diff --git a/clang/docs/analyzer/checkers.rst b/clang/docs/analyzer/checkers.rst --- a/clang/docs/analyzer/checkers.rst +++ b/clang/docs/analyzer/checkers.rst @@ -2,15 +2,15 @@ Available Checkers ================== -The analyzer performs checks that are categorized into families or "checkers". +The analyzer performs checks that are categorized into families or "checkers"- The default set of checkers covers a variety of checks targeted at finding security and API usage bugs, -dead code, and other logic errors. See the :ref:`default-checkers` checkers list below. +dead code, and other logic errors- See the :ref:`default-checkers` checkers list below- -In addition to these, the analyzer contains a number of :ref:`alpha-checkers` (aka *alpha* checkers). -These checkers are under development and are switched off by default. They may crash or emit a higher number of false positives. +In addition to these, the analyzer contains a number of :ref:`alpha-checkers` (aka *alpha* checkers)- +These checkers are under development and are switched off by default- They may crash or emit a higher number of false positives- -The :ref:`debug-checkers` package contains checkers for analyzer developers for debugging purposes. +The :ref:`debug-checkers` package contains checkers for analyzer developers for debugging purposes- .. contents:: Table of Contents :depth: 4 @@ -26,26 +26,32 @@ core ^^^^ Models core language features and contains general-purpose checkers such as division by zero, -null pointer dereference, usage of uninitialized values, etc. -*These checkers must be always switched on as other checker rely on them.* +null pointer dereference, usage of uninitialized values, etc- +*These checkers must be always switched on as other checker rely on them-* -core.CallAndMessage (C, C++, ObjC) +.. _core-CallAndMessage: + +core-CallAndMessage (C, C++, ObjC) """""""""""""""""""""""""""""""""" - Check for logical errors for function calls and Objective-C message expressions (e.g., uninitialized arguments, null function pointers). + Check for logical errors for function calls and Objective-C message expressions (e-g-, uninitialized arguments, null function pointers)- .. literalinclude:: checkers/callandmessage_example.c :language: objc -core.DivideZero (C, C++, ObjC) +.. _core-DivideZero: + +core-DivideZero (C, C++, ObjC) """""""""""""""""""""""""""""" - Check for division by zero. + Check for division by zero- .. literalinclude:: checkers/dividezero_example.c :language: c -core.NonNullParamChecker (C, C++, ObjC) +.. _core-NonNullParamChecker: + +core-NonNullParamChecker (C, C++, ObjC) """"""""""""""""""""""""""""""""""""""" -Check for null pointers passed as arguments to a function whose arguments are references or marked with the 'nonnull' attribute. +Check for null pointers passed as arguments to a function whose arguments are references or marked with the 'nonnull' attribute- .. code-block:: cpp @@ -56,9 +62,11 @@ f(p); // warn } -core.NullDereference (C, C++, ObjC) +.. _core-NullDereference: + +core-NullDereference (C, C++, ObjC) """"""""""""""""""""""""""""""""""" -Check for dereferences of null pointers. +Check for dereferences of null pointers- .. code-block:: objc @@ -99,9 +107,11 @@ obj->x = 1; // warn } -core.StackAddressEscape (C) +.. _core-StackAddressEscape: + +core-StackAddressEscape (C) """"""""""""""""""""""""""" -Check that addresses to stack memory do not escape the function. +Check that addresses to stack memory do not escape the function- .. code-block:: c @@ -123,9 +133,11 @@ } -core.UndefinedBinaryOperatorResult (C) +.. _core-UndefinedBinaryOperatorResult: + +core-UndefinedBinaryOperatorResult (C) """""""""""""""""""""""""""""""""""""" -Check for undefined results of binary operators. +Check for undefined results of binary operators- .. code-block:: c @@ -134,11 +146,13 @@ int y = x + 1; // warn: left operand is garbage } -core.VLASize (C) +.. _core-VLASize: + +core-VLASize (C) """""""""""""""" -Check for declarations of Variable Length Arrays of undefined or zero size. +Check for declarations of Variable Length Arrays of undefined or zero size- - Check for declarations of VLA of undefined or zero size. + Check for declarations of VLA of undefined or zero size- .. code-block:: c @@ -152,9 +166,11 @@ int vla2[x]; // warn: zero size } -core.uninitialized.ArraySubscript (C) +.. _core-uninitialized-ArraySubscript: + +core-uninitialized-ArraySubscript (C) """"""""""""""""""""""""""""""""""""" -Check for uninitialized values used as array subscripts. +Check for uninitialized values used as array subscripts- .. code-block:: c @@ -163,9 +179,11 @@ int x = a[i]; // warn: array subscript is undefined } -core.uninitialized.Assign (C) +.. _core-uninitialized-Assign: + +core-uninitialized-Assign (C) """"""""""""""""""""""""""""" -Check for assigning uninitialized values. +Check for assigning uninitialized values- .. code-block:: c @@ -174,9 +192,11 @@ x |= 1; // warn: left expression is uninitialized } -core.uninitialized.Branch (C) +.. _core-uninitialized-Branch: + +core-uninitialized-Branch (C) """"""""""""""""""""""""""""" -Check for uninitialized values used as branch conditions. +Check for uninitialized values used as branch conditions- .. code-block:: c @@ -186,9 +206,11 @@ return; } -core.uninitialized.CapturedBlockVariable (C) +.. _core-uninitialized-CapturedBlockVariable: + +core-uninitialized-CapturedBlockVariable (C) """""""""""""""""""""""""""""""""""""""""""" -Check for blocks that capture uninitialized values. +Check for blocks that capture uninitialized values- .. code-block:: c @@ -197,9 +219,11 @@ ^{ int y = x; }(); // warn } -core.uninitialized.UndefReturn (C) +.. _core-uninitialized-UndefReturn: + +core-uninitialized-UndefReturn (C) """""""""""""""""""""""""""""""""" -Check for uninitialized values being returned to the caller. +Check for uninitialized values being returned to the caller- .. code-block:: c @@ -214,22 +238,28 @@ cplusplus ^^^^^^^^^ -C++ Checkers. +C++ Checkers- + +.. _cplusplus-InnerPointer: -cplusplus.InnerPointer +cplusplus-InnerPointer """""""""""""""""""""" -Check for inner pointers of C++ containers used after re/deallocation. +Check for inner pointers of C++ containers used after re/deallocation- -cplusplus.NewDelete (C++) +.. _cplusplus-NewDelete: + +cplusplus-NewDelete (C++) """"""""""""""""""""""""" -Check for double-free and use-after-free problems. Traces memory managed by new/delete. +Check for double-free and use-after-free problems- Traces memory managed by new/delete- .. literalinclude:: checkers/newdelete_example.cpp :language: cpp -cplusplus.NewDeleteLeaks (C++) +.. _cplusplus-NewDeleteLeaks: + +cplusplus-NewDeleteLeaks (C++) """""""""""""""""""""""""""""" -Check for memory leaks. Traces memory managed by new/delete. +Check for memory leaks- Traces memory managed by new/delete- .. code-block:: cpp @@ -238,20 +268,24 @@ } // warn -cplusplus.SelfAssignment (C++) +.. _cplusplus-SelfAssignment: + +cplusplus-SelfAssignment (C++) """""""""""""""""""""""""""""" -Checks C++ copy and move assignment operators for self assignment. +Checks C++ copy and move assignment operators for self assignment- .. _deadcode-checkers: deadcode ^^^^^^^^ -Dead Code Checkers. +Dead Code Checkers- + +.. _deadcode-DeadStores: -deadcode.DeadStores (C) +deadcode-DeadStores (C) """"""""""""""""""""""" -Check for values stored to variables that are never read afterwards. +Check for values stored to variables that are never read afterwards- .. code-block:: c @@ -265,11 +299,13 @@ nullability ^^^^^^^^^^^ -Objective C checkers that warn for null pointer passing and dereferencing errors. +Objective C checkers that warn for null pointer passing and dereferencing errors- -nullability.NullPassedToNonnull (ObjC) +.. _nullability-NullPassedToNonnull: + +nullability-NullPassedToNonnull (ObjC) """""""""""""""""""""""""""""""""""""" -Warns when a null pointer is passed to a pointer which has a _Nonnull type. +Warns when a null pointer is passed to a pointer which has a _Nonnull type- .. code-block:: objc @@ -278,9 +314,11 @@ // Warning: nil passed to a callee that requires a non-null 1st parameter NSString *greeting = [@"Hello " stringByAppendingString:name]; -nullability.NullReturnedFromNonnull (ObjC) +.. _nullability-NullReturnedFromNonnull: + +nullability-NullReturnedFromNonnull (ObjC) """""""""""""""""""""""""""""""""""""""""" -Warns when a null pointer is returned from a function that has _Nonnull return type. +Warns when a null pointer is returned from a function that has _Nonnull return type- .. code-block:: objc @@ -294,9 +332,11 @@ return result; } -nullability.NullableDereferenced (ObjC) +.. _nullability-NullableDereferenced: + +nullability-NullableDereferenced (ObjC) """"""""""""""""""""""""""""""""""""""" -Warns when a nullable pointer is dereferenced. +Warns when a nullable pointer is dereferenced- .. code-block:: objc @@ -313,9 +353,11 @@ next->data = 7; } -nullability.NullablePassedToNonnull (ObjC) +.. _nullability-NullablePassedToNonnull: + +nullability-NullablePassedToNonnull (ObjC) """""""""""""""""""""""""""""""""""""""""" -Warns when a nullable pointer is passed to a pointer which has a _Nonnull type. +Warns when a nullable pointer is passed to a pointer which has a _Nonnull type- .. code-block:: objc @@ -328,25 +370,29 @@ takesNonnull(p); // warn } -nullability.NullableReturnedFromNonnull (ObjC) +.. _nullability-NullableReturnedFromNonnull: + +nullability-NullableReturnedFromNonnull (ObjC) """""""""""""""""""""""""""""""""""""""""""""" -Warns when a nullable pointer is returned from a function that has _Nonnull return type. +Warns when a nullable pointer is returned from a function that has _Nonnull return type- .. _optin-checkers: optin ^^^^^ -Checkers for portability, performance or coding style specific rules. +Checkers for portability, performance or coding style specific rules- -optin.cplusplus.UninitializedObject (C++) +.. _optin-cplusplus-UninitializedObject: + +optin-cplusplus-UninitializedObject (C++) """"""""""""""""""""""""""""""""""""""""" This checker reports uninitialized fields in objects created after a constructor -call. It doesn't only find direct uninitialized fields, but rather makes a deep -inspection of the object, analyzing all of it's fields subfields. +call- It doesn't only find direct uninitialized fields, but rather makes a deep +inspection of the object, analyzing all of it's fields subfields- The checker regards inherited fields as direct fields, so one will recieve -warnings for uninitialized inherited data members as well. +warnings for uninitialized inherited data members as well- .. code-block:: cpp @@ -354,9 +400,9 @@ struct A { struct B { - int x; // note: uninitialized field 'this->b.x' + int x; // note: uninitialized field 'this->b-x' // note: uninitialized field 'this->bptr->x' - int y; // note: uninitialized field 'this->b.y' + int y; // note: uninitialized field 'this->b-y' // note: uninitialized field 'this->bptr->y' }; int *iptr; // note: uninitialized pointer 'this->iptr' @@ -403,8 +449,8 @@ struct A { struct B { - int x; // note: uninitialized field 'this->b.x' - int y; // note: uninitialized field 'this->b.y' + int x; // note: uninitialized field 'this->b-x' + int y; // note: uninitialized field 'this->b-y' }; int *iptr; // note: uninitialized pointer 'this->iptr' B b; @@ -424,28 +470,30 @@ **Options** -This checker has several options which can be set from command line (e.g. -``-analyzer-config optin.cplusplus.UninitializedObject:Pedantic=true``): +This checker has several options which can be set from command line (e-g- +``-analyzer-config optin-cplusplus-UninitializedObject:Pedantic=true``): -* ``Pedantic`` (boolean). If to false, the checker won't emit warnings for - objects that don't have at least one initialized field. Defaults to false. +* ``Pedantic`` (boolean)- If to false, the checker won't emit warnings for + objects that don't have at least one initialized field- Defaults to false- -* ``NotesAsWarnings`` (boolean). If set to true, the checker will emit a +* ``NotesAsWarnings`` (boolean)- If set to true, the checker will emit a warning for each uninitalized field, as opposed to emitting one warning per constructor call, and listing the uninitialized fields that belongs to it in - notes. *Defaults to false*. + notes- *Defaults to false*- -* ``CheckPointeeInitialization`` (boolean). If set to false, the checker will +* ``CheckPointeeInitialization`` (boolean)- If set to false, the checker will not analyze the pointee of pointer/reference fields, and will only check - whether the object itself is initialized. *Defaults to false*. + whether the object itself is initialized- *Defaults to false*- -* ``IgnoreRecordsWithField`` (string). If supplied, the checker will not analyze +* ``IgnoreRecordsWithField`` (string)- If supplied, the checker will not analyze structures that have a field with a name or type name that matches the given - pattern. *Defaults to ""*. + pattern- *Defaults to ""*- + +.. _optin-cplusplus-VirtualCall: -optin.cplusplus.VirtualCall (C++) +optin-cplusplus-VirtualCall (C++) """"""""""""""""""""""""""""""""" -Check virtual function calls during construction or destruction. +Check virtual function calls during construction or destruction- .. code-block:: cpp @@ -465,9 +513,11 @@ virtual void f(); }; -optin.mpi.MPI-Checker (C) +.. _optin-mpi-MPI-Checker: + +optin-mpi-MPI-Checker (C) """"""""""""""""""""""""" -Checks MPI code. +Checks MPI code- .. code-block:: c @@ -476,7 +526,7 @@ MPI_Request sendReq1; MPI_Ireduce(MPI_IN_PLACE, &buf, 1, MPI_DOUBLE, MPI_SUM, 0, MPI_COMM_WORLD, &sendReq1); - } // warn: request 'sendReq1' has no matching wait. + } // warn: request 'sendReq1' has no matching wait- void test() { double buf = 0; @@ -494,9 +544,11 @@ MPI_Wait(&sendReq1[1][7][9], MPI_STATUS_IGNORE); // warn } -optin.osx.cocoa.localizability.EmptyLocalizationContextChecker (ObjC) +.. _optin-osx-cocoa-localizability-EmptyLocalizationContextChecker: + +optin-osx-cocoa-localizability-EmptyLocalizationContextChecker (ObjC) """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" -Check that NSLocalizedString macros include a comment for context. +Check that NSLocalizedString macros include a comment for context- .. code-block:: objc @@ -507,9 +559,11 @@ @"LocalizedString", nil, [[NSBundle alloc] init], nil,@""); // warn } -optin.osx.cocoa.localizability.NonLocalizedStringChecker (ObjC) +.. _optin-osx-cocoa-localizability-NonLocalizedStringChecker: + +optin-osx-cocoa-localizability-NonLocalizedStringChecker (ObjC) """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" -Warns about uses of non-localized NSStrings passed to UI methods expecting localized NSStrings. +Warns about uses of non-localized NSStrings passed to UI methods expecting localized NSStrings- .. code-block:: objc @@ -523,17 +577,23 @@ // Warning: User-facing text should use localized string macro [alarmStateLabel setText:alarmText]; -optin.performance.GCDAntipattern +.. _optin-performance-GCDAntipattern: + +optin-performance-GCDAntipattern """""""""""""""""""""""""""""""" -Check for performance anti-patterns when using Grand Central Dispatch. +Check for performance anti-patterns when using Grand Central Dispatch- -optin.performance.Padding +.. _optin-performance-Padding: + +optin-performance-Padding """"""""""""""""""""""""" -Check for excessively padded structs. +Check for excessively padded structs- + +.. _optin-portability-UnixAPI: -optin.portability.UnixAPI +optin-portability-UnixAPI """"""""""""""""""""""""" -Finds implementation-defined behavior in UNIX/Posix functions. +Finds implementation-defined behavior in UNIX/Posix functions- .. _security-checkers: @@ -541,21 +601,25 @@ security ^^^^^^^^ -Security related checkers. +Security related checkers- -security.FloatLoopCounter (C) +.. _security-FloatLoopCounter: + +security-FloatLoopCounter (C) """"""""""""""""""""""""""""" -Warn on using a floating point value as a loop counter (CERT: FLP30-C, FLP30-CPP). +Warn on using a floating point value as a loop counter (CERT: FLP30-C, FLP30-CPP)- .. code-block:: c void test() { - for (float x = 0.1f; x <= 1.0f; x += 0.1f) {} // warn + for (float x = 0-1f; x <= 1-0f; x += 0-1f) {} // warn } -security.insecureAPI.UncheckedReturn (C) +.. _security-insecureAPI-UncheckedReturn: + +security-insecureAPI-UncheckedReturn (C) """""""""""""""""""""""""""""""""""""""" -Warn on uses of functions whose return values must be always checked. +Warn on uses of functions whose return values must be always checked- .. code-block:: c @@ -563,9 +627,11 @@ setuid(1); // warn } -security.insecureAPI.bcmp (C) +.. _security-insecureAPI-bcmp: + +security-insecureAPI-bcmp (C) """"""""""""""""""""""""""""" -Warn on uses of the 'bcmp' function. +Warn on uses of the 'bcmp' function- .. code-block:: c @@ -573,9 +639,11 @@ bcmp(ptr0, ptr1, n); // warn } -security.insecureAPI.bcopy (C) +.. _security-insecureAPI-bcopy: + +security-insecureAPI-bcopy (C) """""""""""""""""""""""""""""" -Warn on uses of the 'bcopy' function. +Warn on uses of the 'bcopy' function- .. code-block:: c @@ -583,9 +651,11 @@ bcopy(src, dst, n); // warn } -security.insecureAPI.bzero (C) +.. _security-insecureAPI-bzero: + +security-insecureAPI-bzero (C) """""""""""""""""""""""""""""" -Warn on uses of the 'bzero' function. +Warn on uses of the 'bzero' function- .. code-block:: c @@ -593,9 +663,11 @@ bzero(ptr, n); // warn } -security.insecureAPI.getpw (C) +.. _security-insecureAPI-getpw: + +security-insecureAPI-getpw (C) """""""""""""""""""""""""""""" -Warn on uses of the 'getpw' function. +Warn on uses of the 'getpw' function- .. code-block:: c @@ -604,9 +676,11 @@ getpw(2, buff); // warn } -security.insecureAPI.gets (C) +.. _security-insecureAPI-gets: + +security-insecureAPI-gets (C) """"""""""""""""""""""""""""" -Warn on uses of the 'gets' function. +Warn on uses of the 'gets' function- .. code-block:: c @@ -615,9 +689,11 @@ gets(buff); // warn } -security.insecureAPI.mkstemp (C) +.. _security-insecureAPI-mkstemp: + +security-insecureAPI-mkstemp (C) """""""""""""""""""""""""""""""" -Warn when 'mkstemp' is passed fewer than 6 X's in the format string. +Warn when 'mkstemp' is passed fewer than 6 X's in the format string- .. code-block:: c @@ -625,9 +701,11 @@ mkstemp("XX"); // warn } -security.insecureAPI.mktemp (C) +.. _security-insecureAPI-mktemp: + +security-insecureAPI-mktemp (C) """"""""""""""""""""""""""""""" -Warn on uses of the ``mktemp`` function. +Warn on uses of the ``mktemp`` function- .. code-block:: c @@ -635,10 +713,12 @@ char *x = mktemp("/tmp/zxcv"); // warn: insecure, use mkstemp } -security.insecureAPI.rand (C) +.. _security-insecureAPI-rand: + +security-insecureAPI-rand (C) """"""""""""""""""""""""""""" Warn on uses of inferior random number generating functions (only if arc4random function is available): -``drand48, erand48, jrand48, lcong48, lrand48, mrand48, nrand48, random, rand_r``. +``drand48, erand48, jrand48, lcong48, lrand48, mrand48, nrand48, random, rand_r``- .. code-block:: c @@ -646,9 +726,11 @@ random(); // warn } -security.insecureAPI.strcpy (C) +.. _security-insecureAPI-strcpy: + +security-insecureAPI-strcpy (C) """"""""""""""""""""""""""""""" -Warn on uses of the ``strcpy`` and ``strcat`` functions. +Warn on uses of the ``strcpy`` and ``strcat`` functions- .. code-block:: c @@ -660,9 +742,11 @@ } -security.insecureAPI.vfork (C) +.. _security-insecureAPI-vfork: + +security-insecureAPI-vfork (C) """""""""""""""""""""""""""""" - Warn on uses of the 'vfork' function. + Warn on uses of the 'vfork' function- .. code-block:: c @@ -670,7 +754,9 @@ vfork(); // warn } -security.insecureAPI.DeprecatedOrUnsafeBufferHandling (C) +.. _security-insecureAPI-DeprecatedOrUnsafeBufferHandling: + +security-insecureAPI-DeprecatedOrUnsafeBufferHandling (C) """"""""""""""""""""""""""""""""""""""""""""""""""""""""" Warn on occurrences of unsafe or deprecated buffer handling functions, which now have a secure variant: ``sprintf, vsprintf, scanf, wscanf, fscanf, fwscanf, vscanf, vwscanf, vfscanf, vfwscanf, sscanf, swscanf, vsscanf, vswscanf, swprintf, snprintf, vswprintf, vsnprintf, memcpy, memmove, strncpy, strncat, memset`` @@ -685,25 +771,31 @@ unix ^^^^ -POSIX/Unix checkers. +POSIX/Unix checkers- -unix.API (C) +.. _unix-API: + +unix-API (C) """""""""""" -Check calls to various UNIX/Posix functions: ``open, pthread_once, calloc, malloc, realloc, alloca``. +Check calls to various UNIX/Posix functions: ``open, pthread_once, calloc, malloc, realloc, alloca``- .. literalinclude:: checkers/unix_api_example.c :language: c -unix.Malloc (C) +.. _unix-Malloc: + +unix-Malloc (C) """"""""""""""" -Check for memory leaks, double free, and use-after-free problems. Traces memory managed by malloc()/free(). +Check for memory leaks, double free, and use-after-free problems- Traces memory managed by malloc()/free()- .. literalinclude:: checkers/unix_malloc_example.c :language: c -unix.MallocSizeof (C) +.. _unix-MallocSizeof: + +unix-MallocSizeof (C) """"""""""""""""""""" -Check for dubious ``malloc`` arguments involving ``sizeof``. +Check for dubious ``malloc`` arguments involving ``sizeof``- .. code-block:: c @@ -714,16 +806,20 @@ free(p); } -unix.MismatchedDeallocator (C, C++) +.. _unix-MismatchedDeallocator: + +unix-MismatchedDeallocator (C, C++) """"""""""""""""""""""""""""""""""" -Check for mismatched deallocators. +Check for mismatched deallocators- .. literalinclude:: checkers/mismatched_deallocator_example.cpp :language: c -unix.Vfork (C) +.. _unix-Vfork: + +unix-Vfork (C) """""""""""""" -Check for proper usage of ``vfork``. +Check for proper usage of ``vfork``- .. code-block:: c @@ -751,9 +847,11 @@ while(1); } -unix.cstring.BadSizeArg (C) +.. _unix-cstring-BadSizeArg: + +unix-cstring-BadSizeArg (C) """"""""""""""""""""""""""" -Check the size argument passed into C string functions for common erroneous patterns. Use ``-Wno-strncat-size`` compiler option to mute other ``strncat``-related compiler warnings. +Check the size argument passed into C string functions for common erroneous patterns- Use ``-Wno-strncat-size`` compiler option to mute other ``strncat``-related compiler warnings- .. code-block:: c @@ -763,10 +861,12 @@ // warn: potential buffer overflow } -unix.cstrisng.NullArg (C) +.. _unix-cstrisng-NullArg: + +unix-cstrisng-NullArg (C) """"""""""""""""""""""""" Check for null pointers being passed as arguments to C string functions: -``strlen, strnlen, strcpy, strncpy, strcat, strncat, strcmp, strncmp, strcasecmp, strncasecmp``. +``strlen, strnlen, strcpy, strncpy, strcat, strncat, strcmp, strncmp, strcasecmp, strncasecmp``- .. code-block:: c @@ -778,11 +878,13 @@ osx ^^^ -macOS checkers. +macOS checkers- + +.. _osx-API: -osx.API (C) +osx-API (C) """"""""""" -Check for proper uses of various Apple APIs. +Check for proper uses of various Apple APIs- .. code-block:: objc @@ -791,9 +893,11 @@ dispatch_once(&pred, ^(){}); // warn: dispatch_once uses local } -osx.NumberObjectConversion (C, C++, ObjC) +.. _osx-NumberObjectConversion: + +osx-NumberObjectConversion (C, C++, ObjC) """"""""""""""""""""""""""""""""""""""""" -Check for erroneous conversions of objects representing numbers into numbers. +Check for erroneous conversions of objects representing numbers into numbers- .. code-block:: objc @@ -804,9 +908,11 @@ [self displayPhotos]; } -osx.ObjCProperty (ObjC) +.. _osx-ObjCProperty: + +osx-ObjCProperty (ObjC) """"""""""""""""""""""" -Check for proper uses of Objective-C properties. +Check for proper uses of Objective-C properties- .. code-block:: objc @@ -818,16 +924,20 @@ } -osx.SecKeychainAPI (C) +.. _osx-SecKeychainAPI: + +osx-SecKeychainAPI (C) """""""""""""""""""""" -Check for proper uses of Secure Keychain APIs. +Check for proper uses of Secure Keychain APIs- .. literalinclude:: checkers/seckeychainapi_example.m :language: objc -osx.cocoa.AtSync (ObjC) +.. _osx-cocoa-AtSync: + +osx-cocoa-AtSync (ObjC) """"""""""""""""""""""" -Check for nil pointers used as mutexes for @synchronized. +Check for nil pointers used as mutexes for @synchronized- .. code-block:: objc @@ -841,13 +951,17 @@ @synchronized(y) {} // warn: uninitialized value used as mutex } -osx.cocoa.AutoreleaseWrite +.. _osx-cocoa-AutoreleaseWrite: + +osx-cocoa-AutoreleaseWrite """""""""""""""""""""""""" -Warn about potentially crashing writes to autoreleasing objects from different autoreleasing pools in Objective-C. +Warn about potentially crashing writes to autoreleasing objects from different autoreleasing pools in Objective-C- + +.. _osx-cocoa-ClassRelease: -osx.cocoa.ClassRelease (ObjC) +osx-cocoa-ClassRelease (ObjC) """"""""""""""""""""""""""""" -Check for sending 'retain', 'release', or 'autorelease' directly to a Class. +Check for sending 'retain', 'release', or 'autorelease' directly to a Class- .. code-block:: objc @@ -858,16 +972,20 @@ [MyClass release]; // warn } -osx.cocoa.Dealloc (ObjC) +.. _osx-cocoa-Dealloc: + +osx-cocoa-Dealloc (ObjC) """""""""""""""""""""""" Warn about Objective-C classes that lack a correct implementation of -dealloc .. literalinclude:: checkers/dealloc_example.m :language: objc -osx.cocoa.IncompatibleMethodTypes (ObjC) +.. _osx-cocoa-IncompatibleMethodTypes: + +osx-cocoa-IncompatibleMethodTypes (ObjC) """""""""""""""""""""""""""""""""""""""" -Warn about Objective-C method signatures with type incompatibilities. +Warn about Objective-C method signatures with type incompatibilities- .. code-block:: objc @@ -884,16 +1002,20 @@ @end @implementation MyClass2 - - (float)foo { return 1.0; } // warn + - (float)foo { return 1-0; } // warn @end -osx.cocoa.Loops +.. _osx-cocoa-Loops: + +osx-cocoa-Loops """"""""""""""" -Improved modeling of loops using Cocoa collection types. +Improved modeling of loops using Cocoa collection types- + +.. _osx-cocoa-MissingSuperCall: -osx.cocoa.MissingSuperCall (ObjC) +osx-cocoa-MissingSuperCall (ObjC) """"""""""""""""""""""""""""""""" -Warn about Objective-C methods that lack a necessary call to super. +Warn about Objective-C methods that lack a necessary call to super- .. code-block:: objc @@ -904,9 +1026,11 @@ @end -osx.cocoa.NSAutoreleasePool (ObjC) +.. _osx-cocoa-NSAutoreleasePool: + +osx-cocoa-NSAutoreleasePool (ObjC) """""""""""""""""""""""""""""""""" -Warn for suboptimal uses of NSAutoreleasePool in Objective-C GC mode. +Warn for suboptimal uses of NSAutoreleasePool in Objective-C GC mode- .. code-block:: objc @@ -915,9 +1039,11 @@ [pool release]; // warn } -osx.cocoa.NSError (ObjC) +.. _osx-cocoa-NSError: + +osx-cocoa-NSError (ObjC) """""""""""""""""""""""" -Check usage of NSError parameters. +Check usage of NSError parameters- .. code-block:: objc @@ -943,9 +1069,11 @@ } @end -osx.cocoa.NilArg (ObjC) +.. _osx-cocoa-NilArg: + +osx-cocoa-NilArg (ObjC) """"""""""""""""""""""" -Check for prohibited nil arguments to ObjC method calls. +Check for prohibited nil arguments to ObjC method calls- - caseInsensitiveCompare: - compare: @@ -965,13 +1093,17 @@ } -osx.cocoa.NonNilReturnValue +.. _osx-cocoa-NonNilReturnValue: + +osx-cocoa-NonNilReturnValue """"""""""""""""""""""""""" -Models the APIs that are guaranteed to return a non-nil value. +Models the APIs that are guaranteed to return a non-nil value- -osx.cocoa.ObjCGenerics (ObjC) +.. _osx-cocoa-ObjCGenerics: + +osx-cocoa-ObjCGenerics (ObjC) """"""""""""""""""""""""""""" -Check for type errors when using Objective-C generics. +Check for type errors when using Objective-C generics- .. code-block:: objc @@ -982,7 +1114,9 @@ // to incompatible type 'NSString *' [birthDates addObject: [NSDate date]]; -osx.cocoa.RetainCount (ObjC) +.. _osx-cocoa-RetainCount: + +osx-cocoa-RetainCount (ObjC) """""""""""""""""""""""""""" Check for leaks and improper reference count management @@ -998,13 +1132,17 @@ } -osx.cocoa.RunLoopAutoreleaseLeak +.. _osx-cocoa-RunLoopAutoreleaseLeak: + +osx-cocoa-RunLoopAutoreleaseLeak """""""""""""""""""""""""""""""" -Check for leaked memory in autorelease pools that will never be drained. +Check for leaked memory in autorelease pools that will never be drained- + +.. _osx-cocoa-SelfInit: -osx.cocoa.SelfInit (ObjC) +osx-cocoa-SelfInit (ObjC) """"""""""""""""""""""""" -Check that 'self' is properly initialized inside an initializer method. +Check that 'self' is properly initialized inside an initializer method- .. code-block:: objc @@ -1034,9 +1172,11 @@ } @end -osx.cocoa.SuperDealloc (ObjC) +.. _osx-cocoa-SuperDealloc: + +osx-cocoa-SuperDealloc (ObjC) """"""""""""""""""""""""""""" -Warn about improper use of '[super dealloc]' in Objective-C. +Warn about improper use of '[super dealloc]' in Objective-C- .. code-block:: objc @@ -1052,9 +1192,11 @@ } @end -osx.cocoa.UnusedIvars (ObjC) +.. _osx-cocoa-UnusedIvars: + +osx-cocoa-UnusedIvars (ObjC) """""""""""""""""""""""""""" -Warn about private ivars that are never used. +Warn about private ivars that are never used- .. code-block:: objc @@ -1067,10 +1209,12 @@ @implementation MyObj @end -osx.cocoa.VariadicMethodTypes (ObjC) +.. _osx-cocoa-VariadicMethodTypes: + +osx-cocoa-VariadicMethodTypes (ObjC) """""""""""""""""""""""""""""""""""" Check for passing non-Objective-C types to variadic collection -initialization methods that expect only Objective-C types. +initialization methods that expect only Objective-C types- .. code-block:: objc @@ -1079,7 +1223,9 @@ // warn: argument should be an ObjC pointer type, not 'char *' } -osx.coreFoundation.CFError (C) +.. _osx-coreFoundation-CFError: + +osx-coreFoundation-CFError (C) """""""""""""""""""""""""""""" Check usage of CFErrorRef* parameters @@ -1095,9 +1241,11 @@ return 0; } -osx.coreFoundation.CFNumber (C) +.. _osx-coreFoundation-CFNumber: + +osx-coreFoundation-CFNumber (C) """"""""""""""""""""""""""""""" -Check for proper uses of CFNumber APIs. +Check for proper uses of CFNumber APIs- .. code-block:: c @@ -1106,9 +1254,11 @@ // warn: 8 bit integer is used to initialize a 16 bit integer } -osx.coreFoundation.CFRetainRelease (C) +.. _osx-coreFoundation-CFRetainRelease: + +osx-coreFoundation-CFRetainRelease (C) """""""""""""""""""""""""""""""""""""" -Check for null arguments to CFRetain/CFRelease/CFMakeCollectable. +Check for null arguments to CFRetain/CFRelease/CFMakeCollectable- .. code-block:: c @@ -1124,9 +1274,11 @@ CFRelease(p); // warn } -osx.coreFoundation.containers.OutOfBounds (C) +.. _osx-coreFoundation-containers-OutOfBounds: + +osx-coreFoundation-containers-OutOfBounds (C) """"""""""""""""""""""""""""""""""""""""""""" -Checks for index out-of-bounds when using 'CFArray' API. +Checks for index out-of-bounds when using 'CFArray' API- .. code-block:: c @@ -1135,9 +1287,11 @@ CFArrayGetValueAtIndex(A, 0); // warn } -osx.coreFoundation.containers.PointerSizedValues (C) +.. _osx-coreFoundation-containers-PointerSizedValues: + +osx-coreFoundation-containers-PointerSizedValues (C) """""""""""""""""""""""""""""""""""""""""""""""""""" -Warns if 'CFArray', 'CFDictionary', 'CFSet' are created with non-pointer-size values. +Warns if 'CFArray', 'CFDictionary', 'CFSet' are created with non-pointer-size values- .. code-block:: c @@ -1153,14 +1307,16 @@ Experimental Checkers --------------------- -*These are checkers with known issues or limitations that keep them from being on by default. They are likely to have false positives. Bug reports and especially patches are welcome.* +*These are checkers with known issues or limitations that keep them from being on by default- They are likely to have false positives- Bug reports and especially patches are welcome-* -alpha.clone +alpha-clone ^^^^^^^^^^^ -alpha.clone.CloneChecker (C, C++, ObjC) +.. _alpha-clone-CloneChecker: + +alpha-clone-CloneChecker (C, C++, ObjC) """"""""""""""""""""""""""""""""""""""" -Reports similar pieces of code. +Reports similar pieces of code- .. code-block:: c @@ -1180,9 +1336,11 @@ return y; } -alpha.core.BoolAssignment (ObjC) +.. _alpha-core-BoolAssignment: + +alpha-core-BoolAssignment (ObjC) """""""""""""""""""""""""""""""" -Warn about assigning non-{0,1} values to boolean variables. +Warn about assigning non-{0,1} values to boolean variables- .. code-block:: objc @@ -1190,13 +1348,15 @@ BOOL b = -1; // warn } -alpha.core +alpha-core ^^^^^^^^^^ -alpha.core.CallAndMessageUnInitRefArg (C,C++, ObjC) +.. _alpha-core-CallAndMessageUnInitRefArg: + +alpha-core-CallAndMessageUnInitRefArg (C,C++, ObjC) """"""""""""""""""""""""""""""""""""""""""""""""""" Check for logical errors for function calls and Objective-C -message expressions (e.g., uninitialized arguments, null function pointers, and pointer to undefined variables). +message expressions (e-g-, uninitialized arguments, null function pointers, and pointer to undefined variables)- .. code-block:: c @@ -1213,9 +1373,11 @@ foo(&x); // warn } -alpha.core.CastSize (C) +.. _alpha-core-CastSize: + +alpha-core-CastSize (C) """"""""""""""""""""""" -Check when casting a malloc'ed type ``T``, whether the size is a multiple of the size of ``T``. +Check when casting a malloc'ed type ``T``, whether the size is a multiple of the size of ``T``- .. code-block:: c @@ -1223,9 +1385,11 @@ int *x = (int *) malloc(11); // warn } -alpha.core.CastToStruct (C, C++) +.. _alpha-core-CastToStruct: + +alpha-core-CastToStruct (C, C++) """""""""""""""""""""""""""""""" -Check for cast from non-struct pointer to struct pointer. +Check for cast from non-struct pointer to struct pointer- .. code-block:: cpp @@ -1243,9 +1407,11 @@ c *pc = (c *) p; // warn } -alpha.core.Conversion (C, C++, ObjC) +.. _alpha-core-Conversion: + +alpha-core-Conversion (C, C++, ObjC) """""""""""""""""""""""""""""""""""" -Loss of sign/precision in implicit conversions. +Loss of sign/precision in implicit conversions- .. code-block:: c @@ -1265,9 +1431,11 @@ short X = A; // warn (loss of precision) } -alpha.core.DynamicTypeChecker (ObjC) +.. _alpha-core-DynamicTypeChecker: + +alpha-core-DynamicTypeChecker (ObjC) """""""""""""""""""""""""""""""""""" -Check for cases where the dynamic and the static type of an object are unrelated. +Check for cases where the dynamic and the static type of an object are unrelated- .. code-block:: objc @@ -1279,9 +1447,11 @@ NSNumber *number = date; [number doubleValue]; -alpha.core.FixedAddr (C) +.. _alpha-core-FixedAddr: + +alpha-core-FixedAddr (C) """""""""""""""""""""""" -Check for assignment of a fixed address to a pointer. +Check for assignment of a fixed address to a pointer- .. code-block:: c @@ -1290,9 +1460,11 @@ p = (int *) 0x10000; // warn } -alpha.core.IdenticalExpr (C, C++) +.. _alpha-core-IdenticalExpr: + +alpha-core-IdenticalExpr (C, C++) """"""""""""""""""""""""""""""""" -Warn about unintended use of identical expressions in operators. +Warn about unintended use of identical expressions in operators- .. code-block:: cpp @@ -1318,9 +1490,11 @@ } } -alpha.core.PointerArithm (C) +.. _alpha-core-PointerArithm: + +alpha-core-PointerArithm (C) """""""""""""""""""""""""""" -Check for pointer arithmetic on locations other than array elements. +Check for pointer arithmetic on locations other than array elements- .. code-block:: c @@ -1330,9 +1504,11 @@ p = &x + 1; // warn } -alpha.core.PointerSub (C) +.. _alpha-core-PointerSub: + +alpha-core-PointerSub (C) """"""""""""""""""""""""" -Check for pointer subtractions on two pointers pointing to different memory chunks. +Check for pointer subtractions on two pointers pointing to different memory chunks- .. code-block:: c @@ -1341,9 +1517,11 @@ int d = &y - &x; // warn } -alpha.core.SizeofPtr (C) +.. _alpha-core-SizeofPtr: + +alpha-core-SizeofPtr (C) """""""""""""""""""""""" -Warn about unintended use of ``sizeof()`` on pointer expressions. +Warn about unintended use of ``sizeof()`` on pointer expressions- .. code-block:: c @@ -1354,10 +1532,12 @@ // warn: sizeof(ptr) can produce an unexpected result } -alpha.core.StackAddressAsyncEscape (C) +.. _alpha-core-StackAddressAsyncEscape: + +alpha-core-StackAddressAsyncEscape (C) """""""""""""""""""""""""""""""""""""" -Check that addresses to stack memory do not escape the function that involves dispatch_after or dispatch_async. -This checker is a part of ``core.StackAddressEscape``, but is temporarily disabled until some false positives are fixed. +Check that addresses to stack memory do not escape the function that involves dispatch_after or dispatch_async- +This checker is a part of ``core-StackAddressEscape``, but is temporarily disabled until some false positives are fixed- .. code-block:: c @@ -1376,10 +1556,12 @@ // returned block } -alpha.core.TestAfterDivZero (C) +.. _alpha-core-TestAfterDivZero: + +alpha-core-TestAfterDivZero (C) """"""""""""""""""""""""""""""" -Check for division by variable that is later compared against 0. -Either the comparison is useless or there is division by zero. +Check for division by variable that is later compared against 0- +Either the comparison is useless or there is division by zero- .. code-block:: c @@ -1388,12 +1570,14 @@ if (x == 0) { } // warn } -alpha.cplusplus +alpha-cplusplus ^^^^^^^^^^^^^^^ -alpha.cplusplus.DeleteWithNonVirtualDtor (C++) +.. _alpha-cplusplus-DeleteWithNonVirtualDtor: + +alpha-cplusplus-DeleteWithNonVirtualDtor (C++) """""""""""""""""""""""""""""""""""""""""""""" -Reports destructions of polymorphic objects with a non-virtual destructor in their base class. +Reports destructions of polymorphic objects with a non-virtual destructor in their base class- .. code-block:: cpp @@ -1408,9 +1592,11 @@ // destructor } -alpha.cplusplus.EnumCastOutOfRange (C++) +.. _alpha-cplusplus-EnumCastOutOfRange: + +alpha-cplusplus-EnumCastOutOfRange (C++) """""""""""""""""""""""""""""""""""""""" -Check for integer to enumeration casts that could result in undefined values. +Check for integer to enumeration casts that could result in undefined values- .. code-block:: cpp @@ -1423,56 +1609,64 @@ // warn: the value provided to the cast expression is not in the valid range of values for the enum -alpha.cplusplus.InvalidatedIterator (C++) +.. _alpha-cplusplus-InvalidatedIterator: + +alpha-cplusplus-InvalidatedIterator (C++) """"""""""""""""""""""""""""""""""""""""" -Check for use of invalidated iterators. +Check for use of invalidated iterators- .. code-block:: cpp void bad_copy_assign_operator_list1(std::list &L1, const std::list &L2) { - auto i0 = L1.cbegin(); + auto i0 = L1-cbegin(); L1 = L2; *i0; // warn: invalidated iterator accessed } -alpha.cplusplus.IteratorRange (C++) +.. _alpha-cplusplus-IteratorRange: + +alpha-cplusplus-IteratorRange (C++) """"""""""""""""""""""""""""""""""" -Check for iterators used outside their valid ranges. +Check for iterators used outside their valid ranges- .. code-block:: cpp void simple_bad_end(const std::vector &v) { - auto i = v.end(); + auto i = v-end(); *i; // warn: iterator accessed outside of its range } -alpha.cplusplus.MismatchedIterator (C++) +.. _alpha-cplusplus-MismatchedIterator: + +alpha-cplusplus-MismatchedIterator (C++) """""""""""""""""""""""""""""""""""""""" -Check for use of iterators of different containers where iterators of the same container are expected. +Check for use of iterators of different containers where iterators of the same container are expected- .. code-block:: cpp void bad_insert3(std::vector &v1, std::vector &v2) { - v2.insert(v1.cbegin(), v2.cbegin(), v2.cend()); // warn: container accessed + v2-insert(v1-cbegin(), v2-cbegin(), v2-cend()); // warn: container accessed // using foreign // iterator argument - v1.insert(v1.cbegin(), v1.cbegin(), v2.cend()); // warn: iterators of + v1-insert(v1-cbegin(), v1-cbegin(), v2-cend()); // warn: iterators of // different containers // used where the same // container is // expected - v1.insert(v1.cbegin(), v2.cbegin(), v1.cend()); // warn: iterators of + v1-insert(v1-cbegin(), v2-cbegin(), v1-cend()); // warn: iterators of // different containers // used where the same // container is // expected } -alpha.cplusplus.MisusedMovedObject (C++) +.. _alpha-cplusplus-MisusedMovedObject: + +alpha-cplusplus-MisusedMovedObject (C++) """""""""""""""""""""""""""""""""""""""" -Method calls on a moved-from object and copying a moved-from object will be reported. +Method calls on a moved-from object and copying a moved-from object will be reported- .. code-block:: cpp @@ -1484,14 +1678,16 @@ void f() { A a; A b = std::move(a); // note: 'a' became 'moved-from' here - a.foo(); // warn: method call on a 'moved-from' object 'a' + a-foo(); // warn: method call on a 'moved-from' object 'a' } -alpha.deadcode +alpha-deadcode ^^^^^^^^^^^^^^ -alpha.deadcode.UnreachableCode (C, C++) +.. _alpha-deadcode-UnreachableCode: + +alpha-deadcode-UnreachableCode (C, C++) """"""""""""""""""""""""""""""""""""""" -Check unreachable code. +Check unreachable code- .. code-block:: cpp @@ -1519,24 +1715,28 @@ [x retain]; // warn } -alpha.llvm +alpha-llvm ^^^^^^^^^^ -alpha.llvm.Conventions +.. _alpha-llvm-Conventions: + +alpha-llvm-Conventions """""""""""""""""""""" Check code for LLVM codebase conventions: -* A StringRef should not be bound to a temporary std::string whose lifetime is shorter than the StringRef's. -* Clang AST nodes should not have fields that can allocate memory. +* A StringRef should not be bound to a temporary std::string whose lifetime is shorter than the StringRef's- +* Clang AST nodes should not have fields that can allocate memory- -alpha.osx +alpha-osx ^^^^^^^^^ -alpha.osx.cocoa.DirectIvarAssignment (ObjC) +.. _alpha-osx-cocoa-DirectIvarAssignment: + +alpha-osx-cocoa-DirectIvarAssignment (ObjC) """"""""""""""""""""""""""""""""""""""""""" -Check for direct assignments to instance variables. +Check for direct assignments to instance variables- .. code-block:: objc @@ -1552,10 +1752,12 @@ } @end -alpha.osx.cocoa.DirectIvarAssignmentForAnnotatedFunctions (ObjC) +.. _alpha-osx-cocoa-DirectIvarAssignmentForAnnotatedFunctions: + +alpha-osx-cocoa-DirectIvarAssignmentForAnnotatedFunctions (ObjC) """""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" Check for direct assignments to instance variables in -the methods annotated with ``objc_no_direct_instance_variable_assignment``. +the methods annotated with ``objc_no_direct_instance_variable_assignment``- .. code-block:: objc @@ -1576,10 +1778,12 @@ @end -alpha.osx.cocoa.InstanceVariableInvalidation (ObjC) +.. _alpha-osx-cocoa-InstanceVariableInvalidation: + +alpha-osx-cocoa-InstanceVariableInvalidation (ObjC) """"""""""""""""""""""""""""""""""""""""""""""""""" Check that the invalidatable instance variables are -invalidated in the methods annotated with objc_instance_variable_invalidator. +invalidated in the methods annotated with objc_instance_variable_invalidator- .. code-block:: objc @@ -1602,9 +1806,11 @@ @end // warn: var needs to be invalidated or set to nil -alpha.osx.cocoa.MissingInvalidationMethod (ObjC) +.. _alpha-osx-cocoa-MissingInvalidationMethod: + +alpha-osx-cocoa-MissingInvalidationMethod (ObjC) """""""""""""""""""""""""""""""""""""""""""""""" -Check that the invalidation methods are present in classes that contain invalidatable instance variables. +Check that the invalidation methods are present in classes that contain invalidatable instance variables- .. code-block:: objc @@ -1624,33 +1830,37 @@ @implementation MissingInvalidationMethodDecl @end -alpha.osx.cocoa.localizability.PluralMisuseChecker (ObjC) +.. _alpha-osx-cocoa-localizability-PluralMisuseChecker: + +alpha-osx-cocoa-localizability-PluralMisuseChecker (ObjC) """"""""""""""""""""""""""""""""""""""""""""""""""""""""" -Warns against using one vs. many plural pattern in code when generating localized strings. +Warns against using one vs- many plural pattern in code when generating localized strings- .. code-block:: objc NSString *reminderText = NSLocalizedString(@"None", @"Indicates no reminders"); if (reminderCount == 1) { - // Warning: Plural cases are not supported across all languages. - // Use a .stringsdict file instead + // Warning: Plural cases are not supported across all languages- + // Use a -stringsdict file instead reminderText = NSLocalizedString(@"1 Reminder", @"Indicates single reminder"); } else if (reminderCount >= 2) { - // Warning: Plural cases are not supported across all languages. - // Use a .stringsdict file instead + // Warning: Plural cases are not supported across all languages- + // Use a -stringsdict file instead reminderText = [NSString stringWithFormat: NSLocalizedString(@"%@ Reminders", @"Indicates multiple reminders"), reminderCount]; } -alpha.security +alpha-security ^^^^^^^^^^^^^^ -alpha.security.ArrayBound (C) +.. _alpha-security-ArrayBound: + +alpha-security-ArrayBound (C) """"""""""""""""""""""""""""" -Warn about buffer overflows (older checker). +Warn about buffer overflows (older checker)- .. code-block:: c @@ -1671,8 +1881,8 @@ p[2] = a; // warn } - // note: requires unix.Malloc or - // alpha.unix.MallocWithAnnotations checks enabled. + // note: requires unix-Malloc or + // alpha-unix-MallocWithAnnotations checks enabled- void test() { int *p = malloc(12); p[3] = 4; // warn @@ -1684,9 +1894,11 @@ b[1] = 3; // warn } -alpha.security.ArrayBoundV2 (C) +.. _alpha-security-ArrayBoundV2: + +alpha-security-ArrayBoundV2 (C) """"""""""""""""""""""""""""""" -Warn about buffer overflows (newer checker). +Warn about buffer overflows (newer checker)- .. code-block:: c @@ -1702,23 +1914,25 @@ p[1] = 1; // warn } - // note: compiler has internal check for this. - // Use -Wno-array-bounds to suppress compiler warning. + // note: compiler has internal check for this- + // Use -Wno-array-bounds to suppress compiler warning- void test() { int buf[100][100]; buf[0][-1] = 1; // warn } - // note: requires alpha.security.taint check turned on. + // note: requires alpha-security-taint check turned on- void test() { char s[] = "abc"; int x = getchar(); char c = s[x]; // warn: index is tainted } -alpha.security.MallocOverflow (C) +.. _alpha-security-MallocOverflow: + +alpha-security-MallocOverflow (C) """"""""""""""""""""""""""""""""" -Check for overflows in the arguments to malloc(). +Check for overflows in the arguments to malloc()- .. code-block:: c @@ -1726,23 +1940,27 @@ void *p = malloc(n * sizeof(int)); // warn } -alpha.security.MmapWriteExec (C) +.. _alpha-security-MmapWriteExec: + +alpha-security-MmapWriteExec (C) """""""""""""""""""""""""""""""" -Warn on mmap() calls that are both writable and executable. +Warn on mmap() calls that are both writable and executable- .. code-block:: c void test(int n) { void *c = mmap(NULL, 32, PROT_READ | PROT_WRITE | PROT_EXEC, MAP_PRIVATE | MAP_ANON, -1, 0); - // warn: Both PROT_WRITE and PROT_EXEC flags are set. This can lead to + // warn: Both PROT_WRITE and PROT_EXEC flags are set- This can lead to // exploitable memory regions, which could be overwritten with malicious // code } -alpha.security.ReturnPtrRange (C) +.. _alpha-security-ReturnPtrRange: + +alpha-security-ReturnPtrRange (C) """"""""""""""""""""""""""""""""" -Check for an out-of-bound pointer being returned to callers. +Check for an out-of-bound pointer being returned to callers- .. code-block:: c @@ -1758,10 +1976,12 @@ return x; // warn: undefined or garbage returned } -alpha.security.taint.TaintPropagation (C, C++) +.. _alpha-security-taint-TaintPropagation: + +alpha-security-taint-TaintPropagation (C, C++) """""""""""""""""""""""""""""""""""""""""""""" -Generate taint information used by other checkers. -A data is tainted when it comes from an unreliable source. +Generate taint information used by other checkers- +A data is tainted when it comes from an unreliable source- .. code-block:: c @@ -1771,8 +1991,8 @@ } // note: compiler internally checks if the second param to - // sprintf is a string literal or not. - // Use -Wno-format-security to suppress compiler warning. + // sprintf is a string literal or not- + // Use -Wno-format-security to suppress compiler warning- void test() { char s[10], buf[10]; fscanf(stdin, "%s", s); // 's' marked as tainted @@ -1787,12 +2007,14 @@ // warn: untrusted data as buffer size } -alpha.unix +alpha-unix ^^^^^^^^^^^ -alpha.unix.BlockInCriticalSection (C) +.. _alpha-unix-BlockInCriticalSection: + +alpha-unix-BlockInCriticalSection (C) """"""""""""""""""""""""""""""""""""" -Check for calls to blocking functions inside a critical section. +Check for calls to blocking functions inside a critical section- Applies to: ``lock, unlock, sleep, getc, fgets, read, recv, pthread_mutex_lock,`` `` pthread_mutex_unlock, mtx_lock, mtx_timedlock, mtx_trylock, mtx_unlock, lock_guard, unique_lock`` @@ -1800,15 +2022,17 @@ void test() { std::mutex m; - m.lock(); + m-lock(); sleep(3); // warn: a blocking function sleep is called inside a critical // section - m.unlock(); + m-unlock(); } -alpha.unix.Chroot (C) +.. _alpha-unix-Chroot: + +alpha-unix-Chroot (C) """"""""""""""""""""" -Check improper use of chroot. +Check improper use of chroot- .. code-block:: c @@ -1819,12 +2043,14 @@ f(); // warn: no call of chdir("/") immediately after chroot } -alpha.unix.PthreadLock (C) +.. _alpha-unix-PthreadLock: + +alpha-unix-PthreadLock (C) """""""""""""""""""""""""" -Simple lock -> unlock checker. +Simple lock -> unlock checker- Applies to: ``pthread_mutex_lock, pthread_rwlock_rdlock, pthread_rwlock_wrlock, lck_mtx_lock, lck_rw_lock_exclusive`` ``lck_rw_lock_shared, pthread_mutex_trylock, pthread_rwlock_tryrdlock, pthread_rwlock_tryrwlock, lck_mtx_try_lock, -lck_rw_try_lock_exclusive, lck_rw_try_lock_shared, pthread_mutex_unlock, pthread_rwlock_unlock, lck_mtx_unlock, lck_rw_done``. +lck_rw_try_lock_exclusive, lck_rw_try_lock_shared, pthread_mutex_unlock, pthread_rwlock_unlock, lck_mtx_unlock, lck_rw_done``- .. code-block:: c @@ -1857,21 +2083,23 @@ // warn: this was not the most recently acquired lock } -alpha.unix.SimpleStream (C) +.. _alpha-unix-SimpleStream: + +alpha-unix-SimpleStream (C) """"""""""""""""""""""""""" -Check for misuses of stream APIs. Check for misuses of stream APIs: ``fopen, fclose`` -(demo checker, the subject of the demo (`Slides `_ , -`Video `_) by Anna Zaks and Jordan Rose presented at the -`2012 LLVM Developers' Meeting `_). +Check for misuses of stream APIs- Check for misuses of stream APIs: ``fopen, fclose`` +(demo checker, the subject of the demo (`Slides `_ , +`Video `_) by Anna Zaks and Jordan Rose presented at the +`2012 LLVM Developers' Meeting `_)- .. code-block:: c void test() { - FILE *F = fopen("myfile.txt", "w"); + FILE *F = fopen("myfile-txt", "w"); } // warn: opened file is never closed void test() { - FILE *F = fopen("myfile.txt", "w"); + FILE *F = fopen("myfile-txt", "w"); if (F) fclose(F); @@ -1879,10 +2107,12 @@ fclose(F); // warn: closing a previously closed file stream } -alpha.unix.Stream (C) +.. _alpha-unix-Stream: + +alpha-unix-Stream (C) """"""""""""""""""""" Check stream handling functions: ``fopen, tmpfile, fclose, fread, fwrite, fseek, ftell, rewind, fgetpos,`` -``fsetpos, clearerr, feof, ferror, fileno``. +``fsetpos, clearerr, feof, ferror, fileno``- .. code-block:: c @@ -1919,9 +2149,11 @@ } -alpha.unix.cstring.BufferOverlap (C) +.. _alpha-unix-cstring-BufferOverlap: + +alpha-unix-cstring-BufferOverlap (C) """""""""""""""""""""""""""""""""""" -Checks for overlap in two buffer arguments. Applies to: ``memcpy, mempcpy``. +Checks for overlap in two buffer arguments- Applies to: ``memcpy, mempcpy``- .. code-block:: c @@ -1930,9 +2162,11 @@ memcpy(a + 2, a + 1, 8); // warn } -alpha.unix.cstring.NotNullTerminated (C) +.. _alpha-unix-cstring-NotNullTerminated: + +alpha-unix-cstring-NotNullTerminated (C) """""""""""""""""""""""""""""""""""""""" -Check for arguments which are not null-terminated strings; applies to: ``strlen, strnlen, strcpy, strncpy, strcat, strncat``. +Check for arguments which are not null-terminated strings; applies to: ``strlen, strnlen, strcpy, strncpy, strcat, strncat``- .. code-block:: c @@ -1940,9 +2174,11 @@ int y = strlen((char *)&test); // warn } -alpha.unix.cstring.OutOfBounds (C) +.. _alpha-unix-cstring-OutOfBounds: + +alpha-unix-cstring-OutOfBounds (C) """""""""""""""""""""""""""""""""" -Check for out-of-bounds access in string functions; applies to:`` strncopy, strncat``. +Check for out-of-bounds access in string functions; applies to:`` strncopy, strncat``- .. code-block:: c @@ -1951,9 +2187,11 @@ int y = strlen((char *)&test); // warn } -alpha.nondeterminism.PointerIteration (C++) +.. _alpha-nondeterminism-PointerIteration: + +alpha-nondeterminism-PointerIteration (C++) """"""""""""""""""""""""""""""""""""""""""" -Check for non-determinism caused by iterating unordered containers of pointers. +Check for non-determinism caused by iterating unordered containers of pointers- .. code-block:: c @@ -1965,16 +2203,18 @@ f(i); } -alpha.nondeterminism.PointerSorting (C++) +.. _alpha-nondeterminism-PointerSorting: + +alpha-nondeterminism-PointerSorting (C++) """"""""""""""""""""""""""""""""""""""""" -Check for non-determinism caused by sorting of pointers. +Check for non-determinism caused by sorting of pointers- .. code-block:: c void test() { int a = 1, b = 2; std::vector V = {&a, &b}; - std::sort(V.begin(), V.end()); // warn + std::sort(V-begin(), V-end()); // warn } @@ -1987,62 +2227,90 @@ debug ^^^^^ -Checkers used for debugging the analyzer. -:doc:`developer-docs/DebugChecks` page contains a detailed description. +Checkers used for debugging the analyzer- +:doc:`developer-docs/DebugChecks` page contains a detailed description- -debug.AnalysisOrder +.. _debug-AnalysisOrder: + +debug-AnalysisOrder """"""""""""""""""" -Print callbacks that are called during analysis in order. +Print callbacks that are called during analysis in order- + +.. _debug-ConfigDumper: -debug.ConfigDumper +debug-ConfigDumper """""""""""""""""" -Dump config table. +Dump config table- -debug.DumpCFG Display +.. _debug-DumpCFG Display: + +debug-DumpCFG Display """"""""""""""""""""" -Control-Flow Graphs. +Control-Flow Graphs- + +.. _debug-DumpCallGraph: -debug.DumpCallGraph +debug-DumpCallGraph """"""""""""""""""" -Display Call Graph. +Display Call Graph- -debug.DumpCalls +.. _debug-DumpCalls: + +debug-DumpCalls """"""""""""""" -Print calls as they are traversed by the engine. +Print calls as they are traversed by the engine- + +.. _debug-DumpDominators: -debug.DumpDominators +debug-DumpDominators """""""""""""""""""" -Print the dominance tree for a given CFG. +Print the dominance tree for a given CFG- -debug.DumpLiveVars +.. _debug-DumpLiveVars: + +debug-DumpLiveVars """""""""""""""""" -Print results of live variable analysis. +Print results of live variable analysis- + +.. _debug-DumpTraversal: -debug.DumpTraversal +debug-DumpTraversal """"""""""""""""""" -Print branch conditions as they are traversed by the engine. +Print branch conditions as they are traversed by the engine- -debug.ExprInspection +.. _debug-ExprInspection: + +debug-ExprInspection """""""""""""""""""" -Check the analyzer's understanding of expressions. +Check the analyzer's understanding of expressions- + +.. _debug-Stats: -debug.Stats +debug-Stats """"""""""" -Emit warnings with analyzer statistics. +Emit warnings with analyzer statistics- -debug.TaintTest +.. _debug-TaintTest: + +debug-TaintTest """"""""""""""" -Mark tainted symbols as such. +Mark tainted symbols as such- + +.. _debug-ViewCFG: -debug.ViewCFG +debug-ViewCFG """"""""""""" -View Control-Flow Graphs using GraphViz. +View Control-Flow Graphs using GraphViz- -debug.ViewCallGraph +.. _debug-ViewCallGraph: + +debug-ViewCallGraph """"""""""""""""""" -View Call Graph using GraphViz. +View Call Graph using GraphViz- + +.. _debug-ViewExplodedGraph: -debug.ViewExplodedGraph +debug-ViewExplodedGraph """"""""""""""""""""""" -View Exploded Graphs using GraphViz. +View Exploded Graphs using GraphViz-