@@ -443,6 +443,426 @@ AST_MATCHER(ArraySubscriptExpr, isSafeArraySubscript) {
return false;
}
+AST_MATCHER_P(CallExpr, hasNumArgs, unsigned, Num) {
+ return Node.getNumArgs() == Num;
+}
+
+namespace libc_func_matchers {
+// Under `libc_func_matchers`, define a set of matche
haoNoQ wrote:
`-Wunsafe-buffer-usage` is theoretically possible to use in C but it involves a
lot of `#pragma clang unsafe_buffer_usage` to annotate and encapsulate every
unsafe buffer operation. So it's impractical but we aren't disabling it because
that'd be an unnecessary restriction and it
mikaelholmen wrote:
> > Btw a question about the new warning: So with
> > -Wunsafe-buffer-usage-in-libc-call clang now warns on the following?
> > ```
> > #include
> >
> > void foo(void) {
> > char q[10];
> > snprintf(q, 10, "%s", "hello");
> > }
> > ```
> >
> >
> >
> >
> >
bjope wrote:
> > Is that as expected? If so, how should snprintf be used to avoid the
> > warning?
>
> Yes, this is expected. According to the C++ Safe Buffers programming model,
> buffer pointers should be changed to std::span.
But this new warning is given also when compiling C code. As in
ziqingluo-90 wrote:
> Btw a question about the new warning: So with
> -Wunsafe-buffer-usage-in-libc-call clang now warns on the following?
>
> ```
> #include
>
> void foo(void) {
> char q[10];
> snprintf(q, 10, "%s", "hello");
> }
> ```
>
> It says
>
> ```
> foo.c:5:3: warning: function
ziqingluo-90 wrote:
> > We're seeing a crash with this patch when compiling with -Weverything.
> > ```
> > clang: ../../clang/include/clang/AST/Expr.h:3026: const clang::Expr
> > *clang::CallExpr::getArg(unsigned int) const: Assertion `Arg < getNumArgs()
> > && "Arg access out of range!"' faile
mikaelholmen wrote:
Btw a question about the new warning: So with
-Wunsafe-buffer-usage-in-libc-call clang now warns on the following?
```
#include
void foo(void) {
char q[10];
snprintf(q, 10, "%s", "hello");
}
```
It says
```
foo.c:5:3: warning: function 'snprintf' is unsafe
[-Wunsafe-bu
mikaelholmen wrote:
> We're seeing a crash with this patch when compiling with -Weverything.
>
> ```
> clang: ../../clang/include/clang/AST/Expr.h:3026: const clang::Expr
> *clang::CallExpr::getArg(unsigned int) const: Assertion `Arg < getNumArgs()
> && "Arg access out of range!"' failed.
> ``
mikaelholmen wrote:
We're seeing a crash with this patch when compiling with -Weverything.
```
clang: ../../clang/include/clang/AST/Expr.h:3026: const clang::Expr
*clang::CallExpr::getArg(unsigned int) const: Assertion `Arg < getNumArgs() &&
"Arg access out of range!"' failed.
```
I'm working o
ziqingluo-90 wrote:
> There needs to be a flag to opt out of this to not break everybody who is
> currently using unsafe-buffer-usage. #105383 seems to do that, but it really
> should be in this same PR. Can this be reverted and relanded with the flag?
@aeubanks you should be able to suppress
ziqingluo-90 wrote:
> There needs to be a flag to opt out of this to not break everybody who is
> currently using unsafe-buffer-usage. #105383 seems to do that, but it really
> should be in this same PR. Can this be reverted and relanded with the flag?
ok, will do
https://github.com/llvm/llvm
aeubanks wrote:
There needs to be a flag to opt out of this to not break everybody who is
currently using unsafe-buffer-usage. #105383 seems to do that, but it really
should be in this same PR. Can this be reverted and relanded with the flag?
https://github.com/llvm/llvm-project/pull/101583
__
https://github.com/ziqingluo-90 closed
https://github.com/llvm/llvm-project/pull/101583
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/ziqingluo-90 edited
https://github.com/llvm/llvm-project/pull/101583
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/jkorous-apple edited
https://github.com/llvm/llvm-project/pull/101583
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
@@ -0,0 +1,106 @@
+// RUN: %clang_cc1 -std=c++20 -Wno-all -Wunsafe-buffer-usage \
+// RUN:-verify %s
+
+typedef struct {} FILE;
+void memcpy();
+void __asan_memcpy();
+void strcpy();
+void strcpy_s();
+void wcscpy_s();
+unsigned strlen( const char* str );
+int fprintf(
https://github.com/jkorous-apple commented:
Commenting on the tests as there are specific examples.
https://github.com/llvm/llvm-project/pull/101583
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo
@@ -0,0 +1,106 @@
+// RUN: %clang_cc1 -std=c++20 -Wno-all -Wunsafe-buffer-usage \
+// RUN:-verify %s
+
+typedef struct {} FILE;
+void memcpy();
+void __asan_memcpy();
+void strcpy();
+void strcpy_s();
+void wcscpy_s();
+unsigned strlen( const char* str );
+int fprintf(
@@ -0,0 +1,106 @@
+// RUN: %clang_cc1 -std=c++20 -Wno-all -Wunsafe-buffer-usage \
+// RUN:-verify %s
+
+typedef struct {} FILE;
+void memcpy();
+void __asan_memcpy();
+void strcpy();
+void strcpy_s();
+void wcscpy_s();
+unsigned strlen( const char* str );
+int fprintf(
https://github.com/jkorous-apple edited
https://github.com/llvm/llvm-project/pull/101583
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
@@ -443,6 +443,426 @@ AST_MATCHER(ArraySubscriptExpr, isSafeArraySubscript) {
return false;
}
+AST_MATCHER_P(CallExpr, hasNumArgs, unsigned, Num) {
+ return Node.getNumArgs() == Num;
+}
+
+namespace libc_func_matchers {
+// Under `libc_func_matchers`, define a set of matche
https://github.com/haoNoQ edited
https://github.com/llvm/llvm-project/pull/101583
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/haoNoQ approved this pull request.
I think this is good to go, LGTM!!
https://github.com/llvm/llvm-project/pull/101583
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commit
https://github.com/ziqingluo-90 updated
https://github.com/llvm/llvm-project/pull/101583
>From cce5781733a7c294f10dc75f48372ff6ee331239 Mon Sep 17 00:00:00 2001
From: Ziqing Luo
Date: Thu, 1 Aug 2024 16:36:27 -0700
Subject: [PATCH 1/5] [-Wunsafe-buffer-usage] Add warn on unsafe calls to libc
f
https://github.com/ziqingluo-90 edited
https://github.com/llvm/llvm-project/pull/101583
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
@@ -12383,6 +12383,13 @@ def warn_unsafe_buffer_operation : Warning<
"%select{unsafe pointer operation|unsafe pointer arithmetic|"
"unsafe buffer access|function introduces unsafe buffer manipulation|unsafe
invocation of span::data}0">,
InGroup, DefaultIgnore;
+def warn_
ziqingluo-90 wrote:
Addressed comments.
https://github.com/llvm/llvm-project/pull/101583
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/ziqingluo-90 updated
https://github.com/llvm/llvm-project/pull/101583
>From cce5781733a7c294f10dc75f48372ff6ee331239 Mon Sep 17 00:00:00 2001
From: Ziqing Luo
Date: Thu, 1 Aug 2024 16:36:27 -0700
Subject: [PATCH 1/4] [-Wunsafe-buffer-usage] Add warn on unsafe calls to libc
f
@@ -0,0 +1,101 @@
+// RUN: %clang_cc1 -std=c++20 -Wno-all -Wunsafe-buffer-usage \
+// RUN:-verify %s
+
+typedef struct {} FILE;
+void memcpy();
+void __asan_memcpy();
+void strcpy();
+void strcpy_s();
+void wcscpy_s();
+unsigned strlen( const char* str );
+int fprintf(
@@ -12383,6 +12383,13 @@ def warn_unsafe_buffer_operation : Warning<
"%select{unsafe pointer operation|unsafe pointer arithmetic|"
"unsafe buffer access|function introduces unsafe buffer manipulation|unsafe
invocation of span::data}0">,
InGroup, DefaultIgnore;
+def warn_
@@ -443,6 +449,396 @@ AST_MATCHER(ArraySubscriptExpr, isSafeArraySubscript) {
return false;
}
+AST_MATCHER_P(CallExpr, hasNumArgs, unsigned, Num) {
+ return Node.getNumArgs() == Num;
+}
+
+namespace libc_func_matchers {
+// Under `libc_func_matchers`, define a set of matche
@@ -1025,6 +1421,92 @@ class DataInvocationGadget : public WarningGadget {
DeclUseList getClaimedVarUseSites() const override { return {}; }
};
+class UnsafeLibcFunctionCallGadget : public WarningGadget {
+ const CallExpr *const Call;
+ constexpr static const char *const T
@@ -12383,6 +12383,13 @@ def warn_unsafe_buffer_operation : Warning<
"%select{unsafe pointer operation|unsafe pointer arithmetic|"
"unsafe buffer access|function introduces unsafe buffer manipulation|unsafe
invocation of span::data}0">,
InGroup, DefaultIgnore;
+def warn_
@@ -2256,6 +2256,17 @@ class UnsafeBufferUsageReporter : public
UnsafeBufferUsageHandler {
Range = UO->getSubExpr()->getSourceRange();
MsgParam = 1;
}
+} else if (const auto *CtorExpr = dyn_cast(Operation)) {
+ if (CtorExpr->getConstructor()->get
@@ -12383,6 +12383,13 @@ def warn_unsafe_buffer_operation : Warning<
"%select{unsafe pointer operation|unsafe pointer arithmetic|"
"unsafe buffer access|function introduces unsafe buffer manipulation|unsafe
invocation of span::data}0">,
InGroup, DefaultIgnore;
+def warn_
@@ -0,0 +1,101 @@
+// RUN: %clang_cc1 -std=c++20 -Wno-all -Wunsafe-buffer-usage \
+// RUN:-verify %s
+
+typedef struct {} FILE;
+void memcpy();
+void __asan_memcpy();
+void strcpy();
+void strcpy_s();
+void wcscpy_s();
+unsigned strlen( const char* str );
+int fprintf(
@@ -0,0 +1,101 @@
+// RUN: %clang_cc1 -std=c++20 -Wno-all -Wunsafe-buffer-usage \
+// RUN:-verify %s
+
+typedef struct {} FILE;
+void memcpy();
+void __asan_memcpy();
+void strcpy();
+void strcpy_s();
+void wcscpy_s();
+unsigned strlen( const char* str );
+int fprintf(
@@ -443,6 +448,368 @@ AST_MATCHER(ArraySubscriptExpr, isSafeArraySubscript) {
return false;
}
+namespace libc_fun_disjoint_inner_matchers {
+// `libc_fun_disjoint_inner_matchers` covers a set of matchers that match
+// disjoint node sets. They all take a `CoreName`, which
@@ -0,0 +1,101 @@
+// RUN: %clang_cc1 -std=c++20 -Wno-all -Wunsafe-buffer-usage \
+// RUN:-verify %s
+
+typedef struct {} FILE;
+void memcpy();
+void __asan_memcpy();
+void strcpy();
+void strcpy_s();
+void wcscpy_s();
+unsigned strlen( const char* str );
+int fprintf(
@@ -443,6 +449,396 @@ AST_MATCHER(ArraySubscriptExpr, isSafeArraySubscript) {
return false;
}
+AST_MATCHER_P(CallExpr, hasNumArgs, unsigned, Num) {
+ return Node.getNumArgs() == Num;
+}
+
+namespace libc_func_matchers {
+// Under `libc_func_matchers`, define a set of matche
https://github.com/haoNoQ commented:
Mostly LGTM! I don't have major concerns.
https://github.com/llvm/llvm-project/pull/101583
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
@@ -12383,6 +12383,13 @@ def warn_unsafe_buffer_operation : Warning<
"%select{unsafe pointer operation|unsafe pointer arithmetic|"
"unsafe buffer access|function introduces unsafe buffer manipulation|unsafe
invocation of span::data}0">,
InGroup, DefaultIgnore;
+def warn_
@@ -12383,6 +12383,13 @@ def warn_unsafe_buffer_operation : Warning<
"%select{unsafe pointer operation|unsafe pointer arithmetic|"
"unsafe buffer access|function introduces unsafe buffer manipulation|unsafe
invocation of span::data}0">,
InGroup, DefaultIgnore;
+def warn_
@@ -1025,6 +1421,92 @@ class DataInvocationGadget : public WarningGadget {
DeclUseList getClaimedVarUseSites() const override { return {}; }
};
+class UnsafeLibcFunctionCallGadget : public WarningGadget {
+ const CallExpr *const Call;
+ constexpr static const char *const T
@@ -443,6 +449,396 @@ AST_MATCHER(ArraySubscriptExpr, isSafeArraySubscript) {
return false;
}
+AST_MATCHER_P(CallExpr, hasNumArgs, unsigned, Num) {
+ return Node.getNumArgs() == Num;
+}
+
+namespace libc_func_matchers {
+// Under `libc_func_matchers`, define a set of matche
https://github.com/haoNoQ edited
https://github.com/llvm/llvm-project/pull/101583
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/ziqingluo-90 updated
https://github.com/llvm/llvm-project/pull/101583
>From cce5781733a7c294f10dc75f48372ff6ee331239 Mon Sep 17 00:00:00 2001
From: Ziqing Luo
Date: Thu, 1 Aug 2024 16:36:27 -0700
Subject: [PATCH 1/3] [-Wunsafe-buffer-usage] Add warn on unsafe calls to libc
f
@@ -443,6 +448,368 @@ AST_MATCHER(ArraySubscriptExpr, isSafeArraySubscript) {
return false;
}
+namespace libc_fun_disjoint_inner_matchers {
+// `libc_fun_disjoint_inner_matchers` covers a set of matchers that match
+// disjoint node sets. They all take a `CoreName`, which
@@ -443,6 +448,368 @@ AST_MATCHER(ArraySubscriptExpr, isSafeArraySubscript) {
return false;
}
+namespace libc_fun_disjoint_inner_matchers {
+// `libc_fun_disjoint_inner_matchers` covers a set of matchers that match
+// disjoint node sets. They all take a `CoreName`, which
@@ -443,6 +448,368 @@ AST_MATCHER(ArraySubscriptExpr, isSafeArraySubscript) {
return false;
}
+namespace libc_fun_disjoint_inner_matchers {
+// `libc_fun_disjoint_inner_matchers` covers a set of matchers that match
+// disjoint node sets. They all take a `CoreName`, which
@@ -483,6 +483,34 @@ bool
clang::analyze_format_string::ParseFormatStringHasSArg(const char *I,
return false;
}
+unsigned clang::analyze_format_string::ParseFormatStringFirstSArgIndex(
+const char *&I, const char *E, unsigned ArgIndex, const LangOptions &LO,
+const
@@ -783,6 +783,18 @@ bool ParsePrintfString(FormatStringHandler &H,
bool ParseFormatStringHasSArg(const char *beg, const char *end,
const LangOptions &LO, const TargetInfo &Target);
+/// Parse C format string and return index (relative to `ArgInde
@@ -443,6 +448,368 @@ AST_MATCHER(ArraySubscriptExpr, isSafeArraySubscript) {
return false;
}
+namespace libc_fun_disjoint_inner_matchers {
+// `libc_fun_disjoint_inner_matchers` covers a set of matchers that match
+// disjoint node sets. They all take a `CoreName`, which
@@ -2292,6 +2292,18 @@ class UnsafeBufferUsageReporter : public
UnsafeBufferUsageHandler {
}
}
+ void handleUnsafeLibcCall(const CallExpr *Call, unsigned PrintfInfo,
+ASTContext &Ctx) override {
+// We have checked that there is a direct
https://github.com/ziqingluo-90 updated
https://github.com/llvm/llvm-project/pull/101583
>From cce5781733a7c294f10dc75f48372ff6ee331239 Mon Sep 17 00:00:00 2001
From: Ziqing Luo
Date: Thu, 1 Aug 2024 16:36:27 -0700
Subject: [PATCH 1/3] [-Wunsafe-buffer-usage] Add warn on unsafe calls to libc
f
@@ -443,6 +448,368 @@ AST_MATCHER(ArraySubscriptExpr, isSafeArraySubscript) {
return false;
}
+namespace libc_fun_disjoint_inner_matchers {
+// `libc_fun_disjoint_inner_matchers` covers a set of matchers that match
+// disjoint node sets. They all take a `CoreName`, which
@@ -443,6 +448,368 @@ AST_MATCHER(ArraySubscriptExpr, isSafeArraySubscript) {
return false;
}
+namespace libc_fun_disjoint_inner_matchers {
+// `libc_fun_disjoint_inner_matchers` covers a set of matchers that match
+// disjoint node sets. They all take a `CoreName`, which
https://github.com/haoNoQ edited
https://github.com/llvm/llvm-project/pull/101583
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
58 matches
Mail list logo
