[clang-tools-extra] [wip] Clang tidy/bugprone suspicious pointer arithmetics (PR #106061)

via cfe-commits cfe-commits at lists.llvm.org
Mon Aug 26 04:50:16 PDT 2024


llvmbot wrote:


<!--LLVM PR SUMMARY COMMENT-->

@llvm/pr-subscribers-clang-tidy

Author: Zoltán Porkoláb (zporky)

<details>
<summary>Changes</summary>



---
Full diff: https://github.com/llvm/llvm-project/pull/106061.diff


5 Files Affected:

- (modified) clang-tools-extra/clang-tidy/bugprone/BugproneTidyModule.cpp (+3) 
- (modified) clang-tools-extra/clang-tidy/bugprone/CMakeLists.txt (+1) 
- (added) clang-tools-extra/clang-tidy/bugprone/SuspiciousPointerArithmeticsUsingSizeofCheck.cpp (+84) 
- (added) clang-tools-extra/clang-tidy/bugprone/SuspiciousPointerArithmeticsUsingSizeofCheck.h (+30) 
- (modified) clang-tools-extra/clang-tidy/cert/CERTTidyModule.cpp (+4) 


``````````diff
diff --git a/clang-tools-extra/clang-tidy/bugprone/BugproneTidyModule.cpp b/clang-tools-extra/clang-tidy/bugprone/BugproneTidyModule.cpp
index 543c522899d7a5..4f74fd9fd50543 100644
--- a/clang-tools-extra/clang-tidy/bugprone/BugproneTidyModule.cpp
+++ b/clang-tools-extra/clang-tidy/bugprone/BugproneTidyModule.cpp
@@ -67,6 +67,7 @@
 #include "SuspiciousMemoryComparisonCheck.h"
 #include "SuspiciousMemsetUsageCheck.h"
 #include "SuspiciousMissingCommaCheck.h"
+#include "SuspiciousPointerArithmeticsUsingSizeofCheck.h"
 #include "SuspiciousReallocUsageCheck.h"
 #include "SuspiciousSemicolonCheck.h"
 #include "SuspiciousStringCompareCheck.h"
@@ -204,6 +205,8 @@ class BugproneModule : public ClangTidyModule {
         "bugprone-suspicious-memset-usage");
     CheckFactories.registerCheck<SuspiciousMissingCommaCheck>(
         "bugprone-suspicious-missing-comma");
+    CheckFactories.registerCheck<SuspiciousPointerArithmeticsUsingSizeofCheck>(
+        "bugprone-suspicious-pointer-arithmetics-using-sizeof");
     CheckFactories.registerCheck<SuspiciousReallocUsageCheck>(
         "bugprone-suspicious-realloc-usage");
     CheckFactories.registerCheck<SuspiciousSemicolonCheck>(
diff --git a/clang-tools-extra/clang-tidy/bugprone/CMakeLists.txt b/clang-tools-extra/clang-tidy/bugprone/CMakeLists.txt
index 0df9e439b715e5..c9877e6f5a7ddc 100644
--- a/clang-tools-extra/clang-tidy/bugprone/CMakeLists.txt
+++ b/clang-tools-extra/clang-tidy/bugprone/CMakeLists.txt
@@ -64,6 +64,7 @@ add_clang_library(clangTidyBugproneModule
   SuspiciousMemoryComparisonCheck.cpp
   SuspiciousMemsetUsageCheck.cpp
   SuspiciousMissingCommaCheck.cpp
+  SuspiciousPointerArithmeticsUsingSizeofCheck.cpp
   SuspiciousReallocUsageCheck.cpp
   SuspiciousSemicolonCheck.cpp
   SuspiciousStringCompareCheck.cpp
diff --git a/clang-tools-extra/clang-tidy/bugprone/SuspiciousPointerArithmeticsUsingSizeofCheck.cpp b/clang-tools-extra/clang-tidy/bugprone/SuspiciousPointerArithmeticsUsingSizeofCheck.cpp
new file mode 100644
index 00000000000000..a1710916f762ff
--- /dev/null
+++ b/clang-tools-extra/clang-tidy/bugprone/SuspiciousPointerArithmeticsUsingSizeofCheck.cpp
@@ -0,0 +1,84 @@
+//===--- SuspiciousPointerArithmeticsUsingSizeofCheck.cpp - clang-tidy --===//
+//
+// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
+// See https://llvm.org/LICENSE.txt for license information.
+// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
+//
+//===----------------------------------------------------------------------===//
+
+#include "SuspiciousPointerArithmeticsUsingSizeofCheck.h"
+#include "../utils/Matchers.h"
+#include "../utils/OptionsUtils.h"
+#include "clang/AST/ASTContext.h"
+#include "clang/ASTMatchers/ASTMatchFinder.h"
+#include "clang/Lex/Lexer.h"
+
+using namespace clang::ast_matchers;
+
+namespace clang::tidy::bugprone {
+
+//static const char *bin_op_bind = "ptr-sizeof-expression";	
+static constexpr llvm::StringLiteral BinOp{"bin-op"};
+static constexpr llvm::StringLiteral PointedType{"pointed-type"};
+static const auto IgnoredType = qualType(anyOf(asString("char"),asString("unsigned char"),asString("signed char"),asString("int8_t"),asString("uint8_t"),asString("std::byte"),asString("const char"),asString("const unsigned char"),asString("const signed char"),asString("const int8_t"),asString("const uint8_t"),asString("const std::byte")));
+static const auto InterestingPointer = pointerType(unless(pointee(IgnoredType)));
+
+SuspiciousPointerArithmeticsUsingSizeofCheck::SuspiciousPointerArithmeticsUsingSizeofCheck(
+    StringRef Name, ClangTidyContext *Context)
+    : ClangTidyCheck(Name, Context) {
+}
+
+void SuspiciousPointerArithmeticsUsingSizeofCheck::registerMatchers(MatchFinder *Finder) {
+    Finder->addMatcher(
+	     expr(anyOf(
+/*                    binaryOperator(hasAnyOperatorName("+","-"),
+                      hasEitherOperand(hasType(pointerType())),
+		      hasEitherOperand(sizeOfExpr(expr())),
+		      unless(allOf(hasLHS(hasType(pointerType())),
+				   hasRHS(hasType(pointerType()))))
+		      ).bind(bin_op_bind),
+		    binaryOperator(hasAnyOperatorName("+=","-="),
+	              hasLHS(hasType(pointerType())),
+		      hasRHS(sizeOfExpr(expr()))
+		      ).bind(bin_op_bind)
+
+		    binaryOperator(hasAnyOperatorName("+=","-=","+","-" ),
+	              hasLHS(hasType(InterestingPointer)),
+		      hasRHS(sizeOfExpr(expr()))).bind(BinOp),
+		    binaryOperator(hasAnyOperatorName("+","-" ),
+	              hasRHS(hasType(InterestingPointer)),
+		      hasLHS(sizeOfExpr(expr()))).bind(BinOp)
+*/		    
+		    binaryOperator(hasAnyOperatorName("+=","-=","+","-" ),
+	              hasLHS(hasType(pointerType(pointee(qualType().bind(PointedType))))),
+		      hasRHS(sizeOfExpr(expr()))).bind(BinOp),
+		    binaryOperator(hasAnyOperatorName("+","-" ),
+	              hasRHS(hasType(pointerType(pointee(qualType().bind(PointedType))))),
+		      hasLHS(sizeOfExpr(expr()))).bind(BinOp)
+            )),
+        this);
+}
+
+static CharUnits getSizeOfType(const ASTContext &Ctx, const Type *Ty) {
+  if (!Ty || Ty->isIncompleteType() || Ty->isDependentType() ||
+      isa<DependentSizedArrayType>(Ty) || !Ty->isConstantSizeType())
+    return CharUnits::Zero();
+  return Ctx.getTypeSizeInChars(Ty);
+}
+
+void SuspiciousPointerArithmeticsUsingSizeofCheck::check(const MatchFinder::MatchResult &Result) {
+    const ASTContext &Ctx = *Result.Context;
+    const BinaryOperator* Matched = Result.Nodes.getNodeAs<BinaryOperator>(BinOp);
+    const QualType* SuspiciousQualTypePtr = Result.Nodes.getNodeAs<QualType>(PointedType);
+    const Type* SuspiciousTypePtr = SuspiciousQualTypePtr->getTypePtr();
+
+    std::size_t sz = getSizeOfType(Ctx,SuspiciousTypePtr).getQuantity();
+    if ( sz > 1 )
+    {
+        diag(Matched->getExprLoc(),"Suspicious pointer arithmetics using sizeof() operator: sizeof(%0) is %1") << SuspiciousQualTypePtr->getAsString(Ctx.getPrintingPolicy())
+	                       << sz
+		               << Matched->getSourceRange();
+    }
+}
+
+} // namespace clang::tidy::bugprone
diff --git a/clang-tools-extra/clang-tidy/bugprone/SuspiciousPointerArithmeticsUsingSizeofCheck.h b/clang-tools-extra/clang-tidy/bugprone/SuspiciousPointerArithmeticsUsingSizeofCheck.h
new file mode 100644
index 00000000000000..d39e15f0ccc3a0
--- /dev/null
+++ b/clang-tools-extra/clang-tidy/bugprone/SuspiciousPointerArithmeticsUsingSizeofCheck.h
@@ -0,0 +1,30 @@
+//===--- SuspiciousPointerArithmeticsUsingSizeofCheck.h - clang-tidy -*- C++ -*-===//
+//
+// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
+// See https://llvm.org/LICENSE.txt for license information.
+// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
+//
+//===----------------------------------------------------------------------===//
+
+#ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_BUGPRONE_SUSPICIOUSPOINTERARITHMETICSSIZEOFCHECK_H
+#define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_BUGPRONE_SUSPICIOUSPOINTERARITHMETICSSIZEOFCHECK_H
+
+#include "../ClangTidyCheck.h"
+
+namespace clang::tidy::bugprone {
+
+/// Find suspicious calls to string compare functions.
+///
+/// For the user-facing documentation see:
+/// http://clang.llvm.org/extra/clang-tidy/checks/bugprone/suspicious-pointer-arithmetics-sizeof.html
+class SuspiciousPointerArithmeticsUsingSizeofCheck : public ClangTidyCheck {
+public:
+  SuspiciousPointerArithmeticsUsingSizeofCheck(StringRef Name, ClangTidyContext *Context);
+//  void storeOptions(ClangTidyOptions::OptionMap &Opts) override;
+  void registerMatchers(ast_matchers::MatchFinder *Finder) override;
+  void check(const ast_matchers::MatchFinder::MatchResult &Result) override;
+};
+
+} // namespace clang::tidy::bugprone
+
+#endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_BUGPRONE_SUSPICIOUSPOINTERARITHMETICSSIZEOFCHECK_H
diff --git a/clang-tools-extra/clang-tidy/cert/CERTTidyModule.cpp b/clang-tools-extra/clang-tidy/cert/CERTTidyModule.cpp
index d448d9ba614548..17a7e4bc51049d 100644
--- a/clang-tools-extra/clang-tidy/cert/CERTTidyModule.cpp
+++ b/clang-tools-extra/clang-tidy/cert/CERTTidyModule.cpp
@@ -15,6 +15,7 @@
 #include "../bugprone/SignedCharMisuseCheck.h"
 #include "../bugprone/SpuriouslyWakeUpFunctionsCheck.h"
 #include "../bugprone/SuspiciousMemoryComparisonCheck.h"
+#include "../bugprone/SuspiciousPointerArithmeticsUsingSizeofCheck.h"
 #include "../bugprone/UnhandledSelfAssignmentCheck.h"
 #include "../bugprone/UnsafeFunctionsCheck.h"
 #include "../bugprone/UnusedReturnValueCheck.h"
@@ -278,6 +279,9 @@ class CERTModule : public ClangTidyModule {
         "cert-oop58-cpp");
 
     // C checkers
+    // ARR
+    CheckFactories.registerCheck<bugprone::SuspiciousPointerArithmeticsUsingSizeofCheck>(
+        "cert-arr39-c");		    
     // CON
     CheckFactories.registerCheck<bugprone::SpuriouslyWakeUpFunctionsCheck>(
         "cert-con36-c");

``````````

</details>


https://github.com/llvm/llvm-project/pull/106061


More information about the cfe-commits mailing list