[PATCH] D39370: [clang-tidy] Detect bugs in bugprone-misplaced-operator-in-strlen-in-alloc even in the case the allocation function is called using a constant function pointer
Balogh, Ádám via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Mon Nov 6 00:44:22 PST 2017
baloghadamsoftware updated this revision to Diff 121692.
baloghadamsoftware added a comment.
Updated to match https://reviews.llvm.org/D39121.
https://reviews.llvm.org/D39370
Files:
clang-tidy/bugprone/MisplacedOperatorInStrlenInAllocCheck.cpp
docs/clang-tidy/checks/bugprone-misplaced-operator-in-strlen-in-alloc.rst
test/clang-tidy/bugprone-misplaced-operator-in-strlen-in-alloc.c
Index: test/clang-tidy/bugprone-misplaced-operator-in-strlen-in-alloc.c
===================================================================
--- test/clang-tidy/bugprone-misplaced-operator-in-strlen-in-alloc.c
+++ test/clang-tidy/bugprone-misplaced-operator-in-strlen-in-alloc.c
@@ -75,3 +75,11 @@
// CHECK-MESSAGES-NOT: :[[@LINE-1]]:28: warning: addition operator is applied to the argument of strlen
// If expression is in extra parentheses, consider it as intentional
}
+
+void (*(*const alloc_ptr)(size_t)) = malloc;
+
+void bad_indirect_alloc(char *name) {
+ char *new_name = (char *)alloc_ptr(strlen(name + 1));
+ // CHECK-MESSAGES: :[[@LINE-1]]:28: warning: addition operator is applied to the argument of strlen
+ // CHECK-FIXES: {{^ char \*new_name = \(char \*\)alloc_ptr\(}}strlen(name) + 1{{\);$}}
+}
Index: docs/clang-tidy/checks/bugprone-misplaced-operator-in-strlen-in-alloc.rst
===================================================================
--- docs/clang-tidy/checks/bugprone-misplaced-operator-in-strlen-in-alloc.rst
+++ docs/clang-tidy/checks/bugprone-misplaced-operator-in-strlen-in-alloc.rst
@@ -7,9 +7,10 @@
``strnlen()``, ``strnlen_s()``, ``wcslen()``, ``wcsnlen()``, and ``wcsnlen_s()``
instead of the result and the value is used as an argument to a memory
allocation function (``malloc()``, ``calloc()``, ``realloc()``, ``alloca()``).
-Cases where ``1`` is added both to the parameter and the result of the
-``strlen()``-like function are ignored, as are cases where the whole addition is
-surrounded by extra parentheses.
+The check detects error cases even if one of these functions is called by a
+constant function pointer. Cases where ``1`` is added both to the parameter
+and the result of the ``strlen()``-like function are ignored, as are cases where
+the whole addition is surrounded by extra parentheses.
Example code:
Index: clang-tidy/bugprone/MisplacedOperatorInStrlenInAllocCheck.cpp
===================================================================
--- clang-tidy/bugprone/MisplacedOperatorInStrlenInAllocCheck.cpp
+++ clang-tidy/bugprone/MisplacedOperatorInStrlenInAllocCheck.cpp
@@ -49,10 +49,23 @@
functionDecl(anyOf(hasName("::calloc"), hasName("std::calloc"),
hasName("::realloc"), hasName("std::realloc")));
- Finder->addMatcher(
- callExpr(callee(Alloc0Func), hasArgument(0, BadArg)).bind("Alloc"), this);
- Finder->addMatcher(
- callExpr(callee(Alloc1Func), hasArgument(1, BadArg)).bind("Alloc"), this);
+ const auto Alloc0FuncPtr =
+ varDecl(hasType(isConstQualified()),
+ hasInitializer(ignoringParenImpCasts(
+ declRefExpr(hasDeclaration(Alloc0Func)))));
+ const auto Alloc1FuncPtr =
+ varDecl(hasType(isConstQualified()),
+ hasInitializer(ignoringParenImpCasts(
+ declRefExpr(hasDeclaration(Alloc1Func)))));
+
+ Finder->addMatcher(callExpr(callee(decl(anyOf(Alloc0Func, Alloc0FuncPtr))),
+ hasArgument(0, BadArg))
+ .bind("Alloc"),
+ this);
+ Finder->addMatcher(callExpr(callee(decl(anyOf(Alloc1Func, Alloc1FuncPtr))),
+ hasArgument(1, BadArg))
+ .bind("Alloc"),
+ this);
}
void MisplacedOperatorInStrlenInAllocCheck::check(
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D39370.121692.patch
Type: text/x-patch
Size: 3374 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20171106/82c897d9/attachment.bin>
More information about the cfe-commits
mailing list