[PATCH] D74806: [analyzer] NFCi: Refactor CStringChecker: use strongly typed internal API

Balázs Benics via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Tue Feb 18 16:32:25 PST 2020 

steakhal created this revision.
steakhal added reviewers: NoQ, baloghadamsoftware, Szelethus.
steakhal added a project: clang.
Herald added subscribers: cfe-commits, martong, Charusso, dkrupp, donat.nagy, mikhail.ramalho, a.sidorin, rnkovacs, szepet, xazax.hun, whisperity.
Herald added a reviewer: rengolin.
steakhal edited the summary of this revision.
steakhal updated this revision to Diff 245300.
steakhal added a comment.

Upload the right diff.


CStringChecker is a huge beast.

My effort in improving the analyzer regarding taint analysis is humbled by multiple factors.
I wanted to extend the diagnostics of the CStringChecker with taintedness.

In the long run, the diagnostic emitting parts of the `GenericTaintChecker` would be migrated to multiple checkers, leaving it's responsibility only to *model* taint propagation.
Eg. the `GenericTaintChecker::checkTaintedBufferSize` functionality will be mostly part of the CStringChecker.

This plan requires the `CStringChecker` to be refactored to support a more flexible reporting mechanism.

This patch does only refactorings, such:

- eliminates always `false` parameters (like `WarnAboutSize`)
- reduces the number of parameters
- makes strong types differentiating *source* and *destination* buffers (same with size expressions)
- binds the argument expression and the index, making diagnostics accurate and easy to emit
- removes a bunch of default parameters to make it more readable
- remove random `const char *` warning message parameters, making clear where and what is going to be emitted

Note that:

- `CheckBufferAccess` now checks *only* one buffer, this removed about 100 LOC code duplication
- not every function was refactored to use the /new/ strongly typed API, since the CString related functions are really closely coupled monolithic beasts, I will refactor them separately
- all tests are preserved and passing; only *the message changed at some places*. In my opinion, these messages are holding the same information.

I would also highlight that this refactoring caught a bug in `clang/test/Analysis/string.c:454` where the diagnostic did not reflect reality. This catch backs my effort on simplifying this monolithic CStringChecker.


Repository:
  rC Clang

https://reviews.llvm.org/D74806

Files:
  clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp
  clang/test/Analysis/bsd-string.c
  clang/test/Analysis/bstring.c
  clang/test/Analysis/null-deref-ps-region.c
  clang/test/Analysis/string.c

-------------- next part --------------
A non-text attachment was scrubbed...
Name: D74806.245300.patch
Type: text/x-patch
Size: 55402 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20200219/35dcaa27/attachment-0001.bin>

More information about the cfe-commits mailing list