-commits, klimek

Differential Revision: http://reviews.llvm.org/D16475

llvm-svn: 258864
2016-01-26 21:31:36 +00:00
Aaron Ballman 1284f04aed Rename the CERT namespace to cert, and update some checkers to use this namespace consistently.
Patch thanks to Haojian Wu!

llvm-svn: 256756
2016-01-04 14:31:14 +00:00
Aaron Ballman a6ab2efed2 Renaming CERT documentation files to use the CERT rule identifiers. This is for consistency with other checkers, where the documentation file name matches the checker name. NFC of the checkers.
llvm-svn: 256474
2015-12-27 19:14:55 +00:00
Aaron Ballman ce6c534beb Add a license clarification for use of links and titles of CERT secure coding guidelines.
llvm-svn: 255248
2015-12-10 13:53:36 +00:00
Aaron Ballman c5a6da0ed1 Replace the custom AST matcher for nothrow functions with the canonical AST matcher from r254516.
llvm-svn: 254517
2015-12-02 15:24:47 +00:00
Aaron Ballman 43aef4cb9b Add a new checker, cert-err58-cpp, that checks for static or thread_local objects that use a throwing constructor.
This check corresponds to the CERT secure coding rule: https://www.securecoding.cert.org/confluence/display/cplusplus/ERR58-CPP.+Constructors+of+objects+with+static+or+thread+storage+duration+must+not+throw+exceptions

llvm-svn: 254415
2015-12-01 14:05:39 +00:00
Aaron Ballman f71c9661df Test to ensure the function does not have an unresolved or unevaluated exception specification before testing whether the function throws or not. Fixes PR25574.
llvm-svn: 253598
2015-11-19 20:45:35 +00:00
Aaron Ballman 5a786ddf4c Add a new clang-tidy checker that flags throw expressions whose thrown type is not nothrow copy constructible. While the compiler is free to elide copy constructor calls in some cases, it is under no obligation to do so, which makes the code a portability concern as well as a security concern.
This checker corresponds to the CERT secure coding rule: https://www.securecoding.cert.org/confluence/display/cplusplus/ERR60-CPP.+Exception+objects+must+be+nothrow+copy+constructible

llvm-svn: 253246
2015-11-16 19:17:43 +00:00
Aaron Ballman a742b84e5d Exposing an existing checker under the name cert-err61-cpp, as it corresponds to the CERT C++ secure coding rule: https://www.securecoding.cert.org/confluence/display/cplusplus/ERR61-CPP.+Catch+exceptions+by+lvalue+reference
llvm-svn: 250221
2015-10-13 20:42:41 +00:00
Aaron Ballman e4b1765a0f Adding a checker (cert-err52-cpp) that detects use of setjmp or longjmp in C++ code. Corresponds to the CERT C++ secure coding rule: https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=1834
llvm-svn: 249727
2015-10-08 19:54:43 +00:00
Aaron Ballman fd3a3b3f29 Loosening the restriction on variadic function definitions so that extern "C" function definitions are permissible.
llvm-svn: 249555
2015-10-07 15:14:10 +00:00
Aaron Ballman 46bc30472b Adding a checker (cert-dcl50-cpp) that detects the definition of a C-style variadic function in C++ code. Corresponds to the CERT C++ secure coding rule: https://www.securecoding.cert.org/confluence/display/cplusplus/DCL50-CPP.+Do+not+define+a+C-style+variadic+function
llvm-svn: 249343
2015-10-05 20:08:59 +00:00
Aaron Ballman 67e06ddb51 Hopefully rectifying a build bot issue with:
http://bb.pgr.jp/builders/i686-mingw32-RA-on-linux/builds/2833/steps/build_llvmclang/logs/stdio

Also, drive-by comment fix in a makefile.

llvm-svn: 249133
2015-10-02 14:01:55 +00:00
Aaron Ballman ea2f90c96b Adding a new clang-tidy module to house CERT-specific checkers, and map existing checkers to CERT secure coding rules and recommendations for both C (https://www.securecoding.cert.org/confluence/display/c/SEI+CERT+C+Coding+Standard) and C++ (https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=637).
llvm-svn: 249130
2015-10-02 13:27:19 +00:00