Summary:
New checker called bugprone-not-null-terminated-result. This checker finds
function calls where it is possible to cause a not null-terminated result.
Usually the proper length of a string is `strlen(src) + 1` or equal length
of this expression, because the null terminator needs an extra space.
Without the null terminator it can result in undefined behaviour when the
string is read.
The following and their respective `wchar_t` based functions are checked:
`memcpy`, `memcpy_s`, `memchr`, `memmove`, `memmove_s`, `strerror_s`,
`strncmp`, `strxfrm`
The following is a real-world example where the programmer forgot to
increase the passed third argument, which is `size_t length`.
That is why the length of the allocated memory is not enough to hold the
null terminator.
```
static char *stringCpy(const std::string &str) {
char *result = reinterpret_cast<char *>(malloc(str.size()));
memcpy(result, str.data(), str.size());
return result;
}
```
In addition to issuing warnings, fix-it rewrites all the necessary code.
It also tries to adjust the capacity of the destination array:
```
static char *stringCpy(const std::string &str) {
char *result = reinterpret_cast<char *>(malloc(str.size() + 1));
strcpy(result, str.data());
return result;
}
```
Note: It cannot guarantee to rewrite every of the path-sensitive memory
allocations.
Reviewed By: JonasToth, aaron.ballman, whisperity, alexfh
Tags: #clang-tools-extra, #clang
Differential Revision: https://reviews.llvm.org/D45050
llvm-svn: 374707
The patch committed was not the accepted version but the
previous one. This commit fixes this issue.
Differential Revision: https://reviews.llvm.org/D64736
llvm-svn: 373428
Finding infinite loops is well-known to be impossible (halting problem).
However, it is possible to detect some obvious infinite loops, for example,
if the loop condition is not changed. Detecting such loops is beneficial
since the tests will hang on programs containing infinite loops so
testing-time detection may be costly in large systems. Obvious cases are
where the programmer forgets to increment/decrement the counter or
increments/decrements the wrong variable.
Differential Revision: https://reviews.llvm.org/D64736
-------
Broke some buildbots "No SOURCES given to target: obj.clangTidyBugproneModule"
llvm-svn: 372704
Finding infinite loops is well-known to be impossible (halting problem).
However, it is possible to detect some obvious infinite loops, for example,
if the loop condition is not changed. Detecting such loops is beneficial
since the tests will hang on programs containing infinite loops so
testing-time detection may be costly in large systems. Obvious cases are
where the programmer forgets to increment/decrement the counter or
increments/decrements the wrong variable.
Differential Revision: https://reviews.llvm.org/D64736
llvm-svn: 372693
Summary:
After revision 370919, this check incorrectly flags certain cases of implicit
constructors. Specifically, if an argument is annotated with an
argument-comment and the argument expression triggers an implicit constructor,
then the argument comment is associated with argument of the implicit
constructor.
However, this only happens when the constructor has more than one argument.
This revision fixes the check for implicit constructors and adds a regression
test for this case.
Note: r370919 didn't cause this bug, it simply uncovered it by fixing another
bug that was masking the behavior.
Reviewers: gribozavr
Subscribers: xazax.hun, cfe-commits
Tags: #clang
Differential Revision: https://reviews.llvm.org/D67744
llvm-svn: 372317
This check now also checks if any calls to pthread_* functions expect negative return values. These functions return either 0 on success or an errno on failure, which is positive only.
llvm-svn: 372037
Summary:
Add bugprone-argument-comment option: IgnoreSingleArgument.
When true, the check will ignore the single argument.
Sometimes, it's not necessary to add comment to single argument.
For example:
> std::string name("Yubo Xie");
> pScreen->SetWidth(1920);
> pScreen->SetHeight(1080);
This option can ignore such single argument in bugprone-argument-comment check.
Reviewers: alexfh
Reviewed By: alexfh
Subscribers: cfe-commits
Tags: #clang
Patch by Yubo Xie.
Differential Revision: https://reviews.llvm.org/D67056
llvm-svn: 371075
Summary:
We've been running doxygen with the autobrief option for a couple of
years now. This makes the \brief markers into our comments
redundant. Since they are a visual distraction and we don't want to
encourage more \brief markers in new code either, this patch removes
them all.
Patch produced by
for i in $(git grep -l '\\brief'); do perl -pi -e 's/\\brief //g' $i & done
[This is analogous to LLVM r331272 and CFE r331834]
Subscribers: srhines, nemanjai, javed.absar, kbarton, MaskRay, jkorous, arphaman, jfb, kadircet, jsji, cfe-commits
Tags: #clang
Differential Revision: https://reviews.llvm.org/D66578
llvm-svn: 369643
Finds instances where variables with static storage are initialized dynamically in header files.
Reviewed By: aaron.ballman, alexfh
Patch by Charles Zhang!
Differential Revision: https://reviews.llvm.org/D62829
llvm-svn: 369568
Now that we've moved to C++14, we no longer need the llvm::make_unique
implementation from STLExtras.h. This patch is a mechanical replacement
of (hopefully) all the llvm::make_unique instances across the monorepo.
Differential revision: https://reviews.llvm.org/D66259
llvm-svn: 368944
Summary:
Lexer::getLocForEndOfToken is defined to return an
invalid location if the given location is inside a macro.
Other checks conditionally warn based off location
validity. Updating this check to do the same.
Reviewers: JonasToth, aaron.ballman, nickdesaulniers
Reviewed By: nickdesaulniers
Subscribers: lebedev.ri, nickdesaulniers, xazax.hun, cfe-commits
Tags: #clang
Differential Revision: https://reviews.llvm.org/D64607
llvm-svn: 366353
Summary:
Checks if any calls to posix functions (except posix_openpt) expect negative return values.
These functions return either 0 on success or an errno on failure, which is positive only.
Reviewers: JonasToth, gribozavr, alexfh, hokein
Reviewed By: gribozavr
Subscribers: Eugene.Zelenko, lebedev.ri, llozano, george.burgess.iv, xazax.hun, srhines, mgorny, cfe-commits
Tags: #clang
Differential Revision: https://reviews.llvm.org/D63623
Patch by Jian Cai.
llvm-svn: 365007
Summary:
Added WarnOnlyIfThisHasSuspiciousField option to allow
to catch any copy assignment operator independently from
the container class's fields.
Added the cert alias using this option.
Reviewers: aaron.ballman
Reviewed By: aaron.ballman
Subscribers: mgorny, Eugene.Zelenko, xazax.hun, cfe-commits
Tags: #clang
Differential Revision: https://reviews.llvm.org/D62192
llvm-svn: 361550
Implement a check for detecting if/else if/else chains where two or more
branches are Type I clones of each other (that is, they contain identical code)
and for detecting switch statements where two or more consecutive branches are
Type I clones of each other.
Patch by Donát Nagy!
Differential Revision: https://reviews.llvm.org/D54757
llvm-svn: 360779
Summary:
This check searches for copy assignment operators which might not handle self-assignment properly. There are three patterns of
handling a self assignment situation: self check, copy-and-swap or the less common copy-and-move. The new check warns if none of
these patterns is found in a user defined implementation.
See also:
OOP54-CPP. Gracefully handle self-copy assignment
https://wiki.sei.cmu.edu/confluence/display/cplusplus/OOP54-CPP.+Gracefully+handle+self-copy+assignment
Reviewers: JonasToth, alexfh, hokein, aaron.ballman
Subscribers: riccibruno, Eugene.Zelenko, mgorny, xazax.hun, cfe-commits
Tags: #clang, #clang-tools-extra
Differential Revision: https://reviews.llvm.org/D60507
llvm-svn: 360540
Accidentally taking the size of a struct-pointer type or a value of this type
is more common than explicitly using the & operator for the value. This patch
extends the check to include these cases.
Differential Revision: https://reviews.llvm.org/D61260
llvm-svn: 360114
Some programmers tend to forget that subtracting two pointers results in the
difference between them in number of elements of the pointee type instead of
bytes. This leads to codes such as `size_t size = (p - q) / sizeof(int)` where
`p` and `q` are of type `int*`. Or similarily, `if (p - q < buffer_size *
sizeof(int)) { ... }`. This patch extends `bugprone-sizeof-expression` to
detect such cases.
Differential Revision: https://reviews.llvm.org/D61422
llvm-svn: 360032
Summary:
The bugprone-too-small-loop-variable check often catches loop variables which can represent "big enough" values, so we don't actually need to worry about that this variable will overflow in a loop when the code iterates through a container. For example a 32 bit signed integer type's maximum value is 2 147 483 647 and a container's size won't reach this maximum value in most of the cases.
So the idea of this option to allow the user to specify an upper limit (using magnitude bit of the integer type) to filter out those catches which are not interesting for the user, so he/she can focus on the more risky integer incompatibilities.
Next to the option I replaced the term "positive bits" to "magnitude bits" which seems a better naming both in the code and in the name of the new option.
Reviewers: JonasToth, alexfh, aaron.ballman, hokein
Reviewed By: JonasToth
Subscribers: Eugene.Zelenko, xazax.hun, jdoerfert, cfe-commits
Tags: #clang-tools-extra, #clang
Differential Revision: https://reviews.llvm.org/D59870
llvm-svn: 358356
Requires making the llvm::MemoryBuffer* stored by SourceManager const,
which in turn requires making the accessors for that return const
llvm::MemoryBuffer*s and updating all call sites.
The original motivation for this was to use it and fix the TODO in
CodeGenAction.cpp's ConvertBackendLocation() by using the UnownedTag
version of createFileID, and since llvm::SourceMgr* hands out a const
llvm::MemoryBuffer* this is required. I'm not sure if fixing the TODO
this way actually works, but this seems like a good change on its own
anyways.
No intended behavior change.
Differential Revision: https://reviews.llvm.org/D60247
llvm-svn: 357724
Summary: Detect a few expressions as likely character expressions, see PR27723.
Reviewers: xazax.hun, alexfh
Subscribers: rnkovacs, jdoerfert, cfe-commits
Tags: #clang
Differential Revision: https://reviews.llvm.org/D58609
llvm-svn: 355089
Summary:
The analsis on the throwing behvaiour on functions and statements gave only
a binary answer whether an exception could occur and if yes which types are
thrown.
This refactoring allows keeping track if there is a unknown factor, because the
code calls to some functions with unavailable source code with no `noexcept`
information.
This 'potential Unknown' information is propagated properly and can be queried
separately.
Reviewers: lebedev.ri, aaron.ballman, baloghadamsoftware, alexfh
Reviewed By: lebedev.ri, baloghadamsoftware
Subscribers: xazax.hun, rnkovacs, a.sidorin, Szelethus, donat.nagy, dkrupp, cfe-commits
Tags: #clang
Differential Revision: https://reviews.llvm.org/D57883
llvm-svn: 354517
ExprWithCleanups is currently not skipped by IgnoreParenImpCasts, but is skipped
by IgnoreImpCasts. In view of fixing this inconsistency in D57267, remove the
IgnoreParenImpCasts between the ReturnStmt and the ExprWithCleanups which
is not needed since ExprWithCleanups is always created as a direct child of
ReturnStmt (by inspection of each ReturnStmt::Create in Sema/SemaStmt.cpp).
NFC intended.
llvm-svn: 354228
bugprone-argument-comment only supports identifying those comments which do not match the function parameter name
This revision add 3 options to adding missing argument comments to literals (granularity on type is added to control verbosity of fixit)
```
CheckOptions:
- key: bugprone-argument-comment.CommentBoolLiterals
value: '1'
- key: bugprone-argument-comment.CommentFloatLiterals
value: '1'
- key: bugprone-argument-comment.CommentIntegerLiterals
value: '1'
- key: bugprone-argument-comment.CommentStringLiterals
value: '1'
- key: bugprone-argument-comment.CommentCharacterLiterals
value: '1'
- key: bugprone-argument-comment.CommentUserDefinedLiterals
value: '1'
- key: bugprone-argument-comment.CommentNullPtrs
value: '1'
```
After applying these options, literal arguments will be preceded with /*ParameterName=*/
Reviewers: JonasToth, Eugene.Zelenko, alexfh, hokein, aaron.ballman
Reviewed By: aaron.ballman, Eugene.Zelenko
Differential Revision: https://reviews.llvm.org/D57674
llvm-svn: 353535
Summary:
The check `bugprone-exception-escape` does an AST-based analysis to determine
if a function might throw an exception and warns based on that information.
The analysis part is refactored into a standalone class similiar to
`ExprMutAnalyzer` that is generally useful.
I intent to use that class in a new check to automatically introduce `noexcept`
if possible.
Reviewers: aaron.ballman, alexfh, hokein, baloghadamsoftware, lebedev.ri
Reviewed By: baloghadamsoftware, lebedev.ri
Subscribers: lebedev.ri, mgorny, xazax.hun, rnkovacs, cfe-commits
Tags: #clang-tools-extra
Differential Revision: https://reviews.llvm.org/D57100
llvm-svn: 352741
to reflect the new license.
We understand that people may be surprised that we're moving the header
entirely to discuss the new license. We checked this carefully with the
Foundation's lawyer and we believe this is the correct approach.
Essentially, all code in the project is now made available by the LLVM
project under our new license, so you will see that the license headers
include that license only. Some of our contributors have contributed
code under our old license, and accordingly, we have retained a copy of
our old license notice in the top-level files in each project and
repository.
llvm-svn: 351636
Summary:
Previously, we weren't recognizing these as smart pointers and thus
weren't allowing non-dereference accesses as we should -- see new test
cases which fail without the fix.
Reviewers: alexfh, hokein, aaron.ballman, JonasToth
Reviewed By: JonasToth
Subscribers: xazax.hun, cfe-commits
Tags: #clang-tools-extra
Differential Revision: https://reviews.llvm.org/D56585
llvm-svn: 351303
Summary:
https://reviews.llvm.org/D56509 changed the API of the
CXXMethodDecl::getThisType method. Adapt to the change (and re-apply
clang-format) to fix the clang-tidy build.
llvm-svn: 350916
Summary:
Implement a check for detecting if/else if/else chains where two or more
branches are Type I clones of each other (that is, they contain identical code)
and for detecting switch statements where two or more consecutive branches are
Type I clones of each other.
Patch by donat.nagy.
Reviewers: alexfh, hokein, aaron.ballman, JonasToth
Reviewed By: JonasToth
Subscribers: MTC, lebedev.ri, whisperity, xazax.hun, Eugene.Zelenko, mgorny, rnkovacs, dkrupp, Szelethus, gamesh411, cfe-commits
Tags: #clang-tools-extra
Differential Revision: https://reviews.llvm.org/D54757
llvm-svn: 348343
Summary:
bugprone-misplaced-widening-cast check
used to give a false warning to the
following example.
enum DaysEnum{
MON = 0,
TUE = 1
};
day = (DaysEnum)(day + 1);
//warning: either cast from 'int' to 'DaysEnum' is ineffective...
But i think int to enum cast is not widening neither ineffective.
Patch by dkrupp.
Reviewers: JonasToth, alexfh
Reviewed By: alexfh
Subscribers: rnkovacs, Szelethus, gamesh411, cfe-commits
Tags: #clang-tools-extra
Differential Revision: https://reviews.llvm.org/D55255
llvm-svn: 348341