This checker warns fors the usage of std:rand() function
more info about the problem can be found here:
https://www.securecoding.cert.org/confluence/display/cplusplus/MSC50-CPP.+Do+not+use+std%3A%3Arand%28%29+for+generating+pseudorandom+numbers
Paths
| Differential D22346
[Clang-tidy] CERT-MSC50-CPP (std:rand() ) ClosedPublic Authored by falho on Jul 14 2016, 5:13 AM.
Details Summary This checker warns fors the usage of std:rand() function more info about the problem can be found here:
Diff Detail Event Timelinefalho updated this object. falho retitled this revision from CERT-MSC50-CPP (std:rand() ) to [Clang-tidy] CERT-MSC50-CPP (std:rand() ).Aug 11 2016, 2:21 PM falho edited subscribers, added: Eugene.Zelenko, cfe-commits; removed: xazax.hun, o.gyorgy, alex, nemanjai. Prazek edited edge metadata. Comment ActionsLGTM with the fixes of docs.
This revision is now accepted and ready to land.Aug 14 2016, 1:25 AM aaron.ballman edited edge metadata. Comment ActionsThank you for working on this check!
This revision now requires changes to proceed.Aug 14 2016, 4:20 AM
Comment Actions Hi! Thanks for the reviews! I will be off for a few days so I will start working on it when Im back. Greetz! Benedek
Comment Actions Thank you for continuing your efforts on this, I have just a few minor nits remaining.
Comment Actions I noticed you marked several comments as done, but the patch is not updated with changes. Have I missed something? Comment Actions clang-tidy/cert/.LimitedRandomnessCheck.cpp.swo was added and should not have been; also, there's one minor issue with the diagnostic wording that is still outstanding.
falho marked an inline comment as done. Comment Actionsremoved semicolon, and replaced it with a comma that only appears in .cpp diagnostics removed junk .swo file Comment Actions
The semicolon was the correct punctuator to use, but thank you for moving it into the cpp message.
Thanks!
falho marked an inline comment as done. Comment Actionsin cpp diagnostics message: comma changed back to semicolon, + curly braces removed This revision is now accepted and ready to land.Oct 27 2016, 1:27 PM Comment Actions
If you don't have commit privileges, let me know and I'm happy to commit on your behalf. Comment Actions I just figured out that I don't have right to commit to llvm so I would appreciate if you could commit this check for me. Do you need any info about me? Thank you!
Revision Contents
Diff 63955 clang-query/tool/ClangQuery.cpp
clang-rename/CMakeLists.txt
clang-rename/RenamingAction.cpp
clang-rename/USRFinder.h
clang-rename/USRFinder.cpp
clang-rename/USRFindingAction.h
clang-rename/USRFindingAction.cpp
clang-rename/USRLocFinder.h
clang-rename/USRLocFinder.cpp
clang-rename/tool/CMakeLists.txt
clang-rename/tool/ClangRename.cpp
clang-rename/tool/clang-rename.py
clang-tidy/CMakeLists.txt
clang-tidy/ClangTidy.h
clang-tidy/ClangTidy.cpp
clang-tidy/ClangTidyDiagnosticConsumer.h
clang-tidy/ClangTidyDiagnosticConsumer.cpp
clang-tidy/ClangTidyModule.cpp
clang-tidy/ClangTidyOptions.cpp
clang-tidy/add_new_check.py
clang-tidy/boost/BoostTidyModule.cpp
clang-tidy/boost/CMakeLists.txt
clang-tidy/boost/UseToStringCheck.h
clang-tidy/boost/UseToStringCheck.cpp
clang-tidy/cert/CERTTidyModule.cpp
clang-tidy/cert/CMakeLists.txt
clang-tidy/cert/LimitedRandomnessCheck.h
clang-tidy/cert/LimitedRandomnessCheck.cpp
clang-tidy/cert/StrToNumCheck.h
clang-tidy/cert/StrToNumCheck.cpp
clang-tidy/cert/ThrownExceptionTypeCheck.cpp
clang-tidy/cppcoreguidelines/CppCoreGuidelinesTidyModule.cpp
clang-tidy/cppcoreguidelines/ProBoundsArrayToPointerDecayCheck.h
clang-tidy/cppcoreguidelines/ProBoundsArrayToPointerDecayCheck.cpp
clang-tidy/cppcoreguidelines/ProBoundsConstantArrayIndexCheck.h
clang-tidy/cppcoreguidelines/ProBoundsConstantArrayIndexCheck.cpp
clang-tidy/cppcoreguidelines/ProBoundsPointerArithmeticCheck.h
clang-tidy/cppcoreguidelines/ProBoundsPointerArithmeticCheck.cpp
clang-tidy/cppcoreguidelines/ProTypeConstCastCheck.h
clang-tidy/cppcoreguidelines/ProTypeConstCastCheck.cpp
clang-tidy/cppcoreguidelines/ProTypeCstyleCastCheck.h
clang-tidy/cppcoreguidelines/ProTypeCstyleCastCheck.cpp
clang-tidy/cppcoreguidelines/ProTypeMemberInitCheck.cpp
clang-tidy/cppcoreguidelines/ProTypeReinterpretCastCheck.h
clang-tidy/cppcoreguidelines/ProTypeReinterpretCastCheck.cpp
clang-tidy/cppcoreguidelines/ProTypeStaticCastDowncastCheck.h
clang-tidy/cppcoreguidelines/ProTypeStaticCastDowncastCheck.cpp
clang-tidy/cppcoreguidelines/ProTypeUnionAccessCheck.h
clang-tidy/cppcoreguidelines/ProTypeUnionAccessCheck.cpp
clang-tidy/cppcoreguidelines/ProTypeVarargCheck.h
clang-tidy/cppcoreguidelines/ProTypeVarargCheck.cpp
clang-tidy/google/CMakeLists.txt
clang-tidy/google/DefaultArgumentsCheck.h
clang-tidy/google/DefaultArgumentsCheck.cpp
clang-tidy/google/ExplicitConstructorCheck.cpp
clang-tidy/google/GlobalNamesInHeadersCheck.h
clang-tidy/google/GoogleTidyModule.cpp
clang-tidy/llvm/HeaderGuardCheck.h
clang-tidy/llvm/TwineLocalCheck.cpp
clang-tidy/misc/ArgumentCommentCheck.h
clang-tidy/misc/ArgumentCommentCheck.cpp
clang-tidy/misc/AssertSideEffectCheck.h
clang-tidy/misc/AssertSideEffectCheck.cpp
clang-tidy/misc/AssignOperatorSignatureCheck.h
clang-tidy/misc/AssignOperatorSignatureCheck.cpp
clang-tidy/misc/BoolPointerImplicitConversionCheck.cpp
clang-tidy/misc/CMakeLists.txt
clang-tidy/misc/DanglingHandleCheck.cpp
clang-tidy/misc/DefinitionsInHeadersCheck.cpp
clang-tidy/misc/InaccurateEraseCheck.cpp
clang-tidy/misc/IncorrectRoundings.cpp
clang-tidy/misc/InefficientAlgorithmCheck.cpp
clang-tidy/misc/MacroParenthesesCheck.h
clang-tidy/misc/MacroParenthesesCheck.cpp
clang-tidy/misc/MiscTidyModule.cpp
clang-tidy/misc/MisplacedConstCheck.h
clang-tidy/misc/MisplacedConstCheck.cpp
clang-tidy/misc/MisplacedWideningCastCheck.cpp
clang-tidy/misc/MoveConstantArgumentCheck.h
clang-tidy/misc/MoveConstantArgumentCheck.cpp
clang-tidy/misc/MoveConstructorInitCheck.h
clang-tidy/misc/MoveConstructorInitCheck.cpp
clang-tidy/misc/NewDeleteOverloadsCheck.cpp
clang-tidy/misc/NoexceptMoveConstructorCheck.h
clang-tidy/misc/NoexceptMoveConstructorCheck.cpp
clang-tidy/misc/NonCopyableObjects.h
clang-tidy/misc/NonCopyableObjects.cpp
clang-tidy/misc/RedundantExpressionCheck.h
clang-tidy/misc/RedundantExpressionCheck.cpp
clang-tidy/misc/SizeofContainerCheck.h
clang-tidy/misc/SizeofContainerCheck.cpp
clang-tidy/misc/SizeofExpressionCheck.cpp
clang-tidy/misc/StaticAssertCheck.h
clang-tidy/misc/StaticAssertCheck.cpp
clang-tidy/misc/StringConstructorCheck.cpp
clang-tidy/misc/StringIntegerAssignmentCheck.h
clang-tidy/misc/StringIntegerAssignmentCheck.cpp
clang-tidy/misc/SuspiciousMissingCommaCheck.cpp
clang-tidy/misc/SuspiciousSemicolonCheck.cpp
clang-tidy/misc/SuspiciousStringCompareCheck.cpp
clang-tidy/misc/SwappedArgumentsCheck.cpp
clang-tidy/misc/ThrowByValueCatchByReferenceCheck.h
clang-tidy/misc/ThrowByValueCatchByReferenceCheck.cpp
clang-tidy/misc/UnconventionalAssignOperatorCheck.h
clang-tidy/misc/UnconventionalAssignOperatorCheck.cpp
clang-tidy/misc/UndelegatedConstructor.cpp
clang-tidy/misc/UniqueptrResetReleaseCheck.cpp
clang-tidy/misc/UnusedAliasDeclsCheck.h
clang-tidy/misc/UnusedAliasDeclsCheck.cpp
clang-tidy/misc/UnusedParametersCheck.h
clang-tidy/misc/UnusedParametersCheck.cpp
clang-tidy/misc/UnusedRAIICheck.cpp
clang-tidy/misc/UnusedUsingDeclsCheck.h
clang-tidy/misc/UnusedUsingDeclsCheck.cpp
clang-tidy/modernize/AvoidBindCheck.h
clang-tidy/modernize/AvoidBindCheck.cpp
clang-tidy/modernize/CMakeLists.txt
clang-tidy/modernize/DeprecatedHeadersCheck.h
clang-tidy/modernize/LoopConvertCheck.cpp
clang-tidy/modernize/LoopConvertUtils.h
clang-tidy/modernize/LoopConvertUtils.cpp
clang-tidy/modernize/MakeSharedCheck.h
clang-tidy/modernize/MakeSharedCheck.cpp
clang-tidy/modernize/MakeSmartPtrCheck.h
clang-tidy/modernize/MakeSmartPtrCheck.cpp
clang-tidy/modernize/MakeUniqueCheck.h
clang-tidy/modernize/MakeUniqueCheck.cpp
clang-tidy/modernize/ModernizeTidyModule.cpp
clang-tidy/modernize/PassByValueCheck.h
clang-tidy/modernize/PassByValueCheck.cpp
clang-tidy/modernize/RawStringLiteralCheck.h
clang-tidy/modernize/RedundantVoidArgCheck.cpp
clang-tidy/modernize/ReplaceAutoPtrCheck.h
clang-tidy/modernize/ReplaceAutoPtrCheck.cpp
clang-tidy/modernize/ShrinkToFitCheck.cpp
clang-tidy/modernize/UseAutoCheck.h
clang-tidy/modernize/UseAutoCheck.cpp
clang-tidy/modernize/UseBoolLiteralsCheck.h
clang-tidy/modernize/UseBoolLiteralsCheck.cpp
clang-tidy/modernize/UseDefaultCheck.cpp
clang-tidy/modernize/UseEmplaceCheck.h
clang-tidy/modernize/UseEmplaceCheck.cpp
clang-tidy/modernize/UseNullptrCheck.cpp
clang-tidy/modernize/UseUsingCheck.h
clang-tidy/modernize/UseUsingCheck.cpp
clang-tidy/performance/FasterStringFindCheck.cpp
clang-tidy/performance/ForRangeCopyCheck.cpp
clang-tidy/performance/ImplicitCastInLoopCheck.cpp
clang-tidy/performance/UnnecessaryCopyInitialization.h
clang-tidy/performance/UnnecessaryCopyInitialization.cpp
clang-tidy/performance/UnnecessaryValueParamCheck.h
clang-tidy/performance/UnnecessaryValueParamCheck.cpp
clang-tidy/plugin/CMakeLists.txt
clang-tidy/readability/AvoidConstParamsInDecls.cpp
clang-tidy/readability/ElseAfterReturnCheck.cpp
clang-tidy/readability/FunctionSizeCheck.h
clang-tidy/readability/FunctionSizeCheck.cpp
clang-tidy/readability/IdentifierNamingCheck.h
clang-tidy/readability/IdentifierNamingCheck.cpp
clang-tidy/readability/ImplicitBoolCastCheck.h
clang-tidy/readability/ImplicitBoolCastCheck.cpp
clang-tidy/readability/InconsistentDeclarationParameterNameCheck.cpp
clang-tidy/readability/RedundantSmartptrGetCheck.cpp
clang-tidy/readability/RedundantStringCStrCheck.cpp
clang-tidy/readability/RedundantStringInitCheck.cpp
clang-tidy/readability/SimplifyBooleanExprCheck.cpp
clang-tidy/readability/UniqueptrDeleteReleaseCheck.h
clang-tidy/readability/UniqueptrDeleteReleaseCheck.cpp
clang-tidy/tool/CMakeLists.txt
clang-tidy/tool/ClangTidyMain.cpp
clang-tidy/tool/clang-tidy-diff.py
clang-tidy/utils/CMakeLists.txt
clang-tidy/utils/DeclRefExprUtils.h
clang-tidy/utils/DeclRefExprUtils.cpp
clang-tidy/utils/FixItHintUtils.h
clang-tidy/utils/FixItHintUtils.cpp
clang-tidy/utils/HeaderFileExtensionsUtils.h
clang-tidy/utils/HeaderFileExtensionsUtils.cpp
clang-tidy/utils/HeaderGuard.h
clang-tidy/utils/HeaderGuard.cpp
clang-tidy/utils/IncludeInserter.h
clang-tidy/utils/IncludeInserter.cpp
clang-tidy/utils/IncludeSorter.h
clang-tidy/utils/IncludeSorter.cpp
clang-tidy/utils/LexerUtils.h
clang-tidy/utils/LexerUtils.cpp
clang-tidy/utils/Matchers.h
clang-tidy/utils/OptionsUtils.h
clang-tidy/utils/OptionsUtils.cpp
clang-tidy/utils/TypeTraits.h
clang-tidy/utils/TypeTraits.cpp
docs/ReleaseNotes.rst
docs/clang-tidy/checks/boost-use-to-string.rst
docs/clang-tidy/checks/cert-err34-c.rst
docs/clang-tidy/checks/cert-msc50-cpp.rst
docs/clang-tidy/checks/cppcoreguidelines-pro-type-member-init.rst
docs/clang-tidy/checks/google-default-arguments.rst
docs/clang-tidy/checks/google-global-names-in-headers.rst
docs/clang-tidy/checks/google-readability-todo.rst
docs/clang-tidy/checks/google-runtime-int.rst
docs/clang-tidy/checks/google-runtime-references.rst
docs/clang-tidy/checks/list.rst
docs/clang-tidy/checks/misc-assign-operator-signature.rst
docs/clang-tidy/checks/misc-definitions-in-headers.rst
docs/clang-tidy/checks/misc-incorrect-roundings.rst
docs/clang-tidy/checks/misc-misplaced-const.rst
docs/clang-tidy/checks/misc-move-const-arg.rst
docs/clang-tidy/checks/misc-redundant-expression.rst
docs/clang-tidy/checks/misc-unconventional-assign-operator.rst
docs/clang-tidy/checks/misc-virtual-near-miss.rst
docs/clang-tidy/checks/modernize-avoid-bind.rst
docs/clang-tidy/checks/modernize-make-shared.rst
docs/clang-tidy/checks/modernize-use-auto.rst
docs/clang-tidy/checks/modernize-use-bool-literals.rst
docs/clang-tidy/checks/modernize-use-emplace.rst
docs/clang-tidy/checks/modernize-use-using.rst
docs/clang-tidy/checks/performance-implicit-cast-in-loop.rst
docs/clang-tidy/checks/performance-unnecessary-value-param.rst
docs/clang-tidy/index.rst
docs/doxygen.cfg.in
docs/include-fixer.rst
docs/index.rst
include-fixer/CMakeLists.txt
include-fixer/InMemorySymbolIndex.h
include-fixer/InMemorySymbolIndex.cpp
include-fixer/InMemoryXrefsDB.h
include-fixer/InMemoryXrefsDB.cpp
include-fixer/IncludeFixer.h
include-fixer/IncludeFixer.cpp
include-fixer/IncludeFixerContext.h
include-fixer/IncludeFixerContext.cpp
include-fixer/SymbolIndex.h
include-fixer/SymbolIndexManager.h
include-fixer/SymbolIndexManager.cpp
include-fixer/XrefsDB.h
include-fixer/YamlSymbolIndex.h
include-fixer/YamlSymbolIndex.cpp
include-fixer/find-all-symbols/CMakeLists.txt
include-fixer/find-all-symbols/FindAllMacros.h
include-fixer/find-all-symbols/FindAllMacros.cpp
include-fixer/find-all-symbols/FindAllSymbols.h
include-fixer/find-all-symbols/FindAllSymbols.cpp
include-fixer/find-all-symbols/FindAllSymbolsAction.h
include-fixer/find-all-symbols/FindAllSymbolsAction.cpp
include-fixer/find-all-symbols/HeaderMapCollector.h
include-fixer/find-all-symbols/HeaderMapCollector.cpp
include-fixer/find-all-symbols/PathConfig.h
include-fixer/find-all-symbols/PathConfig.cpp
include-fixer/find-all-symbols/PragmaCommentHandler.h
include-fixer/find-all-symbols/PragmaCommentHandler.cpp
include-fixer/find-all-symbols/STLPostfixHeaderMap.h
include-fixer/find-all-symbols/STLPostfixHeaderMap.cpp
include-fixer/find-all-symbols/SymbolInfo.h
include-fixer/find-all-symbols/SymbolInfo.cpp
include-fixer/find-all-symbols/SymbolReporter.h
include-fixer/find-all-symbols/tool/CMakeLists.txt
include-fixer/find-all-symbols/tool/FindAllSymbolsMain.cpp
include-fixer/find-all-symbols/tool/run-find-all-symbols.py
include-fixer/tool/CMakeLists.txt
include-fixer/tool/ClangIncludeFixer.cpp
include-fixer/tool/clang-include-fixer.py
test/CMakeLists.txt
test/clang-rename/ClassTest.cpp
test/clang-rename/ClassTestByName.cpp
test/clang-rename/ClassTestReplacements.cpp
test/clang-rename/ConstCastExpr.cpp
test/clang-rename/ConstructExpr.cpp
test/clang-rename/CtorDefTest.cpp
test/clang-rename/CtorInitializerTest.cpp
test/clang-rename/DeclRefExpr.cpp
test/clang-rename/DtorDefTest.cpp
test/clang-rename/DynamicCastExpr.cpp
test/clang-rename/FieldTest.cpp
test/clang-rename/MemberExprMacro.cpp
test/clang-rename/ReinterpretCastExpr.cpp
test/clang-rename/StaticCastExpr.cpp
test/clang-rename/VarTest.cpp
test/clang-tidy/boost-use-to-string.cpp
test/clang-tidy/cert-err34-c.c
test/clang-tidy/cert-err34-c.cpp
test/clang-tidy/cert-limited-randomness.cpp
test/clang-tidy/cppcoreguidelines-pro-type-member-init-cxx98.cpp
test/clang-tidy/cppcoreguidelines-pro-type-member-init.cpp
test/clang-tidy/cppcoreguidelines-pro-type-vararg.cpp
test/clang-tidy/explain-checks.cpp
test/clang-tidy/google-default-arguments.cpp
test/clang-tidy/list-checks.cpp
test/clang-tidy/misc-argument-comment.cpp
test/clang-tidy/misc-assign-operator-signature.cpp
test/clang-tidy/misc-definitions-in-headers.hpp
test/clang-tidy/misc-macro-parentheses.cpp
test/clang-tidy/misc-misplaced-const.c
test/clang-tidy/misc-misplaced-const.cpp
test/clang-tidy/misc-move-const-arg.cpp
test/clang-tidy/misc-move-constructor-init.cpp
test/clang-tidy/misc-redundant-expression.cpp
test/clang-tidy/misc-string-constructor.cpp
test/clang-tidy/misc-swapped-arguments.cpp
test/clang-tidy/misc-unconventional-assign-operator.cpp
test/clang-tidy/misc-unused-using-decls.cpp
test/clang-tidy/modernize-avoid-bind.cpp
test/clang-tidy/modernize-make-shared.cpp
test/clang-tidy/modernize-pass-by-value-macro-header.cpp
test/clang-tidy/modernize-pass-by-value-marco-header.cpp
test/clang-tidy/modernize-pass-by-value.cpp
test/clang-tidy/modernize-use-auto-new-remove-stars.cpp
test/clang-tidy/modernize-use-auto-new.cpp
test/clang-tidy/modernize-use-bool-literals.cpp
test/clang-tidy/modernize-use-emplace.cpp
test/clang-tidy/modernize-use-using.cpp
test/clang-tidy/nolint.cpp
test/clang-tidy/performance-unnecessary-copy-initialization.cpp
test/clang-tidy/performance-unnecessary-value-param.cpp
test/clang-tidy/readability-avoid-const-params-in-decls.cpp
test/clang-tidy/readability-identifier-naming.cpp
test/clang-tidy/werrors-diagnostics.cpp
test/clang-tidy/werrors-plural.cpp
test/clang-tidy/werrors.cpp
test/include-fixer/Inputs/database_template.json
test/include-fixer/Inputs/fake_yaml_db.yaml
test/include-fixer/Inputs/merge/a.yaml
test/include-fixer/Inputs/merge/b.yaml
test/include-fixer/commandline_options.cpp
test/include-fixer/exit_on_fatal.cpp
test/include-fixer/fixeddb.cpp
test/include-fixer/include_path.cpp
test/include-fixer/merge.test
test/include-fixer/prefix_variable.cpp
test/include-fixer/ranking.cpp
test/include-fixer/yamldb.cpp
test/include-fixer/yamldb_autodetect.cpp
test/lit.cfg
tool-template/ToolTemplate.cpp
unittests/clang-apply-replacements/ReformattingTest.cpp
unittests/clang-rename/USRLocFindingTest.cpp
unittests/clang-tidy/ClangTidyTest.h
unittests/clang-tidy/IncludeInserterTest.cpp
unittests/include-fixer/CMakeLists.txt
unittests/include-fixer/IncludeFixerTest.cpp
unittests/include-fixer/find-all-symbols/CMakeLists.txt
unittests/include-fixer/find-all-symbols/FindAllSymbolsTests.cpp
|
Please place this under a MSC heading rather than DCL.
This check should additionally be listed as cert-msc30-c (https://www.securecoding.cert.org/confluence/display/c/MSC30-C.+Do+not+use+the+rand%28%29+function+for+generating+pseudorandom+numbers).