This is an archive of the discontinued LLVM Phabricator instance.

Differential D112409

[clang-tidy] Add check 'cert-err33-c'.
ClosedPublic

Authored by balazske on Oct 25 2021, 12:14 AM.

Details

Reviewers
aaron.ballman
Eugene.Zelenko
alexfh
Commits
rG4bcbb3d4d7a8: [clang-tidy] Add check 'cert-err33-c'.
Summary

The CERT rule ERR33-C can be modeled partially by the existing check
'bugprone-unused-return-value'. The existing check is reused with
a fixed set of checked functions.

Diff Detail

Event Timeline

balazske created this revision.Oct 25 2021, 12:14 AM
Herald added subscribers: carlosgalvezp, steakhal, martong and 5 others. · View Herald TranscriptOct 25 2021, 12:14 AM
balazske requested review of this revision.Oct 25 2021, 12:14 AM
Herald added a project: Restricted Project. · View Herald TranscriptOct 25 2021, 12:14 AM
Herald added a subscriber: cfe-commits. · View Herald Transcript
Harbormaster completed remote builds in B130372: Diff 381861.Oct 25 2021, 1:00 AM
martong added a comment.Oct 25 2021, 8:53 AM

Thanks, this looks good to me! However, please wait for clang-tidy owners' approval.

martong added a reviewer: aaron.ballman.Oct 25 2021, 8:58 AM
balazske added a reviewer: Eugene.Zelenko.Oct 25 2021, 9:19 AM

This check is likely to generate many warnings on a "random" open-source project because many of these functions are usually not checked. But the rule contains this list and if a project wants to conform this check can be useful.

Eugene.Zelenko added inline comments.Oct 25 2021, 9:26 AM
clang-tools-extra/docs/clang-tidy/checks/cert-err33-c.rst
8

Usually such statement is located at the end.

14

Please enclose NULL into double back-ticks.

aaron.ballman added inline comments.Oct 25 2021, 9:35 AM
clang-tools-extra/clang-tidy/cert/CERTTidyModule.cpp
45–50

Pretty sure this comment can be re-flowed to 80 columns. Also needs trailing punctuation.

52

Was this list generated automatically or manually? (Just wondering how hard to match it to the CERT rule -- spot checking hasn't found issues so far.)

clang-tools-extra/docs/clang-tidy/checks/bugprone-unused-return-value.rst
51

Can you add a newline back?

carlosgalvezp added a comment.EditedOct 25 2021, 10:30 AM

Also:

  • Please add a unit test. You can probably re-use the corresponding bugprone test and tell it to add the cert-err33-c check as well. If they are too different I suppose it's fine to create it's own standalone test?
  • Mention this new check in the clang-tidy release notes.
clang-tools-extra/clang-tidy/cert/CERTTidyModule.cpp
303–304

Keep alphabetical order (err33 before err34)

327

Same here

clang-tools-extra/docs/clang-tidy/checks/bugprone-unused-return-value.rst
49

an alias

50

Add link?

clang-tools-extra/docs/clang-tidy/checks/cert-err33-c.rst
2

I believe we usually mention that this is an alias to another check, and then redirect the user to that original check.

clang-tools-extra/docs/clang-tidy/checks/list.rst
117

Missing referring to the alias check.

balazske updated this revision to Diff 382312.Oct 26 2021, 7:37 AM

Improved the documentation.
Small code layout changes.

balazske marked 8 inline comments as done.Oct 26 2021, 7:44 AM

I was not sure how the aliasing is to be handled if the check is not exactly the same as the original. (This was a topic on the mailing list.) I like it more if only those checks are aliases that are exactly the same. But for now it will remain as it was before, otherwise this has to be changed for all aliases.

clang-tools-extra/clang-tidy/cert/CERTTidyModule.cpp
52

I am not sure, I have the list for longer time, but it is almost sure that it was generated by using text editor macros. The number of functions is correct (with the excluded ones).

327

This is correct: 'str34' before 'err33'.

balazske added inline comments.Oct 26 2021, 7:46 AM
clang-tools-extra/docs/clang-tidy/checks/cert-err33-c.rst
2

Automatic redirect does not work here because there is something to read in the page. This check has its own description.

balazske updated this revision to Diff 382323.Oct 26 2021, 7:59 AM

Added to release notes, added new links to documentation.

carlosgalvezp added inline comments.Oct 26 2021, 8:00 AM
clang-tools-extra/clang-tidy/cert/CERTTidyModule.cpp
327

No, e goes before s. The existing checks are ordered: dcl, oop, str. So this check should go after dcl16.

carlosgalvezp added a comment.Oct 26 2021, 8:01 AM

I was not sure how the aliasing is to be handled if the check is not exactly the same as the original.

I agree that the alias situation is a bit of a mess. I'll leave it to people with stronger opinion/experience.

balazske added inline comments.Oct 26 2021, 8:13 AM
clang-tools-extra/docs/clang-tidy/checks/bugprone-unused-return-value.rst
31

Change this to a list?

Harbormaster completed remote builds in B130701: Diff 382323.Oct 26 2021, 8:25 AM
aaron.ballman added a reviewer: alexfh.Oct 26 2021, 8:44 AM
In D112409#3087517, @carlosgalvezp wrote:

I was not sure how the aliasing is to be handled if the check is not exactly the same as the original.

I agree that the alias situation is a bit of a mess. I'll leave it to people with stronger opinion/experience.

Aliases are not expected to be exact copies; more often they differ from the base check via config options. Typically, we let the alias redirect to the original and we mention those differences in the documentation for the original. However, in this case, the documentation difference is a huge list of function names. I don't think it's a good idea to duplicate these two lists in one page because that's a huge wall of text that won't be easy to spot the differences in, and I don't think users are going to read those lists in the first place (more often, I think they'll search the list rather than read it).

clang-tools-extra/clang-tidy/cert/CERTTidyModule.cpp
52

Thanks! I did more spot checking, didn't see anything wrong.

clang-tools-extra/docs/clang-tidy/checks/bugprone-unused-return-value.rst
31

I'm on the fence. I think a list is easier to read, but I don't think anyone reads this amount of text to begin with and making it a list then pushes information the user may want to read to much later in the page.

whisperity added inline comments.Oct 27 2021, 2:53 AM
clang-tools-extra/clang-tidy/cert/CERTTidyModule.cpp
45–50

Shouldn't we reuse utils::options::serializeStringList here instead of hardcoding the separator character into a giant literal? I know executing that operation has an associated run-time cost, and as it is not constexpr it needs to be done somewhere else, and std::string could throw so we can't do it at "static initialisation" time... But having those extra chars there just seems way too fragile at a later modification. We've had cases where people missed separating ,s even -- and those are syntactically highlighted differently due to being outside the string literal.

Suggestion:

  • An array of StringRefs or even llvm::StringLiterals containing the individual function names. Array separated with ,, the separator outside the literal. Aligned to column and probably one per line.
  • When using this variable later (🌟), instead of passing the stringref, pass the result of serializeStringList.
327

(🌟)

clang-tools-extra/docs/clang-tidy/checks/cert-err33-c.rst
12

mblen, mbrlen, etc. are with backticks later. But this list isn't. Was this intended?

steakhal added a comment.Oct 28 2021, 1:34 AM

It looks good to me. But I'm leaving the approval up to the tidy folks.
BTW shouldn't we use backticks in the giant list?

clang-tools-extra/clang-tidy/cert/CERTTidyModule.cpp
45–50

I think it looks good enough. We will certainly recognize if we change this behavior and it would be easy to port these anyway. So I'm not too concerned about this.

327

+1 for fixing the order

balazske updated this revision to Diff 383047.Oct 28 2021, 8:40 AM

Updated order of code lines, added a test file.

balazske marked 2 inline comments as done.Oct 28 2021, 8:47 AM

Not sure if it is good to have such a test, the first and last function is enough?

clang-tools-extra/clang-tidy/cert/CERTTidyModule.cpp
45–50

It is not simple to change to array, the serializeStringList must be changed too because it accepts only array of std::string. Other small things must be added too to make this change work.

327

Should be correct now, and another ordering problem was fixed.

clang-tools-extra/docs/clang-tidy/checks/cert-err33-c.rst
12

This is a "other" type of list, the function names are not inside other text.

balazske updated this revision to Diff 383050.Oct 28 2021, 8:49 AM
balazske marked an inline comment as done.

Removed remaining non-alias check line from list.rst.

Harbormaster completed remote builds in B131214: Diff 383050.Oct 28 2021, 9:08 AM
aaron.ballman added a comment.Oct 28 2021, 12:42 PM
In D112409#3093815, @balazske wrote:

Not sure if it is good to have such a test, the first and last function is enough?

Yeah, that's testing an awful lot. We don't usually aim for exhaustive tests with these configurable lists, so long as one or two entries are covered, we usually assume the rest will also be fine. Might be worth cutting the test down a bit.

balazske updated this revision to Diff 383245.Oct 29 2021, 12:16 AM

Using a much smaller test file.

Harbormaster completed remote builds in B131352: Diff 383245.Oct 29 2021, 12:44 AM
aaron.ballman accepted this revision.Oct 29 2021, 4:15 AM

LGTM!

This revision is now accepted and ready to land.Oct 29 2021, 4:15 AM
Closed by commit rG4bcbb3d4d7a8: [clang-tidy] Add check 'cert-err33-c'. (authored by balazske). · Explain WhyNov 2 2021, 3:26 AM
This revision was automatically updated to reflect the committed changes.
balazske added a commit: rG4bcbb3d4d7a8: [clang-tidy] Add check 'cert-err33-c'..

Revision Contents

PathSize
clang-tools-extra/
clang-tidy/
cert/
195 lines
docs/
5 lines
clang-tidy/
checks/
3 lines
199 lines
1 line
test/
clang-tidy/
checkers/
25 lines

Diff 384026

clang-tools-extra/clang-tidy/cert/CERTTidyModule.cpp

Show All 10 Lines
#include "../ClangTidyModuleRegistry.h" #include "../ClangTidyModuleRegistry.h"
#include "../bugprone/BadSignalToKillThreadCheck.h" #include "../bugprone/BadSignalToKillThreadCheck.h"
#include "../bugprone/ReservedIdentifierCheck.h" #include "../bugprone/ReservedIdentifierCheck.h"
#include "../bugprone/SignalHandlerCheck.h" #include "../bugprone/SignalHandlerCheck.h"
#include "../bugprone/SignedCharMisuseCheck.h" #include "../bugprone/SignedCharMisuseCheck.h"
#include "../bugprone/SpuriouslyWakeUpFunctionsCheck.h" #include "../bugprone/SpuriouslyWakeUpFunctionsCheck.h"
#include "../bugprone/SuspiciousMemoryComparisonCheck.h" #include "../bugprone/SuspiciousMemoryComparisonCheck.h"
#include "../bugprone/UnhandledSelfAssignmentCheck.h" #include "../bugprone/UnhandledSelfAssignmentCheck.h"
#include "../bugprone/UnusedReturnValueCheck.h"
#include "../concurrency/ThreadCanceltypeAsynchronousCheck.h" #include "../concurrency/ThreadCanceltypeAsynchronousCheck.h"
#include "../google/UnnamedNamespaceInHeaderCheck.h" #include "../google/UnnamedNamespaceInHeaderCheck.h"
#include "../misc/NewDeleteOverloadsCheck.h" #include "../misc/NewDeleteOverloadsCheck.h"
#include "../misc/NonCopyableObjects.h" #include "../misc/NonCopyableObjects.h"
#include "../misc/StaticAssertCheck.h" #include "../misc/StaticAssertCheck.h"
#include "../misc/ThrowByValueCatchByReferenceCheck.h" #include "../misc/ThrowByValueCatchByReferenceCheck.h"
#include "../performance/MoveConstructorInitCheck.h" #include "../performance/MoveConstructorInitCheck.h"
#include "../readability/UppercaseLiteralSuffixCheck.h" #include "../readability/UppercaseLiteralSuffixCheck.h"
#include "CommandProcessorCheck.h" #include "CommandProcessorCheck.h"
#include "DefaultOperatorNewAlignmentCheck.h" #include "DefaultOperatorNewAlignmentCheck.h"
#include "DontModifyStdNamespaceCheck.h" #include "DontModifyStdNamespaceCheck.h"
#include "FloatLoopCounter.h" #include "FloatLoopCounter.h"
#include "LimitedRandomnessCheck.h" #include "LimitedRandomnessCheck.h"
#include "MutatingCopyCheck.h" #include "MutatingCopyCheck.h"
#include "NonTrivialTypesLibcMemoryCallsCheck.h" #include "NonTrivialTypesLibcMemoryCallsCheck.h"
#include "PostfixOperatorCheck.h" #include "PostfixOperatorCheck.h"
#include "ProperlySeededRandomGeneratorCheck.h" #include "ProperlySeededRandomGeneratorCheck.h"
#include "SetLongJmpCheck.h" #include "SetLongJmpCheck.h"
#include "StaticObjectExceptionCheck.h" #include "StaticObjectExceptionCheck.h"
#include "StrToNumCheck.h" #include "StrToNumCheck.h"
#include "ThrownExceptionTypeCheck.h" #include "ThrownExceptionTypeCheck.h"
#include "VariadicFunctionDefCheck.h" #include "VariadicFunctionDefCheck.h"
namespace {
// Checked functions for cert-err33-c.
// The following functions are deliberately excluded because they can be called
// with NULL argument and in this case the check is not applicable:
// `mblen, mbrlen, mbrtowc, mbtowc, wctomb, wctomb_s`.
// FIXME: The check can be improved to handle such cases.
const llvm::StringRef CertErr33CCheckedFunctions = "::aligned_alloc;"
aaron.ballmanUnsubmitted
Done
ReplyInline Actions

Pretty sure this comment can be re-flowed to 80 columns. Also needs trailing punctuation.

aaron.ballman: Pretty sure this comment can be re-flowed to 80 columns. Also needs trailing punctuation.
whisperityUnsubmitted
Not Done
ReplyInline Actions

Shouldn't we reuse utils::options::serializeStringList here instead of hardcoding the separator character into a giant literal? I know executing that operation has an associated run-time cost, and as it is not constexpr it needs to be done somewhere else, and std::string could throw so we can't do it at "static initialisation" time... But having those extra chars there just seems way too fragile at a later modification. We've had cases where people missed separating ,s even -- and those are syntactically highlighted differently due to being outside the string literal.

Suggestion:

  • An array of StringRefs or even llvm::StringLiterals containing the individual function names. Array separated with ,, the separator outside the literal. Aligned to column and probably one per line.
  • When using this variable later (🌟), instead of passing the stringref, pass the result of serializeStringList.
whisperity: Shouldn't we reuse `utils::options::serializeStringList` here instead of hardcoding the…
steakhalUnsubmitted
Not Done
ReplyInline Actions

I think it looks good enough. We will certainly recognize if we change this behavior and it would be easy to port these anyway. So I'm not too concerned about this.

steakhal: I think it looks good enough. We will certainly recognize if we change this behavior and it…
balazskeAuthorUnsubmitted
Done
ReplyInline Actions

It is not simple to change to array, the serializeStringList must be changed too because it accepts only array of std::string. Other small things must be added too to make this change work.

balazske: It is not simple to change to array, the `serializeStringList` must be changed too because it…
"::asctime_s;"
"::at_quick_exit;"
aaron.ballmanUnsubmitted
Not Done
ReplyInline Actions

Was this list generated automatically or manually? (Just wondering how hard to match it to the CERT rule -- spot checking hasn't found issues so far.)

aaron.ballman: Was this list generated automatically or manually? (Just wondering how hard to match it to the…
balazskeAuthorUnsubmitted
Done
ReplyInline Actions

I am not sure, I have the list for longer time, but it is almost sure that it was generated by using text editor macros. The number of functions is correct (with the excluded ones).

balazske: I am not sure, I have the list for longer time, but it is almost sure that it was generated by…
aaron.ballmanUnsubmitted
Not Done
ReplyInline Actions

Thanks! I did more spot checking, didn't see anything wrong.

aaron.ballman: Thanks! I did more spot checking, didn't see anything wrong.
"::atexit;"
"::bsearch;"
"::bsearch_s;"
"::btowc;"
"::c16rtomb;"
"::c32rtomb;"
"::calloc;"
"::clock;"
"::cnd_broadcast;"
"::cnd_init;"
"::cnd_signal;"
"::cnd_timedwait;"
"::cnd_wait;"
"::ctime_s;"
"::fclose;"
"::fflush;"
"::fgetc;"
"::fgetpos;"
"::fgets;"
"::fgetwc;"
"::fopen;"
"::fopen_s;"
"::fprintf;"
"::fprintf_s;"
"::fputc;"
"::fputs;"
"::fputwc;"
"::fputws;"
"::fread;"
"::freopen;"
"::freopen_s;"
"::fscanf;"
"::fscanf_s;"
"::fseek;"
"::fsetpos;"
"::ftell;"
"::fwprintf;"
"::fwprintf_s;"
"::fwrite;"
"::fwscanf;"
"::fwscanf_s;"
"::getc;"
"::getchar;"
"::getenv;"
"::getenv_s;"
"::gets_s;"
"::getwc;"
"::getwchar;"
"::gmtime;"
"::gmtime_s;"
"::localtime;"
"::localtime_s;"
"::malloc;"
"::mbrtoc16;"
"::mbrtoc32;"
"::mbsrtowcs;"
"::mbsrtowcs_s;"
"::mbstowcs;"
"::mbstowcs_s;"
"::memchr;"
"::mktime;"
"::mtx_init;"
"::mtx_lock;"
"::mtx_timedlock;"
"::mtx_trylock;"
"::mtx_unlock;"
"::printf_s;"
"::putc;"
"::putwc;"
"::raise;"
"::realloc;"
"::remove;"
"::rename;"
"::scanf;"
"::scanf_s;"
"::setlocale;"
"::setvbuf;"
"::signal;"
"::snprintf;"
"::snprintf_s;"
"::sprintf;"
"::sprintf_s;"
"::sscanf;"
"::sscanf_s;"
"::strchr;"
"::strerror_s;"
"::strftime;"
"::strpbrk;"
"::strrchr;"
"::strstr;"
"::strtod;"
"::strtof;"
"::strtoimax;"
"::strtok;"
"::strtok_s;"
"::strtol;"
"::strtold;"
"::strtoll;"
"::strtoul;"
"::strtoull;"
"::strtoumax;"
"::strxfrm;"
"::swprintf;"
"::swprintf_s;"
"::swscanf;"
"::swscanf_s;"
"::thrd_create;"
"::thrd_detach;"
"::thrd_join;"
"::thrd_sleep;"
"::time;"
"::timespec_get;"
"::tmpfile;"
"::tmpfile_s;"
"::tmpnam;"
"::tmpnam_s;"
"::tss_create;"
"::tss_get;"
"::tss_set;"
"::ungetc;"
"::ungetwc;"
"::vfprintf;"
"::vfprintf_s;"
"::vfscanf;"
"::vfscanf_s;"
"::vfwprintf;"
"::vfwprintf_s;"
"::vfwscanf;"
"::vfwscanf_s;"
"::vprintf_s;"
"::vscanf;"
"::vscanf_s;"
"::vsnprintf;"
"::vsnprintf_s;"
"::vsprintf;"
"::vsprintf_s;"
"::vsscanf;"
"::vsscanf_s;"
"::vswprintf;"
"::vswprintf_s;"
"::vswscanf;"
"::vswscanf_s;"
"::vwprintf_s;"
"::vwscanf;"
"::vwscanf_s;"
"::wcrtomb;"
"::wcschr;"
"::wcsftime;"
"::wcspbrk;"
"::wcsrchr;"
"::wcsrtombs;"
"::wcsrtombs_s;"
"::wcsstr;"
"::wcstod;"
"::wcstof;"
"::wcstoimax;"
"::wcstok;"
"::wcstok_s;"
"::wcstol;"
"::wcstold;"
"::wcstoll;"
"::wcstombs;"
"::wcstombs_s;"
"::wcstoul;"
"::wcstoull;"
"::wcstoumax;"
"::wcsxfrm;"
"::wctob;"
"::wctrans;"
"::wctype;"
"::wmemchr;"
"::wprintf_s;"
"::wscanf;"
"::wscanf_s;";
} // namespace
namespace clang { namespace clang {
namespace tidy { namespace tidy {
namespace cert { namespace cert {
class CERTModule : public ClangTidyModule { class CERTModule : public ClangTidyModule {
public: public:
void addCheckFactories(ClangTidyCheckFactories &CheckFactories) override { void addCheckFactories(ClangTidyCheckFactories &CheckFactories) override {
// C++ checkers // C++ checkers
▲ Show 20 LinesShow All 44 Lines▼ Show 20 Lines void addCheckFactories(ClangTidyCheckFactories &CheckFactories) override {
// DCL // DCL
CheckFactories.registerCheck<misc::StaticAssertCheck>("cert-dcl03-c"); CheckFactories.registerCheck<misc::StaticAssertCheck>("cert-dcl03-c");
CheckFactories.registerCheck<readability::UppercaseLiteralSuffixCheck>( CheckFactories.registerCheck<readability::UppercaseLiteralSuffixCheck>(
"cert-dcl16-c"); "cert-dcl16-c");
CheckFactories.registerCheck<bugprone::ReservedIdentifierCheck>( CheckFactories.registerCheck<bugprone::ReservedIdentifierCheck>(
"cert-dcl37-c"); "cert-dcl37-c");
// ENV // ENV
CheckFactories.registerCheck<CommandProcessorCheck>("cert-env33-c"); CheckFactories.registerCheck<CommandProcessorCheck>("cert-env33-c");
// ERR
CheckFactories.registerCheck<bugprone::UnusedReturnValueCheck>(
"cert-err33-c");
CheckFactories.registerCheck<StrToNumCheck>("cert-err34-c");
// EXP // EXP
CheckFactories.registerCheck<bugprone::SuspiciousMemoryComparisonCheck>( CheckFactories.registerCheck<bugprone::SuspiciousMemoryComparisonCheck>(
"cert-exp42-c"); "cert-exp42-c");
// FLP // FLP
CheckFactories.registerCheck<FloatLoopCounter>("cert-flp30-c"); CheckFactories.registerCheck<FloatLoopCounter>("cert-flp30-c");
CheckFactories.registerCheck<bugprone::SuspiciousMemoryComparisonCheck>( CheckFactories.registerCheck<bugprone::SuspiciousMemoryComparisonCheck>(
"cert-flp37-c"); "cert-flp37-c");
// FIO // FIO
CheckFactories.registerCheck<misc::NonCopyableObjectsCheck>("cert-fio38-c"); CheckFactories.registerCheck<misc::NonCopyableObjectsCheck>("cert-fio38-c");
// ERR
CheckFactories.registerCheck<StrToNumCheck>("cert-err34-c");
// MSC // MSC
CheckFactories.registerCheck<LimitedRandomnessCheck>("cert-msc30-c"); CheckFactories.registerCheck<LimitedRandomnessCheck>("cert-msc30-c");
carlosgalvezpUnsubmitted
Done
ReplyInline Actions

Keep alphabetical order (err33 before err34)

carlosgalvezp: Keep alphabetical order (err33 before err34)
CheckFactories.registerCheck<ProperlySeededRandomGeneratorCheck>( CheckFactories.registerCheck<ProperlySeededRandomGeneratorCheck>(
"cert-msc32-c"); "cert-msc32-c");
// POS // POS
CheckFactories.registerCheck<bugprone::BadSignalToKillThreadCheck>( CheckFactories.registerCheck<bugprone::BadSignalToKillThreadCheck>(
"cert-pos44-c"); "cert-pos44-c");
CheckFactories CheckFactories
.registerCheck<concurrency::ThreadCanceltypeAsynchronousCheck>( .registerCheck<concurrency::ThreadCanceltypeAsynchronousCheck>(
"cert-pos47-c"); "cert-pos47-c");
// SIG // SIG
CheckFactories.registerCheck<bugprone::SignalHandlerCheck>("cert-sig30-c"); CheckFactories.registerCheck<bugprone::SignalHandlerCheck>("cert-sig30-c");
// STR // STR
CheckFactories.registerCheck<bugprone::SignedCharMisuseCheck>( CheckFactories.registerCheck<bugprone::SignedCharMisuseCheck>(
"cert-str34-c"); "cert-str34-c");
} }
ClangTidyOptions getModuleOptions() override { ClangTidyOptions getModuleOptions() override {
ClangTidyOptions Options; ClangTidyOptions Options;
ClangTidyOptions::OptionMap &Opts = Options.CheckOptions; ClangTidyOptions::OptionMap &Opts = Options.CheckOptions;
Opts["cert-dcl16-c.NewSuffixes"] = "L;LL;LU;LLU"; Opts["cert-dcl16-c.NewSuffixes"] = "L;LL;LU;LLU";
Opts["cert-err33-c.CheckedFunctions"] = CertErr33CCheckedFunctions;
Opts["cert-oop54-cpp.WarnOnlyIfThisHasSuspiciousField"] = "false"; Opts["cert-oop54-cpp.WarnOnlyIfThisHasSuspiciousField"] = "false";
Opts["cert-str34-c.DiagnoseSignedUnsignedCharComparisons"] = "false"; Opts["cert-str34-c.DiagnoseSignedUnsignedCharComparisons"] = "false";
return Options; return Options;
carlosgalvezpUnsubmitted
Not Done
ReplyInline Actions

Same here

carlosgalvezp: Same here
balazskeAuthorUnsubmitted
Done
ReplyInline Actions

This is correct: 'str34' before 'err33'.

balazske: This is correct: 'str34' before 'err33'.
carlosgalvezpUnsubmitted
Done
ReplyInline Actions

No, e goes before s. The existing checks are ordered: dcl, oop, str. So this check should go after dcl16.

carlosgalvezp: No, `e` goes before `s`. The existing checks are ordered: `dcl`, `oop`, `str`. So this check…
steakhalUnsubmitted
Done
ReplyInline Actions

+1 for fixing the order

steakhal: +1 for fixing the order
balazskeAuthorUnsubmitted
Done
ReplyInline Actions

Should be correct now, and another ordering problem was fixed.

balazske: Should be correct now, and another ordering problem was fixed.
whisperityUnsubmitted
Not Done
ReplyInline Actions

(🌟)

whisperity: (🌟)
} }
}; };
} // namespace cert } // namespace cert
// Register the MiscTidyModule using this statically initialized variable. // Register the MiscTidyModule using this statically initialized variable.
static ClangTidyModuleRegistry::Add<cert::CERTModule> static ClangTidyModuleRegistry::Add<cert::CERTModule>
X("cert-module", X("cert-module",
"Adds lint checks corresponding to CERT secure coding guidelines."); "Adds lint checks corresponding to CERT secure coding guidelines.");
// This anchor is used to force the linker to link in the generated object file // This anchor is used to force the linker to link in the generated object file
// and thus register the CERTModule. // and thus register the CERTModule.
volatile int CERTModuleAnchorSource = 0; volatile int CERTModuleAnchorSource = 0;
} // namespace tidy } // namespace tidy
} // namespace clang } // namespace clang

clang-tools-extra/docs/ReleaseNotes.rst

Show First 20 LinesShow All 97 Lines▼ Show 20 Lines
- New :doc:`readability-data-pointer <clang-tidy/checks/readability-data-pointer>` check. - New :doc:`readability-data-pointer <clang-tidy/checks/readability-data-pointer>` check.
Finds cases where code could use ``data()`` rather than the address of the Finds cases where code could use ``data()`` rather than the address of the
element at index 0 in a container. element at index 0 in a container.
New check aliases New check aliases
^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^
- New alias :doc:`cert-err33-c
<clang-tidy/checks/cert-err33-c>` to
:doc:`bugprone-unused-return-value
<clang-tidy/checks/bugprone-unused-return-value>` was added.
- New alias :doc:`cert-exp42-c - New alias :doc:`cert-exp42-c
<clang-tidy/checks/cert-exp42-c>` to <clang-tidy/checks/cert-exp42-c>` to
:doc:`bugprone-suspicious-memory-comparison :doc:`bugprone-suspicious-memory-comparison
<clang-tidy/checks/bugprone-suspicious-memory-comparison>` was added. <clang-tidy/checks/bugprone-suspicious-memory-comparison>` was added.
- New alias :doc:`cert-flp37-c - New alias :doc:`cert-flp37-c
<clang-tidy/checks/cert-flp37-c>` to <clang-tidy/checks/cert-flp37-c>` to
:doc:`bugprone-suspicious-memory-comparison :doc:`bugprone-suspicious-memory-comparison
Show All 34 Lines

clang-tools-extra/docs/clang-tidy/checks/bugprone-unused-return-value.rst

Show All 22 Lines.. option:: CheckedFunctions
bsearch, ferror, feof, isalnum, isalpha, isblank, iscntrl, isdigit, isgraph, bsearch, ferror, feof, isalnum, isalpha, isblank, iscntrl, isdigit, isgraph,
islower, isprint, ispunct, isspace, isupper, iswalnum, iswprint, iswspace, islower, isprint, ispunct, isspace, isupper, iswalnum, iswprint, iswspace,
isxdigit, memchr, memcmp, strcmp, strcoll, strncmp, strpbrk, strrchr, isxdigit, memchr, memcmp, strcmp, strcoll, strncmp, strpbrk, strrchr,
strspn, strstr, wcscmp, access, bind, connect, difftime, dlsym, fnmatch, strspn, strstr, wcscmp, access, bind, connect, difftime, dlsym, fnmatch,
getaddrinfo, getopt, htonl, htons, iconv_open, inet_addr, isascii, isatty, getaddrinfo, getopt, htonl, htons, iconv_open, inet_addr, isascii, isatty,
mmap, newlocale, openat, pathconf, pthread_equal, pthread_getspecific, mmap, newlocale, openat, pathconf, pthread_equal, pthread_getspecific,
pthread_mutex_trylock, readdir, readlink, recvmsg, regexec, scandir, pthread_mutex_trylock, readdir, readlink, recvmsg, regexec, scandir,
semget, setjmp, shm_open, shmget, sigismember, strcasecmp, strsignal, semget, setjmp, shm_open, shmget, sigismember, strcasecmp, strsignal,
ttyname`` ttyname``
balazskeAuthorUnsubmitted
Done
ReplyInline Actions

Change this to a list?

balazske: Change this to a list?
aaron.ballmanUnsubmitted
Not Done
ReplyInline Actions

I'm on the fence. I think a list is easier to read, but I don't think anyone reads this amount of text to begin with and making it a list then pushes information the user may want to read to much later in the page.

aaron.ballman: I'm on the fence. I think a list is easier to read, but I don't think anyone reads this amount…
- ``std::async()``. Not using the return value makes the call synchronous. - ``std::async()``. Not using the return value makes the call synchronous.
- ``std::launder()``. Not using the return value usually means that the - ``std::launder()``. Not using the return value usually means that the
function interface was misunderstood by the programmer. Only the returned function interface was misunderstood by the programmer. Only the returned
pointer is "laundered", not the argument. pointer is "laundered", not the argument.
- ``std::remove()``, ``std::remove_if()`` and ``std::unique()``. The returned - ``std::remove()``, ``std::remove_if()`` and ``std::unique()``. The returned
iterator indicates the boundary between elements to keep and elements to be iterator indicates the boundary between elements to keep and elements to be
removed. Not using the return value means that the information about which removed. Not using the return value means that the information about which
elements to remove is lost. elements to remove is lost.
- ``std::unique_ptr::release()``. Not using the return value can lead to - ``std::unique_ptr::release()``. Not using the return value can lead to
resource leaks if the same pointer isn't stored anywhere else. Often, resource leaks if the same pointer isn't stored anywhere else. Often,
ignoring the ``release()`` return value indicates that the programmer ignoring the ``release()`` return value indicates that the programmer
confused the function with ``reset()``. confused the function with ``reset()``.
- ``std::basic_string::empty()`` and ``std::vector::empty()``. Not using the - ``std::basic_string::empty()`` and ``std::vector::empty()``. Not using the
return value often indicates that the programmer confused the function with return value often indicates that the programmer confused the function with
``clear()``. ``clear()``.
`cert-err33-c <cert-err33-c.html>`_ is an alias of this check that checks a
carlosgalvezpUnsubmitted
Done
ReplyInline Actions

an alias

carlosgalvezp: an alias
fixed and large set of standard library functions.
aaron.ballmanUnsubmitted
Done
ReplyInline Actions

Can you add a newline back?

aaron.ballman: Can you add a newline back?
carlosgalvezpUnsubmitted
Done
ReplyInline Actions

Add link?

carlosgalvezp: Add link?

clang-tools-extra/docs/clang-tidy/checks/cert-err33-c.rst

  • This file was added.
.. title:: clang-tidy - cert-err33-c
carlosgalvezpUnsubmitted
Not Done
ReplyInline Actions

I believe we usually mention that this is an alias to another check, and then redirect the user to that original check.

carlosgalvezp: I believe we usually mention that this is an alias to another check, and then redirect the user…
balazskeAuthorUnsubmitted
Done
ReplyInline Actions

Automatic redirect does not work here because there is something to read in the page. This check has its own description.

balazske: Automatic redirect does not work here because there is something to read in the page. This…
cert-err33-c
============
Warns on unused function return values. Many of the standard library functions
return a value that indicates if the call was successful. Ignoring the returned
value can cause unexpected behavior if an error has occured. The following
Eugene.ZelenkoUnsubmitted
Done
ReplyInline Actions

Usually such statement is located at the end.

Eugene.Zelenko: Usually such statement is located at the end.
functions are checked:
* aligned_alloc()
* asctime_s()
whisperityUnsubmitted
Not Done
ReplyInline Actions

mblen, mbrlen, etc. are with backticks later. But this list isn't. Was this intended?

whisperity: `mblen`, `mbrlen`, etc. are with backticks later. But this list isn't. Was this intended?
balazskeAuthorUnsubmitted
Done
ReplyInline Actions

This is a "other" type of list, the function names are not inside other text.

balazske: This is a "other" type of list, the function names are not inside other text.
* at_quick_exit()
* atexit()
Eugene.ZelenkoUnsubmitted
Done
ReplyInline Actions

Please enclose NULL into double back-ticks.

Eugene.Zelenko: Please enclose `NULL` into double back-ticks.
* bsearch()
* bsearch_s()
* btowc()
* c16rtomb()
* c32rtomb()
* calloc()
* clock()
* cnd_broadcast()
* cnd_init()
* cnd_signal()
* cnd_timedwait()
* cnd_wait()
* ctime_s()
* fclose()
* fflush()
* fgetc()
* fgetpos()
* fgets()
* fgetwc()
* fopen()
* fopen_s()
* fprintf()
* fprintf_s()
* fputc()
* fputs()
* fputwc()
* fputws()
* fread()
* freopen()
* freopen_s()
* fscanf()
* fscanf_s()
* fseek()
* fsetpos()
* ftell()
* fwprintf()
* fwprintf_s()
* fwrite()
* fwscanf()
* fwscanf_s()
* getc()
* getchar()
* getenv()
* getenv_s()
* gets_s()
* getwc()
* getwchar()
* gmtime()
* gmtime_s()
* localtime()
* localtime_s()
* malloc()
* mbrtoc16()
* mbrtoc32()
* mbsrtowcs()
* mbsrtowcs_s()
* mbstowcs()
* mbstowcs_s()
* memchr()
* mktime()
* mtx_init()
* mtx_lock()
* mtx_timedlock()
* mtx_trylock()
* mtx_unlock()
* printf_s()
* putc()
* putwc()
* raise()
* realloc()
* remove()
* rename()
* setlocale()
* setvbuf()
* scanf()
* scanf_s()
* signal()
* snprintf()
* snprintf_s()
* sprintf()
* sprintf_s()
* sscanf()
* sscanf_s()
* strchr()
* strerror_s()
* strftime()
* strpbrk()
* strrchr()
* strstr()
* strtod()
* strtof()
* strtoimax()
* strtok()
* strtok_s()
* strtol()
* strtold()
* strtoll()
* strtoumax()
* strtoul()
* strtoull()
* strxfrm()
* swprintf()
* swprintf_s()
* swscanf()
* swscanf_s()
* thrd_create()
* thrd_detach()
* thrd_join()
* thrd_sleep()
* time()
* timespec_get()
* tmpfile()
* tmpfile_s()
* tmpnam()
* tmpnam_s()
* tss_create()
* tss_get()
* tss_set()
* ungetc()
* ungetwc()
* vfprintf()
* vfprintf_s()
* vfscanf()
* vfscanf_s()
* vfwprintf()
* vfwprintf_s()
* vfwscanf()
* vfwscanf_s()
* vprintf_s()
* vscanf()
* vscanf_s()
* vsnprintf()
* vsnprintf_s()
* vsprintf()
* vsprintf_s()
* vsscanf()
* vsscanf_s()
* vswprintf()
* vswprintf_s()
* vswscanf()
* vswscanf_s()
* vwprintf_s()
* vwscanf()
* vwscanf_s()
* wcrtomb()
* wcschr()
* wcsftime()
* wcspbrk()
* wcsrchr()
* wcsrtombs()
* wcsrtombs_s()
* wcsstr()
* wcstod()
* wcstof()
* wcstoimax()
* wcstok()
* wcstok_s()
* wcstol()
* wcstold()
* wcstoll()
* wcstombs()
* wcstombs_s()
* wcstoumax()
* wcstoul()
* wcstoull()
* wcsxfrm()
* wctob()
* wctrans()
* wctype()
* wmemchr()
* wprintf_s()
* wscanf()
* wscanf_s()
This check is an alias of check `bugprone-unused-return-value <bugprone-unused-return-value.html>`_
with a fixed set of functions.
The check corresponds to a part of CERT C Coding Standard rule `ERR33-C.
Detect and handle standard library errors
<https://wiki.sei.cmu.edu/confluence/display/c/ERR33-C.+Detect+and+handle+standard+library+errors>`_.
The list of checked functions is taken from the rule, with following exception:
* The check can not differentiate if a function is called with ``NULL``
argument. Therefore the following functions are not checked:
``mblen``, ``mbrlen``, ``mbrtowc``, ``mbtowc``, ``wctomb``, ``wctomb_s``

clang-tools-extra/docs/clang-tidy/checks/list.rst

Show First 20 LinesShow All 108 Lines▼ Show 20 Lines.. csv-table::
`bugprone-unused-raii <bugprone-unused-raii.html>`_, "Yes" `bugprone-unused-raii <bugprone-unused-raii.html>`_, "Yes"
`bugprone-unused-return-value <bugprone-unused-return-value.html>`_, `bugprone-unused-return-value <bugprone-unused-return-value.html>`_,
`bugprone-use-after-move <bugprone-use-after-move.html>`_, `bugprone-use-after-move <bugprone-use-after-move.html>`_,
`bugprone-virtual-near-miss <bugprone-virtual-near-miss.html>`_, "Yes" `bugprone-virtual-near-miss <bugprone-virtual-near-miss.html>`_, "Yes"
`cert-dcl21-cpp <cert-dcl21-cpp.html>`_, `cert-dcl21-cpp <cert-dcl21-cpp.html>`_,
`cert-dcl50-cpp <cert-dcl50-cpp.html>`_, `cert-dcl50-cpp <cert-dcl50-cpp.html>`_,
`cert-dcl58-cpp <cert-dcl58-cpp.html>`_, `cert-dcl58-cpp <cert-dcl58-cpp.html>`_,
`cert-env33-c <cert-env33-c.html>`_, `cert-env33-c <cert-env33-c.html>`_,
`cert-err34-c <cert-err34-c.html>`_, `cert-err34-c <cert-err34-c.html>`_,
carlosgalvezpUnsubmitted
Done
ReplyInline Actions

Missing referring to the alias check.

carlosgalvezp: Missing referring to the alias check.
`cert-err52-cpp <cert-err52-cpp.html>`_, `cert-err52-cpp <cert-err52-cpp.html>`_,
`cert-err58-cpp <cert-err58-cpp.html>`_, `cert-err58-cpp <cert-err58-cpp.html>`_,
`cert-err60-cpp <cert-err60-cpp.html>`_, `cert-err60-cpp <cert-err60-cpp.html>`_,
`cert-exp42-c <cert-exp42-c.html>`_, `cert-exp42-c <cert-exp42-c.html>`_,
`cert-flp30-c <cert-flp30-c.html>`_, `cert-flp30-c <cert-flp30-c.html>`_,
`cert-flp37-c <cert-flp37-c.html>`_, `cert-flp37-c <cert-flp37-c.html>`_,
`cert-mem57-cpp <cert-mem57-cpp.html>`_, `cert-mem57-cpp <cert-mem57-cpp.html>`_,
`cert-msc50-cpp <cert-msc50-cpp.html>`_, `cert-msc50-cpp <cert-msc50-cpp.html>`_,
▲ Show 20 LinesShow All 202 Lines▼ Show 20 Lines
.. csv-table:: Aliases.. .. csv-table:: Aliases..
:header: "Name", "Redirect", "Offers fixes" :header: "Name", "Redirect", "Offers fixes"
`cert-con36-c <cert-con36-c.html>`_, `bugprone-spuriously-wake-up-functions <bugprone-spuriously-wake-up-functions.html>`_, `cert-con36-c <cert-con36-c.html>`_, `bugprone-spuriously-wake-up-functions <bugprone-spuriously-wake-up-functions.html>`_,
`cert-con54-cpp <cert-con54-cpp.html>`_, `bugprone-spuriously-wake-up-functions <bugprone-spuriously-wake-up-functions.html>`_, `cert-con54-cpp <cert-con54-cpp.html>`_, `bugprone-spuriously-wake-up-functions <bugprone-spuriously-wake-up-functions.html>`_,
`cert-dcl03-c <cert-dcl03-c.html>`_, `misc-static-assert <misc-static-assert.html>`_, "Yes" `cert-dcl03-c <cert-dcl03-c.html>`_, `misc-static-assert <misc-static-assert.html>`_, "Yes"
`cert-dcl16-c <cert-dcl16-c.html>`_, `readability-uppercase-literal-suffix <readability-uppercase-literal-suffix.html>`_, "Yes" `cert-dcl16-c <cert-dcl16-c.html>`_, `readability-uppercase-literal-suffix <readability-uppercase-literal-suffix.html>`_, "Yes"
`cert-dcl37-c <cert-dcl37-c.html>`_, `bugprone-reserved-identifier <bugprone-reserved-identifier.html>`_, "Yes" `cert-dcl37-c <cert-dcl37-c.html>`_, `bugprone-reserved-identifier <bugprone-reserved-identifier.html>`_, "Yes"
`cert-err33-c <cert-err33-c.html>`_, `bugprone-unused-return-value <bugprone-unused-return-value.html>`_,
`cert-dcl51-cpp <cert-dcl51-cpp.html>`_, `bugprone-reserved-identifier <bugprone-reserved-identifier.html>`_, "Yes" `cert-dcl51-cpp <cert-dcl51-cpp.html>`_, `bugprone-reserved-identifier <bugprone-reserved-identifier.html>`_, "Yes"
`cert-dcl54-cpp <cert-dcl54-cpp.html>`_, `misc-new-delete-overloads <misc-new-delete-overloads.html>`_, `cert-dcl54-cpp <cert-dcl54-cpp.html>`_, `misc-new-delete-overloads <misc-new-delete-overloads.html>`_,
`cert-dcl59-cpp <cert-dcl59-cpp.html>`_, `google-build-namespaces <google-build-namespaces.html>`_, `cert-dcl59-cpp <cert-dcl59-cpp.html>`_, `google-build-namespaces <google-build-namespaces.html>`_,
`cert-err09-cpp <cert-err09-cpp.html>`_, `misc-throw-by-value-catch-by-reference <misc-throw-by-value-catch-by-reference.html>`_, `cert-err09-cpp <cert-err09-cpp.html>`_, `misc-throw-by-value-catch-by-reference <misc-throw-by-value-catch-by-reference.html>`_,
`cert-err61-cpp <cert-err61-cpp.html>`_, `misc-throw-by-value-catch-by-reference <misc-throw-by-value-catch-by-reference.html>`_, `cert-err61-cpp <cert-err61-cpp.html>`_, `misc-throw-by-value-catch-by-reference <misc-throw-by-value-catch-by-reference.html>`_,
`cert-fio38-c <cert-fio38-c.html>`_, `misc-non-copyable-objects <misc-non-copyable-objects.html>`_, `cert-fio38-c <cert-fio38-c.html>`_, `misc-non-copyable-objects <misc-non-copyable-objects.html>`_,
`cert-msc30-c <cert-msc30-c.html>`_, `cert-msc50-cpp <cert-msc50-cpp.html>`_, `cert-msc30-c <cert-msc30-c.html>`_, `cert-msc50-cpp <cert-msc50-cpp.html>`_,
`cert-msc32-c <cert-msc32-c.html>`_, `cert-msc51-cpp <cert-msc51-cpp.html>`_, `cert-msc32-c <cert-msc32-c.html>`_, `cert-msc51-cpp <cert-msc51-cpp.html>`_,
▲ Show 20 LinesShow All 106 LinesShow Last 20 Lines

clang-tools-extra/test/clang-tidy/checkers/cert-err33-c.c

  • This file was added.
// RUN: %check_clang_tidy %s cert-err33-c %t
typedef __SIZE_TYPE__ size_t;
void *aligned_alloc(size_t alignment, size_t size);
void test_aligned_alloc() {
aligned_alloc(2, 10);
// CHECK-NOTES: [[@LINE-1]]:3: warning: the value returned by this function should be used
// CHECK-NOTES: [[@LINE-2]]:3: note: cast the expression to void to silence this warning
}
long strtol(const char *restrict nptr, char **restrict endptr, int base);
void test_strtol() {
strtol("123", 0, 10);
// CHECK-NOTES: [[@LINE-1]]:3: warning: the value returned by this function should be used
// CHECK-NOTES: [[@LINE-2]]:3: note: cast the expression to void to silence this warning
}
typedef char wchar_t;
int wscanf_s(const wchar_t *restrict format, ...);
void test_wscanf_s() {
int Val;
wscanf_s("%i", &Val);
// CHECK-NOTES: [[@LINE-1]]:3: warning: the value returned by this function should be used
// CHECK-NOTES: [[@LINE-2]]:3: note: cast the expression to void to silence this warning
}