[clang] [Webkit Checkers] Introduce a Webkit checker for memory unsafe casts (PR #114606)
Artem Dergachev via cfe-commits
cfe-commits at lists.llvm.org
Fri Nov 1 15:34:31 PDT 2024
================
@@ -0,0 +1,86 @@
+//=======- MemoryUnsafeCastChecker.cpp -------------------------*- C++ -*-==//
+//
+// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
+// See https://llvm.org/LICENSE.txt for license information.
+// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
+//
+//===----------------------------------------------------------------------===//
+//
+// This file defines MemoryUnsafeCast checker, which checks for casts from a
+// base type to a derived type.
+//===----------------------------------------------------------------------===//
+
+#include "clang/AST/ASTContext.h"
+#include "clang/StaticAnalyzer/Checkers/BuiltinCheckerRegistration.h"
+#include "clang/StaticAnalyzer/Core/BugReporter/BugType.h"
+#include "clang/StaticAnalyzer/Core/Checker.h"
+#include "clang/StaticAnalyzer/Core/CheckerManager.h"
+#include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"
+
+using namespace clang;
+using namespace ento;
+
+namespace {
+class MemoryUnsafeCastChecker : public Checker<check::PreStmt<CastExpr>> {
----------------
haoNoQ wrote:
Does this checker need to be path-sensitive? It doesn't look like you're using any information gathered by the path-sensitive engine.
The callback `check::PreStmt` is invoked for every execution path that is discovered to reach the statement. If you don't care about the properties of individual execution paths, you should probably make the checker path-insensitive by subscribing to `check::ASTCodeBody` instead, and then exploring the "code body" with the `forEachDescendant()` matcher, just like the `OSObjectCStyleCast` checker does it.
This will also significantly improve performance in some configurations because the path-sensitive engine doesn't need to be ramped up when there are no active path-sensitive checkers. (Eg. when somebody is using only WebKit checkers none of which are currently path-sensitive.)
https://github.com/llvm/llvm-project/pull/114606
More information about the cfe-commits
mailing list