llvmbot wrote:
<!--LLVM PR SUMMARY COMMENT--> @llvm/pr-subscribers-clang-tidy @llvm/pr-subscribers-clang-tools-extra Author: Donát Nagy (NagyDonat) <details> <summary>Changes</summary> The STL function `std::get_temporary_buffer` was originally designed with the intent of providing a more efficient implementation than the general-purpose operator new, but no such implementation was created and the API was deprecated (in C++17) and removed (in C++20). As this function is difficult to use and provides no advantages, I think (or at least hope) that nobody actually uses it; but given that it was present in the official standard, I think tidy should be able to report its bugprone nature. (It returns uninitialized memory, which can cause subtle bugs, e.g. as in the last code example of the SEI CERT rule EXP54-CPP.) --- Full diff: https://github.com/llvm/llvm-project/pull/176191.diff 3 Files Affected: - (modified) clang-tools-extra/clang-tidy/bugprone/UnsafeFunctionsCheck.cpp (+7-2) - (modified) clang-tools-extra/docs/clang-tidy/checks/bugprone/unsafe-functions.rst (+1) - (added) clang-tools-extra/test/clang-tidy/checkers/bugprone/unsafe-functions.cpp (+20) ``````````diff diff --git a/clang-tools-extra/clang-tidy/bugprone/UnsafeFunctionsCheck.cpp b/clang-tools-extra/clang-tidy/bugprone/UnsafeFunctionsCheck.cpp index dc749924fb700..71f6afb2f7712 100644 --- a/clang-tools-extra/clang-tidy/bugprone/UnsafeFunctionsCheck.cpp +++ b/clang-tools-extra/clang-tidy/bugprone/UnsafeFunctionsCheck.cpp @@ -60,7 +60,8 @@ static StringRef getReplacementFor(StringRef FunctionName, .Cases({"asctime", "asctime_r"}, "strftime") .Case("gets", "fgets") .Case("rewind", "fseek") - .Case("setbuf", "setvbuf"); + .Case("setbuf", "setvbuf") + .Case("get_temporary_buffer", "operator new[]"); } static StringRef getReplacementForAdditional(StringRef FunctionName, @@ -97,6 +98,9 @@ static StringRef getRationaleFor(StringRef FunctionName) { .Cases({"rewind", "setbuf"}, "has no error detection") .Case("vfork", "is insecure as it can lead to denial of service " "situations in the parent process") + .Case("get_temporary_buffer", + "is bugprone, has no performance advantage, was deprecated in " + "C++17 and removed in C++20") .Default("is not bounds-checking"); } @@ -221,7 +225,8 @@ void UnsafeFunctionsCheck::registerMatchers(MatchFinder *Finder) { // Matching functions with replacements without Annex K. auto FunctionNamesMatcher = - hasAnyName("::asctime", "asctime_r", "::gets", "::rewind", "::setbuf"); + hasAnyName("::asctime", "asctime_r", "::gets", "::rewind", "::setbuf", + "::std::get_temporary_buffer"); Finder->addMatcher( declRefExpr( to(functionDecl(FunctionNamesMatcher).bind(FunctionNamesId))) diff --git a/clang-tools-extra/docs/clang-tidy/checks/bugprone/unsafe-functions.rst b/clang-tools-extra/docs/clang-tidy/checks/bugprone/unsafe-functions.rst index aaf7aaff4a05c..88a3c145095d3 100644 --- a/clang-tools-extra/docs/clang-tidy/checks/bugprone/unsafe-functions.rst +++ b/clang-tools-extra/docs/clang-tidy/checks/bugprone/unsafe-functions.rst @@ -48,6 +48,7 @@ availability: - ``rewind``, suggested replacement: ``fseek`` - ``setbuf``, suggested replacement: ``setvbuf`` + - ``std::get_temporary_buffer``, suggested replacement: "plain" allocation with ``operator new[]`` If :option:`ReportMoreUnsafeFunctions` is enabled, the following functions are also checked: diff --git a/clang-tools-extra/test/clang-tidy/checkers/bugprone/unsafe-functions.cpp b/clang-tools-extra/test/clang-tidy/checkers/bugprone/unsafe-functions.cpp new file mode 100644 index 0000000000000..36eda7460c104 --- /dev/null +++ b/clang-tools-extra/test/clang-tidy/checkers/bugprone/unsafe-functions.cpp @@ -0,0 +1,20 @@ +// RUN: %check_clang_tidy -std=c++17 %s bugprone-unsafe-functions %t -- + +namespace std { +template <class T1, class T2> +struct pair { + T1 first; + T2 second; +}; + +using ptrdiff_t = long long; + +template<class T> +std::pair<T*, std::ptrdiff_t> + get_temporary_buffer(std::ptrdiff_t count) noexcept; +} + +void test() { + (void)std::get_temporary_buffer<int>(64); + // CHECK-MESSAGES: :[[@LINE-1]]:9: warning: function 'get_temporary_buffer<int>' is bugprone, has no performance advantage, was deprecated in C++17 and removed in C++20; 'operator new[]' should be used instead +} `````````` </details> https://github.com/llvm/llvm-project/pull/176191 _______________________________________________ cfe-commits mailing list [email protected] https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
