1// This test fails on "x86_64-sie" buildbot and "x86_64-scei-ps4" target.
2// According to @dyung, something related to the kind of standard library
3// availability is causing the failure. Even though we explicitly define
4// the relevant macros the check is hunting for in the invocation, the real
5// parsing and preprocessor state will not have that case.
6// UNSUPPORTED: target={{.*-(ps4|ps5)}}
7//
8// RUN: %check_clang_tidy -check-suffix=WITH-ANNEX-K %s bugprone-unsafe-functions %t -- -- -D__STDC_LIB_EXT1__=1 -D__STDC_WANT_LIB_EXT1__=1
9// RUN: %check_clang_tidy -check-suffix=WITHOUT-ANNEX-K %s bugprone-unsafe-functions %t -- -- -U__STDC_LIB_EXT1__ -U__STDC_WANT_LIB_EXT1__
10// RUN: %check_clang_tidy -check-suffix=WITHOUT-ANNEX-K %s bugprone-unsafe-functions %t -- -- -D__STDC_LIB_EXT1__=1 -U__STDC_WANT_LIB_EXT1__
11// RUN: %check_clang_tidy -check-suffix=WITHOUT-ANNEX-K %s bugprone-unsafe-functions %t -- -- -U__STDC_LIB_EXT1__ -D__STDC_WANT_LIB_EXT1__=1
12// RUN: %check_clang_tidy -check-suffix=WITH-ANNEX-K-CERT-ONLY %s bugprone-unsafe-functions %t -- \
13// RUN: -config="{CheckOptions: {bugprone-unsafe-functions.ReportMoreUnsafeFunctions: false}}" \
14// RUN: -- -D__STDC_LIB_EXT1__=1 -D__STDC_WANT_LIB_EXT1__=1
15// RUN: %check_clang_tidy -check-suffix=WITH-NONE-ENABLED %s bugprone-unsafe-functions %t --\
16// RUN: -config="{CheckOptions: {bugprone-unsafe-functions.ReportDefaultFunctions: false}}" \
17// RUN: -- -D__STDC_LIB_EXT1__=1 -D__STDC_WANT_LIB_EXT1__=1
18
19// CHECK-MESSAGES-WITH-NONE-ENABLED: 1 warning generated
20// CHECK-MESSAGES-WITH-NONE-ENABLED: Suppressed 1 warnings
21
22typedef __SIZE_TYPE__ size_t;
23typedef __WCHAR_TYPE__ wchar_t;
24
25char *gets(char *S);
26size_t strlen(const char *S);
27size_t wcslen(const wchar_t *S);
28
29void f1(char *S) {
30 gets(S);
31 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'gets' is insecure, was deprecated and removed in C11 and C++14; 'gets_s' should be used instead [bugprone-unsafe-functions]
32 // FIXME(?): On target=x86_64-scie-ps4, the above warning in the
33 // "-WITH-ANNEX-K" case will still report the suggestion to use 'fgets'
34 // instead of the expected 'get_s', as if "Annex K" was not available.
35 // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-5]]:3: warning: function 'gets' is insecure, was deprecated and removed in C11 and C++14; 'gets_s' should be used instead
36 // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-6]]:3: warning: function 'gets' is insecure, was deprecated and removed in C11 and C++14; 'fgets' should be used instead
37
38 strlen(S);
39 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'strlen' is not bounds-checking; 'strnlen_s' should be used instead
40 // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'strlen' is not bounds-checking; 'strnlen_s' should be used instead
41 // no-warning WITHOUT-ANNEX-K
42}
43
44void f1w(wchar_t *S) {
45 wcslen(S);
46 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'wcslen' is not bounds-checking; 'wcsnlen_s' should be used instead
47 // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'wcslen' is not bounds-checking; 'wcsnlen_s' should be used instead
48 // no-warning WITHOUT-ANNEX-K
49}
50
51struct tm;
52char *asctime(const struct tm *TimePtr);
53
54void f2(const struct tm *Time) {
55 asctime(TimePtr: Time);
56 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'asctime' is not bounds-checking and non-reentrant; 'asctime_s' should be used instead
57 // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'asctime' is not bounds-checking and non-reentrant; 'asctime_s' should be used instead
58 // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-3]]:3: warning: function 'asctime' is not bounds-checking and non-reentrant; 'strftime' should be used instead
59
60 char *(*F1)(const struct tm *) = asctime;
61 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:36: warning: function 'asctime' is not bounds-checking and non-reentrant; 'asctime_s' should be used instead
62 // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:36: warning: function 'asctime' is not bounds-checking and non-reentrant; 'asctime_s' should be used instead
63 // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-3]]:36: warning: function 'asctime' is not bounds-checking and non-reentrant; 'strftime' should be used instead
64
65 char *(*F2)(const struct tm *) = &asctime;
66 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:37: warning: function 'asctime' is not bounds-checking and non-reentrant; 'asctime_s' should be used instead
67 // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:37: warning: function 'asctime' is not bounds-checking and non-reentrant; 'asctime_s' should be used instead
68 // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-3]]:37: warning: function 'asctime' is not bounds-checking and non-reentrant; 'strftime' should be used instead
69}
70
71typedef void *FILE;
72FILE *fopen(const char *Filename, const char *Mode);
73FILE *freopen(const char *Filename, const char *Mode, FILE *Stream);
74int fscanf(FILE *Stream, const char *Format, ...);
75void rewind(FILE *Stream);
76void setbuf(FILE *Stream, char *Buf);
77
78void f3(char *S, FILE *F) {
79 fopen(Filename: S, Mode: S);
80 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'fopen' has no exclusive access to the opened file; 'fopen_s' should be used instead
81 // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'fopen' has no exclusive access to the opened file; 'fopen_s' should be used instead
82 // no-warning WITHOUT-ANNEX-K
83
84 freopen(Filename: S, Mode: S, Stream: F);
85 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'freopen' has no exclusive access to the opened file; 'freopen_s' should be used instead
86 // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'freopen' has no exclusive access to the opened file; 'freopen_s' should be used instead
87 // no-warning WITHOUT-ANNEX-K
88
89 int I;
90 fscanf(Stream: F, Format: "%d", &I);
91 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'fscanf' is not bounds-checking; 'fscanf_s' should be used instead
92 // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'fscanf' is not bounds-checking; 'fscanf_s' should be used instead
93 // no-warning WITHOUT-ANNEX-K
94
95 rewind(Stream: F);
96 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'rewind' has no error detection; 'fseek' should be used instead
97 // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'rewind' has no error detection; 'fseek' should be used instead
98 // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-3]]:3: warning: function 'rewind' has no error detection; 'fseek' should be used instead
99
100 setbuf(Stream: F, Buf: S);
101 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'setbuf' has no error detection; 'setvbuf' should be used instead
102 // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'setbuf' has no error detection; 'setvbuf' should be used instead
103 // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-3]]:3: warning: function 'setbuf' has no error detection; 'setvbuf' should be used instead
104}
105
106typedef int time_t;
107char *ctime(const time_t *Timer);
108
109void f4(const time_t *Timer) {
110 ctime(Timer);
111 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'ctime' is not bounds-checking and non-reentrant; 'ctime_s' should be used instead
112 // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'ctime' is not bounds-checking and non-reentrant; 'ctime_s' should be used instead
113 // no-warning WITHOUT-ANNEX-K
114}
115
116#define BUFSIZ 128
117typedef int uid_t;
118typedef int pid_t;
119int bcmp(const void *S1, const void *S2, size_t N);
120void bcopy(const void *Src, void *Dest, size_t N);
121void bzero(void *S, size_t N);
122int getpw(uid_t UId, char *Buf);
123pid_t vfork(void);
124
125void fOptional() {
126 char Buf1[BUFSIZ] = {0};
127 char Buf2[BUFSIZ] = {0};
128
129 bcmp(S1: Buf1, S2: Buf2, BUFSIZ);
130 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'bcmp' is deprecated; 'memcmp' should be used instead
131 // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-2]]:3: warning: function 'bcmp' is deprecated; 'memcmp' should be used instead
132 // no-warning CERT-ONLY
133
134 bcopy(Src: Buf1, Dest: Buf2, BUFSIZ);
135 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'bcopy' is deprecated; 'memcpy_s' should be used instead
136 // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-2]]:3: warning: function 'bcopy' is deprecated; 'memcpy' should be used instead
137 // no-warning CERT-ONLY
138
139 bzero(S: Buf1, BUFSIZ);
140 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'bzero' is deprecated; 'memset_s' should be used instead
141 // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-2]]:3: warning: function 'bzero' is deprecated; 'memset' should be used instead
142 // no-warning CERT-ONLY
143
144 getpw(UId: 0, Buf: Buf1);
145 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'getpw' is dangerous as it may overflow the provided buffer; 'getpwuid' should be used instead
146 // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-2]]:3: warning: function 'getpw' is dangerous as it may overflow the provided buffer; 'getpwuid' should be used instead
147 // no-warning CERT-ONLY
148
149 vfork();
150 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'vfork' is insecure as it can lead to denial of service situations in the parent process; 'posix_spawn' should be used instead
151 // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-2]]:3: warning: function 'vfork' is insecure as it can lead to denial of service situations in the parent process; 'posix_spawn' should be used instead
152 // no-warning CERT-ONLY
153}
154
155typedef int errno_t;
156typedef size_t rsize_t;
157errno_t asctime_s(char *S, rsize_t Maxsize, const struct tm *TimePtr);
158errno_t strcat_s(char *S1, rsize_t S1Max, const char *S2);
159
160void fUsingSafeFunctions(const struct tm *Time, FILE *F) {
161 char Buf[BUFSIZ] = {0};
162
163 // no-warning, safe function from annex K is used
164 if (asctime_s(S: Buf, BUFSIZ, TimePtr: Time) != 0)
165 return;
166
167 // no-warning, safe function from annex K is used
168 if (strcat_s(S1: Buf, BUFSIZ, S2: "something") != 0)
169 return;
170}
171

source code of clang-tools-extra/test/clang-tidy/checkers/bugprone/unsafe-functions.c