[PATCH] D45050: [clang-tidy] New checker for not null-terminated result caused by strlen or wcslen
Csaba Dabis via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Sun Jul 29 23:29:42 PDT 2018
Charusso updated this revision to Diff 157916.
Charusso added a comment.
Excuse me for the huge patch, but what I can done wrongly, I did, so I have made tons of revision.
I would like to show the current direction of the checker. Currently it has too much overlapping function, so please don't go too deep into the core.
Major fixes in every function:
- Equal length of `strlen(src)` is now handled.
- It can read out the length of the destination buffer.
- If the length increases in the passed argument, it also increases the destination buffer (if overflow is looks like to possible).
Major fixes in `memcpy()` and `memmove()`:
- It can decide which function is the best in performance and safety. (The last implementation was rely on C++11 version, which was a huge mistake.)
- Handles cases where the destination is `unsigned char` or `signed char`, which cannot be passed to any string handler function. (It haven't checked the type so that made wrong fix-its.)
Minor fixes:
- Removed all memory allocation matchers in general, but the current functions behave the same to increase the buffer length.
- Now the test files' `RUN` command working well. (CheckOptions was wrong.)
Problematic:
1. It allows all custom memory allocation function. Sometimes the read buffer size is not the size parameter.
2. May it is not a good idea to heuristically read and increase buffer lengths.
3. If the new function transformed from `memcpy()` to `strncpy()`, the checker adds the null terminator expression in the next line, like `dest[length] = '\0'`, which is looks like a quite big injection.
https://reviews.llvm.org/D45050
Files:
clang-tidy/bugprone/BugproneTidyModule.cpp
clang-tidy/bugprone/CMakeLists.txt
clang-tidy/bugprone/NotNullTerminatedResultCheck.cpp
clang-tidy/bugprone/NotNullTerminatedResultCheck.h
docs/ReleaseNotes.rst
docs/clang-tidy/checks/bugprone-not-null-terminated-result.rst
docs/clang-tidy/checks/list.rst
test/clang-tidy/bugprone-not-null-terminated-result-in-initialization-strlen.c
test/clang-tidy/bugprone-not-null-terminated-result-memcpy-before-safe.c
test/clang-tidy/bugprone-not-null-terminated-result-memcpy-safe-cxx.cpp
test/clang-tidy/bugprone-not-null-terminated-result-memcpy-safe-other.c
test/clang-tidy/bugprone-not-null-terminated-result-memcpy-safe.c
test/clang-tidy/bugprone-not-null-terminated-result-strlen.c
test/clang-tidy/bugprone-not-null-terminated-result-wcslen.cpp
test/clang-tidy/bugprone-not-null-terminated-result-wmemcpy-safe-cxx.cpp
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D45050.157916.patch
Type: text/x-patch
Size: 88446 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20180730/4c6f4eb1/attachment-0001.bin>
More information about the cfe-commits
mailing list