1// This test fails on "x86_64-sie" buildbot and "x86_64-scei-ps4" target.
2// According to @dyung, something related to the kind of standard library
3// availability is causing the failure. Even though we explicitly define
4// the relevant macros the check is hunting for in the invocation, the real
5// parsing and preprocessor state will not have that case.
6// UNSUPPORTED: target={{.*-(ps4|ps5)}}
7//
8// RUN: %check_clang_tidy -check-suffix=WITH-ANNEX-K %s bugprone-unsafe-functions %t -- -- -D__STDC_LIB_EXT1__=1 -D__STDC_WANT_LIB_EXT1__=1
9// RUN: %check_clang_tidy -check-suffix=WITHOUT-ANNEX-K %s bugprone-unsafe-functions %t -- -- -U__STDC_LIB_EXT1__ -U__STDC_WANT_LIB_EXT1__
10// RUN: %check_clang_tidy -check-suffix=WITHOUT-ANNEX-K %s bugprone-unsafe-functions %t -- -- -D__STDC_LIB_EXT1__=1 -U__STDC_WANT_LIB_EXT1__
11// RUN: %check_clang_tidy -check-suffix=WITHOUT-ANNEX-K %s bugprone-unsafe-functions %t -- -- -U__STDC_LIB_EXT1__ -D__STDC_WANT_LIB_EXT1__=1
12// RUN: %check_clang_tidy -check-suffix=WITH-ANNEX-K-CERT-ONLY %s bugprone-unsafe-functions %t -- \
13// RUN: -config="{CheckOptions: {bugprone-unsafe-functions.ReportMoreUnsafeFunctions: false}}" \
14// RUN: -- -D__STDC_LIB_EXT1__=1 -D__STDC_WANT_LIB_EXT1__=1
15
16typedef __SIZE_TYPE__ size_t;
17typedef __WCHAR_TYPE__ wchar_t;
18
19char *gets(char *S);
20size_t strlen(const char *S);
21size_t wcslen(const wchar_t *S);
22
23void f1(char *S) {
24 gets(S);
25 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'gets' is insecure, was deprecated and removed in C11 and C++14; 'gets_s' should be used instead [bugprone-unsafe-functions]
26 // FIXME(?): On target=x86_64-scie-ps4, the above warning in the
27 // "-WITH-ANNEX-K" case will still report the suggestion to use 'fgets'
28 // instead of the expected 'get_s', as if "Annex K" was not available.
29 // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-5]]:3: warning: function 'gets' is insecure, was deprecated and removed in C11 and C++14; 'gets_s' should be used instead
30 // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-6]]:3: warning: function 'gets' is insecure, was deprecated and removed in C11 and C++14; 'fgets' should be used instead
31
32 strlen(S);
33 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'strlen' is not bounds-checking; 'strnlen_s' should be used instead
34 // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'strlen' is not bounds-checking; 'strnlen_s' should be used instead
35 // no-warning WITHOUT-ANNEX-K
36}
37
38void f1w(wchar_t *S) {
39 wcslen(S);
40 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'wcslen' is not bounds-checking; 'wcsnlen_s' should be used instead
41 // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'wcslen' is not bounds-checking; 'wcsnlen_s' should be used instead
42 // no-warning WITHOUT-ANNEX-K
43}
44
45struct tm;
46char *asctime(const struct tm *TimePtr);
47
48void f2(const struct tm *Time) {
49 asctime(TimePtr: Time);
50 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'asctime' is not bounds-checking and non-reentrant; 'asctime_s' should be used instead
51 // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'asctime' is not bounds-checking and non-reentrant; 'asctime_s' should be used instead
52 // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-3]]:3: warning: function 'asctime' is not bounds-checking and non-reentrant; 'strftime' should be used instead
53
54 char *(*F1)(const struct tm *) = asctime;
55 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:36: warning: function 'asctime' is not bounds-checking and non-reentrant; 'asctime_s' should be used instead
56 // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:36: warning: function 'asctime' is not bounds-checking and non-reentrant; 'asctime_s' should be used instead
57 // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-3]]:36: warning: function 'asctime' is not bounds-checking and non-reentrant; 'strftime' should be used instead
58
59 char *(*F2)(const struct tm *) = &asctime;
60 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:37: warning: function 'asctime' is not bounds-checking and non-reentrant; 'asctime_s' should be used instead
61 // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:37: warning: function 'asctime' is not bounds-checking and non-reentrant; 'asctime_s' should be used instead
62 // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-3]]:37: warning: function 'asctime' is not bounds-checking and non-reentrant; 'strftime' should be used instead
63}
64
65typedef void *FILE;
66FILE *fopen(const char *Filename, const char *Mode);
67FILE *freopen(const char *Filename, const char *Mode, FILE *Stream);
68int fscanf(FILE *Stream, const char *Format, ...);
69void rewind(FILE *Stream);
70void setbuf(FILE *Stream, char *Buf);
71
72void f3(char *S, FILE *F) {
73 fopen(Filename: S, Mode: S);
74 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'fopen' has no exclusive access to the opened file; 'fopen_s' should be used instead
75 // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'fopen' has no exclusive access to the opened file; 'fopen_s' should be used instead
76 // no-warning WITHOUT-ANNEX-K
77
78 freopen(Filename: S, Mode: S, Stream: F);
79 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'freopen' has no exclusive access to the opened file; 'freopen_s' should be used instead
80 // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'freopen' has no exclusive access to the opened file; 'freopen_s' should be used instead
81 // no-warning WITHOUT-ANNEX-K
82
83 int I;
84 fscanf(Stream: F, Format: "%d", &I);
85 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'fscanf' is not bounds-checking; 'fscanf_s' should be used instead
86 // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'fscanf' is not bounds-checking; 'fscanf_s' should be used instead
87 // no-warning WITHOUT-ANNEX-K
88
89 rewind(Stream: F);
90 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'rewind' has no error detection; 'fseek' should be used instead
91 // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'rewind' has no error detection; 'fseek' should be used instead
92 // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-3]]:3: warning: function 'rewind' has no error detection; 'fseek' should be used instead
93
94 setbuf(Stream: F, Buf: S);
95 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'setbuf' has no error detection; 'setvbuf' should be used instead
96 // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'setbuf' has no error detection; 'setvbuf' should be used instead
97 // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-3]]:3: warning: function 'setbuf' has no error detection; 'setvbuf' should be used instead
98}
99
100typedef int time_t;
101char *ctime(const time_t *Timer);
102
103void f4(const time_t *Timer) {
104 ctime(Timer);
105 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'ctime' is not bounds-checking and non-reentrant; 'ctime_s' should be used instead
106 // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'ctime' is not bounds-checking and non-reentrant; 'ctime_s' should be used instead
107 // no-warning WITHOUT-ANNEX-K
108}
109
110#define BUFSIZ 128
111typedef int uid_t;
112typedef int pid_t;
113int bcmp(const void *S1, const void *S2, size_t N);
114void bcopy(const void *Src, void *Dest, size_t N);
115void bzero(void *S, size_t N);
116int getpw(uid_t UId, char *Buf);
117pid_t vfork(void);
118
119void fOptional() {
120 char Buf1[BUFSIZ] = {0};
121 char Buf2[BUFSIZ] = {0};
122
123 bcmp(S1: Buf1, S2: Buf2, BUFSIZ);
124 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'bcmp' is deprecated; 'memcmp' should be used instead
125 // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-2]]:3: warning: function 'bcmp' is deprecated; 'memcmp' should be used instead
126 // no-warning CERT-ONLY
127
128 bcopy(Src: Buf1, Dest: Buf2, BUFSIZ);
129 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'bcopy' is deprecated; 'memcpy_s' should be used instead
130 // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-2]]:3: warning: function 'bcopy' is deprecated; 'memcpy' should be used instead
131 // no-warning CERT-ONLY
132
133 bzero(S: Buf1, BUFSIZ);
134 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'bzero' is deprecated; 'memset_s' should be used instead
135 // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-2]]:3: warning: function 'bzero' is deprecated; 'memset' should be used instead
136 // no-warning CERT-ONLY
137
138 getpw(UId: 0, Buf: Buf1);
139 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'getpw' is dangerous as it may overflow the provided buffer; 'getpwuid' should be used instead
140 // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-2]]:3: warning: function 'getpw' is dangerous as it may overflow the provided buffer; 'getpwuid' should be used instead
141 // no-warning CERT-ONLY
142
143 vfork();
144 // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'vfork' is insecure as it can lead to denial of service situations in the parent process; 'posix_spawn' should be used instead
145 // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-2]]:3: warning: function 'vfork' is insecure as it can lead to denial of service situations in the parent process; 'posix_spawn' should be used instead
146 // no-warning CERT-ONLY
147}
148
149typedef int errno_t;
150typedef size_t rsize_t;
151errno_t asctime_s(char *S, rsize_t Maxsize, const struct tm *TimePtr);
152errno_t strcat_s(char *S1, rsize_t S1Max, const char *S2);
153
154void fUsingSafeFunctions(const struct tm *Time, FILE *F) {
155 char Buf[BUFSIZ] = {0};
156
157 // no-warning, safe function from annex K is used
158 if (asctime_s(S: Buf, BUFSIZ, TimePtr: Time) != 0)
159 return;
160
161 // no-warning, safe function from annex K is used
162 if (strcat_s(S1: Buf, BUFSIZ, S2: "something") != 0)
163 return;
164}
165

source code of clang-tools-extra/test/clang-tidy/checkers/bugprone/unsafe-functions.c