Index: clang-tidy/cert/CERTTidyModule.cpp =================================================================== --- clang-tidy/cert/CERTTidyModule.cpp +++ clang-tidy/cert/CERTTidyModule.cpp @@ -18,6 +18,7 @@ #include "../misc/ThrowByValueCatchByReferenceCheck.h" #include "CommandProcessorCheck.h" #include "FloatLoopCounter.h" +#include "LimitedRandomnessCheck.h" #include "SetLongJmpCheck.h" #include "StaticObjectExceptionCheck.h" #include "StrToNumCheck.h" @@ -33,6 +34,8 @@ void addCheckFactories(ClangTidyCheckFactories &CheckFactories) override { // C++ checkers // DCL + CheckFactories.registerCheck( + "cert-msc50-cpp"); CheckFactories.registerCheck( "cert-dcl50-cpp"); CheckFactories.registerCheck( Index: clang-tidy/cert/CMakeLists.txt =================================================================== --- clang-tidy/cert/CMakeLists.txt +++ clang-tidy/cert/CMakeLists.txt @@ -4,6 +4,7 @@ CERTTidyModule.cpp CommandProcessorCheck.cpp FloatLoopCounter.cpp + LimitedRandomnessCheck.cpp SetLongJmpCheck.cpp StaticObjectExceptionCheck.cpp StrToNumCheck.cpp Index: clang-tidy/cert/LimitedRandomnessCheck.h =================================================================== --- /dev/null +++ clang-tidy/cert/LimitedRandomnessCheck.h @@ -0,0 +1,37 @@ +//===--- LimitedRandomnessCheck.h - clang-tidy-------------------*- C++ -*-===// +// +// The LLVM Compiler Infrastructure +// +// This file is distributed under the University of Illinois Open Source +// License. See LICENSE.TXT for details. +// +//===----------------------------------------------------------------------===// + +#ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_LIMITED_RANDOMNESS_H +#define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_LIMITED_RANDOMNESS_H + +#include "../ClangTidy.h" + +namespace clang { +namespace tidy { +namespace cert { + +/// Pseudorandom number generators are not genuinely random. This checker warns +/// for the usage of std::rand() function. +/// +/// For the user-facing documentation see: +/// http://clang.llvm.org/extra/clang-tidy/checks/cert-msc50-cpp.html +class LimitedRandomnessCheck : public ClangTidyCheck { +public: + LimitedRandomnessCheck(StringRef Name, ClangTidyContext *Context) + : ClangTidyCheck(Name, Context) {} + void registerMatchers(ast_matchers::MatchFinder *Finder) override; + void check(const ast_matchers::MatchFinder::MatchResult &Result) override; +}; + +} // namespace cert +} // namespace tidy +} // namespace clang + +#endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_LIMITED_RANDOMNESS_H + Index: clang-tidy/cert/LimitedRandomnessCheck.cpp =================================================================== --- /dev/null +++ clang-tidy/cert/LimitedRandomnessCheck.cpp @@ -0,0 +1,37 @@ +//===--- LimitedRandomnessCheck.cpp - clang-tidy---------------------------===// +// +// The LLVM Compiler Infrastructure +// +// This file is distributed under the University of Illinois Open Source +// License. See LICENSE.TXT for details. +// +//===----------------------------------------------------------------------===// + +#include "LimitedRandomnessCheck.h" +#include "clang/AST/ASTContext.h" +#include "clang/ASTMatchers/ASTMatchFinder.h" + +using namespace clang::ast_matchers; + +namespace clang { +namespace tidy { +namespace cert { + +void LimitedRandomnessCheck::registerMatchers(MatchFinder *Finder) { + Finder->addMatcher( + declRefExpr(hasDeclaration(functionDecl(namedDecl(hasName("::rand")), + parameterCountIs(0)))) + .bind("randomGenerator"), + this); +} + +void LimitedRandomnessCheck::check(const MatchFinder::MatchResult &Result) { + const auto *MatchedDecl = + Result.Nodes.getNodeAs("randomGenerator"); + diag(MatchedDecl->getLocation(), "rand() function has limited randomness, " + "use C++11 random library instead"); +} + +} // namespace cert +} // namespace tidy +} // namespace clang Index: docs/clang-tidy/checks/cert-msc50-cpp.rst =================================================================== --- /dev/null +++ docs/clang-tidy/checks/cert-msc50-cpp.rst @@ -0,0 +1,6 @@ +.. title:: clang-tidy - cert-msc50-cpp + +cert-msc-50 +======================= + +Pseudorandom number generators use mathematical algorithms to produce a sequence of numbers with good statistical properties, but the numbers produced are not genuinely random. This checker warns for the usage of std::rand(). Index: docs/clang-tidy/checks/list.rst =================================================================== --- docs/clang-tidy/checks/list.rst +++ docs/clang-tidy/checks/list.rst @@ -17,6 +17,7 @@ cert-err61-cpp (redirects to misc-throw-by-value-catch-by-reference) cert-fio38-c (redirects to misc-non-copyable-objects) cert-flp30-c + cert-msc50-cpp cert-oop11-cpp (redirects to misc-move-constructor-init) cppcoreguidelines-interfaces-global-init cppcoreguidelines-pro-bounds-array-to-pointer-decay Index: test/clang-tidy/cert-limited-randomness.cpp =================================================================== --- /dev/null +++ test/clang-tidy/cert-limited-randomness.cpp @@ -0,0 +1,28 @@ +// RUN: %check_clang_tidy %s cert-msc50-cpp %t + +int rand(); +int rand(int); + +namespace std { +using ::rand; +} + +namespace nonstd { + int rand(); +} + +void testFunction1() { + int i = std::rand(); + // CHECK-MESSAGES: :[[@LINE-1]]:16: warning: rand() function has limited randomness, use C++11 random library instead [cert-msc50-cpp] + + int j = ::rand(); + // CHECK-MESSAGES: :[[@LINE-1]]:13: warning: rand() function has limited randomness, use C++11 random library instead [cert-msc50-cpp] + + int k = rand(i); + + int l = nonstd::rand(); + + int m = rand(); + // CHECK-MESSAGES: :[[@LINE-1]]:11: warning: rand() function has limited randomness, use C++11 random library instead [cert-msc50-cpp] +} +