1 | // This test fails on "x86_64-sie" buildbot and "x86_64-scei-ps4" target. |
2 | // According to @dyung, something related to the kind of standard library |
3 | // availability is causing the failure. Even though we explicitly define |
4 | // the relevant macros the check is hunting for in the invocation, the real |
5 | // parsing and preprocessor state will not have that case. |
6 | // UNSUPPORTED: target={{.*-(ps4|ps5)}} |
7 | // |
8 | // RUN: %check_clang_tidy -check-suffix=WITH-ANNEX-K %s bugprone-unsafe-functions %t -- -- -D__STDC_LIB_EXT1__=1 -D__STDC_WANT_LIB_EXT1__=1 |
9 | // RUN: %check_clang_tidy -check-suffix=WITHOUT-ANNEX-K %s bugprone-unsafe-functions %t -- -- -U__STDC_LIB_EXT1__ -U__STDC_WANT_LIB_EXT1__ |
10 | // RUN: %check_clang_tidy -check-suffix=WITHOUT-ANNEX-K %s bugprone-unsafe-functions %t -- -- -D__STDC_LIB_EXT1__=1 -U__STDC_WANT_LIB_EXT1__ |
11 | // RUN: %check_clang_tidy -check-suffix=WITHOUT-ANNEX-K %s bugprone-unsafe-functions %t -- -- -U__STDC_LIB_EXT1__ -D__STDC_WANT_LIB_EXT1__=1 |
12 | // RUN: %check_clang_tidy -check-suffix=WITH-ANNEX-K-CERT-ONLY %s bugprone-unsafe-functions %t -- \ |
13 | // RUN: -config="{CheckOptions: {bugprone-unsafe-functions.ReportMoreUnsafeFunctions: false}}" \ |
14 | // RUN: -- -D__STDC_LIB_EXT1__=1 -D__STDC_WANT_LIB_EXT1__=1 |
15 | // RUN: %check_clang_tidy -check-suffix=WITH-NONE-ENABLED %s bugprone-unsafe-functions %t --\ |
16 | // RUN: -config="{CheckOptions: {bugprone-unsafe-functions.ReportDefaultFunctions: false}}" \ |
17 | // RUN: -- -D__STDC_LIB_EXT1__=1 -D__STDC_WANT_LIB_EXT1__=1 |
18 | |
19 | // CHECK-MESSAGES-WITH-NONE-ENABLED: 1 warning generated |
20 | // CHECK-MESSAGES-WITH-NONE-ENABLED: Suppressed 1 warnings |
21 | |
22 | typedef __SIZE_TYPE__ size_t; |
23 | typedef __WCHAR_TYPE__ wchar_t; |
24 | |
25 | char *gets(char *S); |
26 | size_t strlen(const char *S); |
27 | size_t wcslen(const wchar_t *S); |
28 | |
29 | void f1(char *S) { |
30 | gets(S); |
31 | // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'gets' is insecure, was deprecated and removed in C11 and C++14; 'gets_s' should be used instead [bugprone-unsafe-functions] |
32 | // FIXME(?): On target=x86_64-scie-ps4, the above warning in the |
33 | // "-WITH-ANNEX-K" case will still report the suggestion to use 'fgets' |
34 | // instead of the expected 'get_s', as if "Annex K" was not available. |
35 | // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-5]]:3: warning: function 'gets' is insecure, was deprecated and removed in C11 and C++14; 'gets_s' should be used instead |
36 | // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-6]]:3: warning: function 'gets' is insecure, was deprecated and removed in C11 and C++14; 'fgets' should be used instead |
37 | |
38 | strlen(S); |
39 | // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'strlen' is not bounds-checking; 'strnlen_s' should be used instead |
40 | // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'strlen' is not bounds-checking; 'strnlen_s' should be used instead |
41 | // no-warning WITHOUT-ANNEX-K |
42 | } |
43 | |
44 | void f1w(wchar_t *S) { |
45 | wcslen(S); |
46 | // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'wcslen' is not bounds-checking; 'wcsnlen_s' should be used instead |
47 | // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'wcslen' is not bounds-checking; 'wcsnlen_s' should be used instead |
48 | // no-warning WITHOUT-ANNEX-K |
49 | } |
50 | |
51 | struct tm; |
52 | char *asctime(const struct tm *TimePtr); |
53 | |
54 | void f2(const struct tm *Time) { |
55 | asctime(TimePtr: Time); |
56 | // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'asctime' is not bounds-checking and non-reentrant; 'asctime_s' should be used instead |
57 | // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'asctime' is not bounds-checking and non-reentrant; 'asctime_s' should be used instead |
58 | // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-3]]:3: warning: function 'asctime' is not bounds-checking and non-reentrant; 'strftime' should be used instead |
59 | |
60 | char *(*F1)(const struct tm *) = asctime; |
61 | // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:36: warning: function 'asctime' is not bounds-checking and non-reentrant; 'asctime_s' should be used instead |
62 | // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:36: warning: function 'asctime' is not bounds-checking and non-reentrant; 'asctime_s' should be used instead |
63 | // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-3]]:36: warning: function 'asctime' is not bounds-checking and non-reentrant; 'strftime' should be used instead |
64 | |
65 | char *(*F2)(const struct tm *) = &asctime; |
66 | // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:37: warning: function 'asctime' is not bounds-checking and non-reentrant; 'asctime_s' should be used instead |
67 | // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:37: warning: function 'asctime' is not bounds-checking and non-reentrant; 'asctime_s' should be used instead |
68 | // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-3]]:37: warning: function 'asctime' is not bounds-checking and non-reentrant; 'strftime' should be used instead |
69 | } |
70 | |
71 | typedef void *FILE; |
72 | FILE *fopen(const char *Filename, const char *Mode); |
73 | FILE *freopen(const char *Filename, const char *Mode, FILE *Stream); |
74 | int fscanf(FILE *Stream, const char *Format, ...); |
75 | void rewind(FILE *Stream); |
76 | void setbuf(FILE *Stream, char *Buf); |
77 | |
78 | void f3(char *S, FILE *F) { |
79 | fopen(Filename: S, Mode: S); |
80 | // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'fopen' has no exclusive access to the opened file; 'fopen_s' should be used instead |
81 | // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'fopen' has no exclusive access to the opened file; 'fopen_s' should be used instead |
82 | // no-warning WITHOUT-ANNEX-K |
83 | |
84 | freopen(Filename: S, Mode: S, Stream: F); |
85 | // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'freopen' has no exclusive access to the opened file; 'freopen_s' should be used instead |
86 | // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'freopen' has no exclusive access to the opened file; 'freopen_s' should be used instead |
87 | // no-warning WITHOUT-ANNEX-K |
88 | |
89 | int I; |
90 | fscanf(Stream: F, Format: "%d" , &I); |
91 | // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'fscanf' is not bounds-checking; 'fscanf_s' should be used instead |
92 | // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'fscanf' is not bounds-checking; 'fscanf_s' should be used instead |
93 | // no-warning WITHOUT-ANNEX-K |
94 | |
95 | rewind(Stream: F); |
96 | // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'rewind' has no error detection; 'fseek' should be used instead |
97 | // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'rewind' has no error detection; 'fseek' should be used instead |
98 | // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-3]]:3: warning: function 'rewind' has no error detection; 'fseek' should be used instead |
99 | |
100 | setbuf(Stream: F, Buf: S); |
101 | // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'setbuf' has no error detection; 'setvbuf' should be used instead |
102 | // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'setbuf' has no error detection; 'setvbuf' should be used instead |
103 | // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-3]]:3: warning: function 'setbuf' has no error detection; 'setvbuf' should be used instead |
104 | } |
105 | |
106 | typedef int time_t; |
107 | char *ctime(const time_t *Timer); |
108 | |
109 | void f4(const time_t *Timer) { |
110 | ctime(Timer); |
111 | // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'ctime' is not bounds-checking and non-reentrant; 'ctime_s' should be used instead |
112 | // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'ctime' is not bounds-checking and non-reentrant; 'ctime_s' should be used instead |
113 | // no-warning WITHOUT-ANNEX-K |
114 | } |
115 | |
116 | #define BUFSIZ 128 |
117 | typedef int uid_t; |
118 | typedef int pid_t; |
119 | int bcmp(const void *S1, const void *S2, size_t N); |
120 | void bcopy(const void *Src, void *Dest, size_t N); |
121 | void bzero(void *S, size_t N); |
122 | int getpw(uid_t UId, char *Buf); |
123 | pid_t vfork(void); |
124 | |
125 | void fOptional() { |
126 | char Buf1[BUFSIZ] = {0}; |
127 | char Buf2[BUFSIZ] = {0}; |
128 | |
129 | bcmp(S1: Buf1, S2: Buf2, BUFSIZ); |
130 | // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'bcmp' is deprecated; 'memcmp' should be used instead |
131 | // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-2]]:3: warning: function 'bcmp' is deprecated; 'memcmp' should be used instead |
132 | // no-warning CERT-ONLY |
133 | |
134 | bcopy(Src: Buf1, Dest: Buf2, BUFSIZ); |
135 | // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'bcopy' is deprecated; 'memcpy_s' should be used instead |
136 | // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-2]]:3: warning: function 'bcopy' is deprecated; 'memcpy' should be used instead |
137 | // no-warning CERT-ONLY |
138 | |
139 | bzero(S: Buf1, BUFSIZ); |
140 | // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'bzero' is deprecated; 'memset_s' should be used instead |
141 | // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-2]]:3: warning: function 'bzero' is deprecated; 'memset' should be used instead |
142 | // no-warning CERT-ONLY |
143 | |
144 | getpw(UId: 0, Buf: Buf1); |
145 | // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'getpw' is dangerous as it may overflow the provided buffer; 'getpwuid' should be used instead |
146 | // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-2]]:3: warning: function 'getpw' is dangerous as it may overflow the provided buffer; 'getpwuid' should be used instead |
147 | // no-warning CERT-ONLY |
148 | |
149 | vfork(); |
150 | // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'vfork' is insecure as it can lead to denial of service situations in the parent process; 'posix_spawn' should be used instead |
151 | // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-2]]:3: warning: function 'vfork' is insecure as it can lead to denial of service situations in the parent process; 'posix_spawn' should be used instead |
152 | // no-warning CERT-ONLY |
153 | } |
154 | |
155 | typedef int errno_t; |
156 | typedef size_t rsize_t; |
157 | errno_t asctime_s(char *S, rsize_t Maxsize, const struct tm *TimePtr); |
158 | errno_t strcat_s(char *S1, rsize_t S1Max, const char *S2); |
159 | |
160 | void fUsingSafeFunctions(const struct tm *Time, FILE *F) { |
161 | char Buf[BUFSIZ] = {0}; |
162 | |
163 | // no-warning, safe function from annex K is used |
164 | if (asctime_s(S: Buf, BUFSIZ, TimePtr: Time) != 0) |
165 | return; |
166 | |
167 | // no-warning, safe function from annex K is used |
168 | if (strcat_s(S1: Buf, BUFSIZ, S2: "something" ) != 0) |
169 | return; |
170 | } |
171 | |