mirror of
https://github.com/capstone-engine/llvm-capstone.git
synced 2025-01-13 03:12:46 +00:00
350da402ef
Summary: This check searches for signed char -> integer conversions which might indicate programming error, because of the misinterpretation of char values. A signed char might store the non-ASCII characters as negative values. The human programmer probably expects that after an integer conversion the converted value matches with the character code (a value from [0..255]), however, the actual value is in [-128..127] interval. See also: STR34-C. Cast characters to unsigned char before converting to larger integer sizes <https://wiki.sei.cmu.edu/confluence/display/c/STR34-C.+Cast+characters+to+unsigned+char+before+converting+to+larger+integer+sizes> By now this check is limited to assignment / variable declarations. If we would catch all signed char -> integer conversion, then it would produce a lot of findings and also false positives. So I added only this use case now, but this check can be extended with additional use cases later. The CERT documentation mentions another use case when the char is used for array subscript. Next to that a third use case can be the signed char - unsigned char comparison, which also a use case where things happen unexpectedly because of conversion to integer. Reviewers: alexfh, hokein, aaron.ballman Reviewed By: aaron.ballman Subscribers: sylvestre.ledru, whisperity, Eugene.Zelenko, mgorny, xazax.hun, cfe-commits Tags: #clang, #clang-tools-extra Differential Revision: https://reviews.llvm.org/D71174
45 lines
1.8 KiB
C++
45 lines
1.8 KiB
C++
//===--- SignedCharMisuseCheck.h - clang-tidy -------------------*- C++ -*-===//
|
|
//
|
|
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
|
|
// See https://llvm.org/LICENSE.txt for license information.
|
|
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
|
|
//
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
#ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_BUGPRONE_SIGNEDCHARMISUSECHECK_H
|
|
#define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_BUGPRONE_SIGNEDCHARMISUSECHECK_H
|
|
|
|
#include "../ClangTidyCheck.h"
|
|
|
|
namespace clang {
|
|
namespace tidy {
|
|
namespace bugprone {
|
|
|
|
/// Finds ``signed char`` -> integer conversions which might indicate a programming
|
|
/// error. The basic problem with the ``signed char``, that it might store the
|
|
/// non-ASCII characters as negative values. The human programmer probably
|
|
/// expects that after an integer conversion the converted value matches with the
|
|
/// character code (a value from [0..255]), however, the actual value is in
|
|
/// [-128..127] interval. This also applies to the plain ``char`` type on
|
|
/// those implementations which represent ``char`` similar to ``signed char``.
|
|
///
|
|
/// For the user-facing documentation see:
|
|
/// http://clang.llvm.org/extra/clang-tidy/checks/bugprone-signed-char-misuse.html
|
|
class SignedCharMisuseCheck : public ClangTidyCheck {
|
|
public:
|
|
SignedCharMisuseCheck(StringRef Name, ClangTidyContext *Context);
|
|
|
|
void storeOptions(ClangTidyOptions::OptionMap &Opts) override;
|
|
void registerMatchers(ast_matchers::MatchFinder *Finder) override;
|
|
void check(const ast_matchers::MatchFinder::MatchResult &Result) override;
|
|
|
|
private:
|
|
const std::string CharTypdefsToIgnoreList;
|
|
};
|
|
|
|
} // namespace bugprone
|
|
} // namespace tidy
|
|
} // namespace clang
|
|
|
|
#endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_BUGPRONE_SIGNEDCHARMISUSECHECK_H
|