subject:"\[PATCH\] D72035\: \[analyzer\]\[NFC\] Use CallEvent checker callback in GenericTaintChecker"

[PATCH] D72035: [analyzer][NFC] Use CallEvent checker callback in GenericTaintChecker

2020-04-20 Thread Balázs Benics via Phabricator via cfe-commits

steakhal marked 2 inline comments as done.
steakhal added inline comments.



Comment at: clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp:113
  const CheckerContext ) {
-  const FunctionDecl *FDecl = C.getCalleeDecl(CE);
+  assert(Call.getDecl());
+  const FunctionDecl *FDecl = Call.getDecl()->getAsFunction();

NoQ wrote:
> rG878194414107e94600de31a11be09a347fb2598b!
Nice catch! Thank you for the fix.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D72035/new/

https://reviews.llvm.org/D72035



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D72035: [analyzer][NFC] Use CallEvent checker callback in GenericTaintChecker

2020-04-20 Thread Artem Dergachev via Phabricator via cfe-commits

NoQ added inline comments.
Herald added a subscriber: ASDenysPetrov.



Comment at: clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp:113
  const CheckerContext ) {
-  const FunctionDecl *FDecl = C.getCalleeDecl(CE);
+  assert(Call.getDecl());
+  const FunctionDecl *FDecl = Call.getDecl()->getAsFunction();

rG878194414107e94600de31a11be09a347fb2598b!


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D72035/new/

https://reviews.llvm.org/D72035



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D72035: [analyzer][NFC] Use CallEvent checker callback in GenericTaintChecker

2020-03-04 Thread Balázs Benics via Phabricator via cfe-commits

This revision was automatically updated to reflect the committed changes.
Closed by commit rG95a94df5a9c3: [analyzer][NFC] Use CallEvent checker callback 
in GenericTaintChecker (authored by steakhal).

Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D72035/new/

https://reviews.llvm.org/D72035

Files:
  clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp

Index: clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp
===
--- clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp
+++ clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp
@@ -22,11 +22,14 @@
 #include "clang/StaticAnalyzer/Core/BugReporter/BugType.h"
 #include "clang/StaticAnalyzer/Core/Checker.h"
 #include "clang/StaticAnalyzer/Core/CheckerManager.h"
+#include "clang/StaticAnalyzer/Core/PathSensitive/CallEvent.h"
 #include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"
 #include "clang/StaticAnalyzer/Core/PathSensitive/ProgramStateTrait.h"
 #include "llvm/Support/YAMLTraits.h"
+
 #include 
 #include 
+#include 
 #include 
 #include 
 
@@ -35,17 +38,15 @@
 using namespace taint;
 
 namespace {
-class GenericTaintChecker
-: public Checker, check::PreStmt> {
+class GenericTaintChecker : public Checker {
 public:
   static void *getTag() {
 static int Tag;
 return 
   }
 
-  void checkPostStmt(const CallExpr *CE, CheckerContext ) const;
-
-  void checkPreStmt(const CallExpr *CE, CheckerContext ) const;
+  void checkPreCall(const CallEvent , CheckerContext ) const;
+  void checkPostCall(const CallEvent , CheckerContext ) const;
 
   void printState(raw_ostream , ProgramStateRef State, const char *NL,
   const char *Sep) const override;
@@ -81,7 +82,7 @@
 
   /// Convert SignedArgVector to ArgVector.
   ArgVector convertToArgVector(CheckerManager , const std::string ,
-   SignedArgVector Args);
+   const SignedArgVector );
 
   /// Parse the config.
   void parseConfiguration(CheckerManager , const std::string ,
@@ -96,7 +97,8 @@
   mutable std::unique_ptr BT;
   void initBugType() const {
 if (!BT)
-  BT.reset(new BugType(this, "Use of Untrusted Data", "Untrusted Data"));
+  BT = std::make_unique(this, "Use of Untrusted Data",
+ "Untrusted Data");
   }
 
   struct FunctionData {
@@ -106,9 +108,10 @@
 FunctionData =(const FunctionData &) = delete;
 FunctionData =(FunctionData &&) = delete;
 
-static Optional create(const CallExpr *CE,
+static Optional create(const CallEvent ,
  const CheckerContext ) {
-  const FunctionDecl *FDecl = C.getCalleeDecl(CE);
+  assert(Call.getDecl());
+  const FunctionDecl *FDecl = Call.getDecl()->getAsFunction();
   if (!FDecl || (FDecl->getKind() != Decl::Function &&
  FDecl->getKind() != Decl::CXXMethod))
 return None;
@@ -132,33 +135,33 @@
 
   /// Catch taint related bugs. Check if tainted data is passed to a
   /// system call etc. Returns true on matching.
-  bool checkPre(const CallExpr *CE, const FunctionData ,
+  bool checkPre(const CallEvent , const FunctionData ,
 CheckerContext ) const;
 
   /// Add taint sources on a pre-visit. Returns true on matching.
-  bool addSourcesPre(const CallExpr *CE, const FunctionData ,
+  bool addSourcesPre(const CallEvent , const FunctionData ,
  CheckerContext ) const;
 
   /// Mark filter's arguments not tainted on a pre-visit. Returns true on
   /// matching.
-  bool addFiltersPre(const CallExpr *CE, const FunctionData ,
+  bool addFiltersPre(const CallEvent , const FunctionData ,
  CheckerContext ) const;
 
   /// Propagate taint generated at pre-visit. Returns true on matching.
-  bool propagateFromPre(const CallExpr *CE, CheckerContext ) const;
+  static bool propagateFromPre(const CallEvent , CheckerContext );
 
   /// Check if the region the expression evaluates to is the standard input,
   /// and thus, is tainted.
   static bool isStdin(const Expr *E, CheckerContext );
 
   /// Given a pointer argument, return the value it points to.
-  static Optional getPointedToSVal(CheckerContext , const Expr *Arg);
+  static Optional getPointeeOf(CheckerContext , const Expr *Arg);
 
   /// Check for CWE-134: Uncontrolled Format String.
   static constexpr llvm::StringLiteral MsgUncontrolledFormatString =
   "Untrusted data is used as a format string "
   "(CWE-134: Uncontrolled Format String)";
-  bool checkUncontrolledFormatString(const CallExpr *CE,
+  bool checkUncontrolledFormatString(const CallEvent ,
  CheckerContext ) const;
 
   /// Check for:
@@ -167,7 +170,7 @@
   static constexpr llvm::StringLiteral MsgSanitizeSystemArgs =
   "Untrusted data is passed to a system call "
   "(CERT/STR02-C. Sanitize

[PATCH] D72035: [analyzer][NFC] Use CallEvent checker callback in GenericTaintChecker

2020-02-25 Thread Balázs Benics via Phabricator via cfe-commits

steakhal marked 5 inline comments as done.
steakhal added a comment.

In D72035#1889320 , @Szelethus wrote:

> Wow. Its a joy to see you do C++. LGTM. Are you planning to introduce 
> `CallDescriptionMap` at one point? :)


Yes, definitely.




Comment at: clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp:492-509
+const auto OneOf = [FDecl](const auto &... Name) {
+  // FIXME: use fold expression in C++17
+  using unused = int[];
+  bool ret = false;
+  static_cast(unused{
+  0, (ret |= CheckerContext::isCLibraryFunction(FDecl, Name), 0)...});
+  return ret;

Szelethus wrote:
> Whoa, this is amazing, but looks like a google interview question or 
> something -- is this a technique I should know about it? I feel like we kinda 
> sacrificed readability for coolness.
Actually, I agree but still convinced that it is the future-compatible way of 
doing this.
```lang=c++
const auto OneOf = [FDecl](const auto &... Name) {
  // FIXME: use fold expression in C++17
  using unused = int[];
  bool ret = false;
  static_cast(unused{
  0, (ret |= CheckerContext::isCLibraryFunction(FDecl, Name), 0)...});
  return ret;
};
```
In C++17 using fold expressions the whole lambda could be implemented such a 
way:
```lang=c++
const auto OneOf = [FDecl](const auto &... Name) {
  return (CheckerContext::isCLibraryFunction(FDecl, Name) || ...);
};
```



Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D72035/new/

https://reviews.llvm.org/D72035



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D72035: [analyzer][NFC] Use CallEvent checker callback in GenericTaintChecker

2020-02-24 Thread Kristóf Umann via Phabricator via cfe-commits

Szelethus accepted this revision.
Szelethus added a comment.
This revision is now accepted and ready to land.
Herald added a subscriber: martong.

Wow. Its a joy to see you do C++. LGTM. Are you planning to introduce 
`CallDescriptionMap` at one point? :)




Comment at: clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp:492-509
+const auto OneOf = [FDecl](const auto &... Name) {
+  // FIXME: use fold expression in C++17
+  using unused = int[];
+  bool ret = false;
+  static_cast(unused{
+  0, (ret |= CheckerContext::isCLibraryFunction(FDecl, Name), 0)...});
+  return ret;

Whoa, this is amazing, but looks like a google interview question or something 
-- is this a technique I should know about it? I feel like we kinda sacrificed 
readability for coolness.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D72035/new/

https://reviews.llvm.org/D72035



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D72035: [analyzer][NFC] Use CallEvent checker callback in GenericTaintChecker

2020-02-10 Thread Balázs Benics via Phabricator via cfe-commits

steakhal updated this revision to Diff 243492.
steakhal added a comment.

Rebased on top of master, instead of D71524 .


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D72035/new/

https://reviews.llvm.org/D72035

Files:
  clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp

Index: clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp
===
--- clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp
+++ clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp
@@ -22,11 +22,14 @@
 #include "clang/StaticAnalyzer/Core/BugReporter/BugType.h"
 #include "clang/StaticAnalyzer/Core/Checker.h"
 #include "clang/StaticAnalyzer/Core/CheckerManager.h"
+#include "clang/StaticAnalyzer/Core/PathSensitive/CallEvent.h"
 #include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"
 #include "clang/StaticAnalyzer/Core/PathSensitive/ProgramStateTrait.h"
 #include "llvm/Support/YAMLTraits.h"
+
 #include 
 #include 
+#include 
 #include 
 #include 
 
@@ -35,17 +38,15 @@
 using namespace taint;
 
 namespace {
-class GenericTaintChecker
-: public Checker, check::PreStmt> {
+class GenericTaintChecker : public Checker {
 public:
   static void *getTag() {
 static int Tag;
 return 
   }
 
-  void checkPostStmt(const CallExpr *CE, CheckerContext ) const;
-
-  void checkPreStmt(const CallExpr *CE, CheckerContext ) const;
+  void checkPreCall(const CallEvent , CheckerContext ) const;
+  void checkPostCall(const CallEvent , CheckerContext ) const;
 
   void printState(raw_ostream , ProgramStateRef State, const char *NL,
   const char *Sep) const override;
@@ -81,7 +82,7 @@
 
   /// Convert SignedArgVector to ArgVector.
   ArgVector convertToArgVector(CheckerManager , const std::string ,
-   SignedArgVector Args);
+   const SignedArgVector );
 
   /// Parse the config.
   void parseConfiguration(CheckerManager , const std::string ,
@@ -96,7 +97,8 @@
   mutable std::unique_ptr BT;
   void initBugType() const {
 if (!BT)
-  BT.reset(new BugType(this, "Use of Untrusted Data", "Untrusted Data"));
+  BT = std::make_unique(this, "Use of Untrusted Data",
+ "Untrusted Data");
   }
 
   struct FunctionData {
@@ -106,9 +108,10 @@
 FunctionData =(const FunctionData &) = delete;
 FunctionData =(FunctionData &&) = delete;
 
-static Optional create(const CallExpr *CE,
+static Optional create(const CallEvent ,
  const CheckerContext ) {
-  const FunctionDecl *FDecl = C.getCalleeDecl(CE);
+  assert(Call.getDecl());
+  const FunctionDecl *FDecl = Call.getDecl()->getAsFunction();
   if (!FDecl || (FDecl->getKind() != Decl::Function &&
  FDecl->getKind() != Decl::CXXMethod))
 return None;
@@ -132,33 +135,33 @@
 
   /// Catch taint related bugs. Check if tainted data is passed to a
   /// system call etc. Returns true on matching.
-  bool checkPre(const CallExpr *CE, const FunctionData ,
+  bool checkPre(const CallEvent , const FunctionData ,
 CheckerContext ) const;
 
   /// Add taint sources on a pre-visit. Returns true on matching.
-  bool addSourcesPre(const CallExpr *CE, const FunctionData ,
+  bool addSourcesPre(const CallEvent , const FunctionData ,
  CheckerContext ) const;
 
   /// Mark filter's arguments not tainted on a pre-visit. Returns true on
   /// matching.
-  bool addFiltersPre(const CallExpr *CE, const FunctionData ,
+  bool addFiltersPre(const CallEvent , const FunctionData ,
  CheckerContext ) const;
 
   /// Propagate taint generated at pre-visit. Returns true on matching.
-  bool propagateFromPre(const CallExpr *CE, CheckerContext ) const;
+  static bool propagateFromPre(const CallEvent , CheckerContext );
 
   /// Check if the region the expression evaluates to is the standard input,
   /// and thus, is tainted.
   static bool isStdin(const Expr *E, CheckerContext );
 
   /// Given a pointer argument, return the value it points to.
-  static Optional getPointedToSVal(CheckerContext , const Expr *Arg);
+  static Optional getPointeeOf(CheckerContext , const Expr *Arg);
 
   /// Check for CWE-134: Uncontrolled Format String.
   static constexpr llvm::StringLiteral MsgUncontrolledFormatString =
   "Untrusted data is used as a format string "
   "(CWE-134: Uncontrolled Format String)";
-  bool checkUncontrolledFormatString(const CallExpr *CE,
+  bool checkUncontrolledFormatString(const CallEvent ,
  CheckerContext ) const;
 
   /// Check for:
@@ -167,7 +170,7 @@
   static constexpr llvm::StringLiteral MsgSanitizeSystemArgs =
   "Untrusted data is passed to a system call "
   "(CERT/STR02-C. Sanitize data passed to complex subsystems)";
-  bool

[PATCH] D72035: [analyzer][NFC] Use CallEvent checker callback in GenericTaintChecker

2020-02-07 Thread Kristóf Umann via Phabricator via cfe-commits

Szelethus added a comment.

Hmm, have you branched off of D71524 ? If so, 
this patch should definitely land first.




Comment at: clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp:165
   /// Given a pointer argument, return the value it points to.
-  static Optional getPointedToSVal(CheckerContext , const Expr *Arg);
+  static Optional getPointeeOf(CheckerContext , const Expr *Arg);
 

Nice!



Comment at: clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp:385
+unsigned getNumArgs(const CallEvent ) {
+  return Call.getNumArgs() + static_cast(isa(Call));
 }

NoQ wrote:
> steakhal wrote:
> > I'm not sure why should we adjust (//workaround//) the number of arguments 
> > of `CXXInstanceCall`s calls, can someone explain it to me?
> > 
> > The same question raised for `getArg` too. 
> Remove this :)
> 
> I think this is about this inconsistency with operator calls where one of 
> {decl, expr} treats `this` as an argument, but the other doesn't. `CallEvent` 
> automatically accounts for that (see `getAdjustedParameterIndex()` and 
> `getASTArgumentIndex()` as they're overridden in various sub-classes of 
> `CallEvent`).
I have some thoughts about this here: D71524#1859435. 


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D72035/new/

https://reviews.llvm.org/D72035



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D72035: [analyzer][NFC] Use CallEvent checker callback in GenericTaintChecker

2019-12-31 Thread Artem Dergachev via Phabricator via cfe-commits

NoQ added inline comments.



Comment at: clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp:385
+unsigned getNumArgs(const CallEvent ) {
+  return Call.getNumArgs() + static_cast(isa(Call));
 }

steakhal wrote:
> I'm not sure why should we adjust (//workaround//) the number of arguments of 
> `CXXInstanceCall`s calls, can someone explain it to me?
> 
> The same question raised for `getArg` too. 
Remove this :)

I think this is about this inconsistency with operator calls where one of 
{decl, expr} treats `this` as an argument, but the other doesn't. `CallEvent` 
automatically accounts for that (see `getAdjustedParameterIndex()` and 
`getASTArgumentIndex()` as they're overridden in various sub-classes of 
`CallEvent`).



Comment at: clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp:459
   // TODO: Add support for vfscanf & family.
-  .Case("fdopen", TaintPropagationRule({}, {ReturnValueIndex}))
-  .Case("fopen", TaintPropagationRule({}, {ReturnValueIndex}))
-  .Case("freopen", TaintPropagationRule({}, {ReturnValueIndex}))
-  .Case("getch", TaintPropagationRule({}, {ReturnValueIndex}))
-  .Case("getchar", TaintPropagationRule({}, {ReturnValueIndex}))
-  .Case("getchar_unlocked",
-TaintPropagationRule({}, {ReturnValueIndex}))
-  .Case("getenv", TaintPropagationRule({}, {ReturnValueIndex}))
-  .Case("gets", TaintPropagationRule({}, {0, ReturnValueIndex}))
-  .Case("scanf", TaintPropagationRule({}, {}, VariadicType::Dst, 1))
-  .Case("socket",
-TaintPropagationRule({}, {ReturnValueIndex}, 
VariadicType::None,
- InvalidArgIndex,
- ::postSocket))
-  .Case("wgetch", TaintPropagationRule({}, {ReturnValueIndex}))
+  .Case("fdopen", {{}, {ReturnValueIndex}})
+  .Case("fopen", {{}, {ReturnValueIndex}})

Pls eventually transform this into `CallDescriptionMap` ^.^



Comment at: clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp:590
+ CheckerContext ) {
+  const auto *OCE = dyn_cast(Call.getOriginExpr());
   if (OCE) {

steakhal wrote:
> I'm not sure if this is the right way.
You might want to cast `Call` to `CXXMemberOperatorCall` but i'm not sure it 
saves you anything.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D72035/new/

https://reviews.llvm.org/D72035



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D72035: [analyzer][NFC] Use CallEvent checker callback in GenericTaintChecker

2019-12-31 Thread Balázs Benics via Phabricator via cfe-commits

steakhal added inline comments.



Comment at: clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp:385
+unsigned getNumArgs(const CallEvent ) {
+  return Call.getNumArgs() + static_cast(isa(Call));
 }

I'm not sure why should we adjust (//workaround//) the number of arguments of 
`CXXInstanceCall`s calls, can someone explain it to me?

The same question raised for `getArg` too. 



Comment at: clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp:590
+ CheckerContext ) {
+  const auto *OCE = dyn_cast(Call.getOriginExpr());
   if (OCE) {

I'm not sure if this is the right way.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D72035/new/

https://reviews.llvm.org/D72035



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D72035: [analyzer][NFC] Use CallEvent checker callback in GenericTaintChecker

2019-12-31 Thread Balázs Benics via Phabricator via cfe-commits

steakhal created this revision.
steakhal added reviewers: NoQ, Szelethus, boga95.
steakhal added a project: clang.
Herald added subscribers: cfe-commits, Charusso, dkrupp, donat.nagy, 
mikhail.ramalho, a.sidorin, szepet, baloghadamsoftware, xazax.hun, whisperity.
steakhal added a parent revision: D71524: [analyzer] Support tainted objects in 
GenericTaintChecker.

Intended to be a non-functional change but it turned out **CallEvent** handles 
constructor calls unlike **CallExpr** which doesn't triggered for constructors.

All in all, this change shouldn't be observable since constructors are not yet 
propagating taintness like functions.
In the future constructors should propagate taintness as well.

This change includes:

- NFCi change all uses of the CallExpr to CallEvent
- NFC rename some functions, mark static them etc.
- NFC omit explicit TaintPropagationRule type in switches
- NFC apply some clang-tidy fixits


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D72035

Files:
  clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp

Index: clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp
===
--- clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp
+++ clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp
@@ -22,12 +22,15 @@
 #include "clang/StaticAnalyzer/Core/BugReporter/BugType.h"
 #include "clang/StaticAnalyzer/Core/Checker.h"
 #include "clang/StaticAnalyzer/Core/CheckerManager.h"
+#include "clang/StaticAnalyzer/Core/PathSensitive/CallEvent.h"
 #include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"
 #include "clang/StaticAnalyzer/Core/PathSensitive/ProgramStateTrait.h"
 #include "llvm/Support/Regex.h"
 #include "llvm/Support/YAMLTraits.h"
+
 #include 
 #include 
+#include 
 #include 
 #include 
 
@@ -36,17 +39,15 @@
 using namespace taint;
 
 namespace {
-class GenericTaintChecker
-: public Checker, check::PreStmt> {
+class GenericTaintChecker : public Checker {
 public:
   static void *getTag() {
 static int Tag;
 return 
   }
 
-  void checkPostStmt(const CallExpr *CE, CheckerContext ) const;
-
-  void checkPreStmt(const CallExpr *CE, CheckerContext ) const;
+  void checkPreCall(const CallEvent , CheckerContext ) const;
+  void checkPostCall(const CallEvent , CheckerContext ) const;
 
   void printState(raw_ostream , ProgramStateRef State, const char *NL,
   const char *Sep) const override;
@@ -82,7 +83,7 @@
 
   /// Convert SignedArgVector to ArgVector.
   ArgVector convertToArgVector(CheckerManager , const std::string ,
-   SignedArgVector Args);
+   const SignedArgVector );
 
   /// Parse the config.
   void parseConfiguration(CheckerManager , const std::string ,
@@ -97,7 +98,8 @@
   mutable std::unique_ptr BT;
   void initBugType() const {
 if (!BT)
-  BT.reset(new BugType(this, "Use of Untrusted Data", "Untrusted Data"));
+  BT = std::make_unique(this, "Use of Untrusted Data",
+ "Untrusted Data");
   }
 
   struct FunctionData {
@@ -107,9 +109,10 @@
 FunctionData =(const FunctionData &) = delete;
 FunctionData =(FunctionData &&) = delete;
 
-static Optional create(const CallExpr *CE,
+static Optional create(const CallEvent ,
  const CheckerContext ) {
-  const FunctionDecl *FDecl = C.getCalleeDecl(CE);
+  assert(Call.getDecl());
+  const FunctionDecl *FDecl = Call.getDecl()->getAsFunction();
   if (!FDecl || (FDecl->getKind() != Decl::Function &&
  FDecl->getKind() != Decl::CXXMethod))
 return None;
@@ -133,39 +136,39 @@
 
   /// Catch taint related bugs. Check if tainted data is passed to a
   /// system call etc. Returns true on matching.
-  bool checkPre(const CallExpr *CE, const FunctionData ,
+  bool checkPre(const CallEvent , const FunctionData ,
 CheckerContext ) const;
 
   /// Add taint sources for extraction operator on pre-visit.
-  bool addOverloadedOpPre(const CallExpr *CE, CheckerContext ) const;
+  static bool addOverloadedOpPre(const CallEvent , CheckerContext );
 
   /// Add taint sources on a pre-visit. Returns true on matching.
-  bool addSourcesPre(const CallExpr *CE, const FunctionData ,
+  bool addSourcesPre(const CallEvent , const FunctionData ,
  CheckerContext ) const;
 
   /// Mark filter's arguments not tainted on a pre-visit. Returns true on
   /// matching.
-  bool addFiltersPre(const CallExpr *CE, const FunctionData ,
+  bool addFiltersPre(const CallEvent , const FunctionData ,
  CheckerContext ) const;
 
   /// Propagate taint generated at pre-visit. Returns true on matching.
-  bool propagateFromPre(const CallExpr *CE, CheckerContext ) const;
+  static bool propagateFromPre(const CallEvent , CheckerContext );
 
   /// Check if the region the expression evaluates to

[PATCH] D72035: [analyzer][NFC] Use CallEvent checker callback in GenericTaintChecker

[PATCH] D72035: [analyzer][NFC] Use CallEvent checker callback in GenericTaintChecker

[PATCH] D72035: [analyzer][NFC] Use CallEvent checker callback in GenericTaintChecker

[PATCH] D72035: [analyzer][NFC] Use CallEvent checker callback in GenericTaintChecker

[PATCH] D72035: [analyzer][NFC] Use CallEvent checker callback in GenericTaintChecker

[PATCH] D72035: [analyzer][NFC] Use CallEvent checker callback in GenericTaintChecker

[PATCH] D72035: [analyzer][NFC] Use CallEvent checker callback in GenericTaintChecker

[PATCH] D72035: [analyzer][NFC] Use CallEvent checker callback in GenericTaintChecker

[PATCH] D72035: [analyzer][NFC] Use CallEvent checker callback in GenericTaintChecker

[PATCH] D72035: [analyzer][NFC] Use CallEvent checker callback in GenericTaintChecker

10 matches

Site Navigation

Mail list logo

Footer information