[PATCH] D13352: [PATCH] Add a CERT category for clang-tidy checkers

[Aaron Ballman via cfe-commits]

aaron.ballman created this revision.
aaron.ballman added reviewers: alexfh, sbenza.
aaron.ballman added a subscriber: cfe-commits.

CERT produces a set of secure coding rules and recommendations for both C (https://www.securecoding.cert.org/confluence/display/c/SEI+CERT+C+Coding+Standard) and C++ (https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=637). One of the tasks we've been doing lately is mapping existing checks to our rules, as well as coming up with new checks where there is insufficient existing coverage for a rule.

This patch adds a new module so that users can enable CERT-specific checkers by using -checks=-*,cert-*. Currently, this is remapping existing checkers under a new name that matches the CERT guideline the checker matches. However, this also is a convenient place for us to hang CERT-specific rules that do not apply elsewhere.

This patch does not come with any tests because the only thing we could test is the name change for reported diagnostics, and I wasn't certain whether that was worth testing.

One thing this patch does not do is enable tests for static analyzer checkers under new names. For instance, I would like to have a way to map clang-analyzer-unix.Malloc to cert-mem34-c, but that seems slightly more involved, and so I intend to do this in a follow-up patch.

~Aaron

http://reviews.llvm.org/D13352

Files:
  clang-tidy/CMakeLists.txt
  clang-tidy/Makefile
  clang-tidy/cert/CERTTidyModule.cpp
  clang-tidy/cert/CMakeLists.txt
  clang-tidy/cert/Makefile
  clang-tidy/tool/CMakeLists.txt
  clang-tidy/tool/ClangTidyMain.cpp
  clang-tidy/tool/Makefile

-------------- next part --------------
A non-text attachment was scrubbed...
Name: D13352.36259.patch
Type: text/x-patch
Size: 5571 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20151001/2e12f1b2/attachment-0001.bin>