[PATCH] D70823: [clang-tidy] Adding cert-pos34-c check

[Aaron Ballman via Phabricator via cfe-commits]

aaron.ballman added inline comments.


================
Comment at: clang-tools-extra/clang-tidy/cert/PutenvWithAutoCheck.cpp:27
+                  hasAutomaticStorageDuration(),
+                  unless(hasDescendant(callExpr(callee(functionDecl(hasAnyName(
+                      "::alloc", "::malloc", "::realloc", "::calloc")))))))))))
----------------
I don't know that this is sufficient for the check, and I sort of think this may need to be implemented by the static analyzer rather than clang-tidy. The initialization of the variable is going to be control flow sensitive. Consider something like:
```
void foo(void) {
  char *buffer = "huttah!";
  if (rand() % 2 == 0) {
    buffer = malloc(5);
    strcpy(buffer, "woot");
  }
  putenv(buffer);
}

void bar(void) {
  char *buffer = malloc(5);
  strcpy(buffer, "woot");

  if (rand() % 2 == 0) {
    free(buffer);
    buffer = "blah blah blah";
  }
  putenv(buffer);
}
```


================
Comment at: clang-tools-extra/docs/clang-tidy/checks/cert-pos34-c.rst:4
+cert-pos34-c
+=====================
+
----------------
Underlining looks incorrect here.


================
Comment at: clang-tools-extra/docs/clang-tidy/checks/cert-pos34-c.rst:6
+
+Finds calls of ``putenv`` function with automatic variable as the argument.
+
----------------
Finds calls to the ``putenv`` function which pass  a pointer to an automatic variable as the argument.


================
Comment at: clang-tools-extra/docs/clang-tidy/checks/cert-pos34-c.rst:23
+
+This check corresponds to the CERT Standard rule 
+`POS34-C. Do not call putenv() with a pointer to an automatic variable as the argument.
----------------
CERT Standard -> CERT C Coding Standard


CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D70823/new/

https://reviews.llvm.org/D70823