clang API Documentation

FixedAddressChecker.cpp
Go to the documentation of this file.
00001 //=== FixedAddressChecker.cpp - Fixed address usage checker ----*- C++ -*--===//
00002 //
00003 //                     The LLVM Compiler Infrastructure
00004 //
00005 // This file is distributed under the University of Illinois Open Source
00006 // License. See LICENSE.TXT for details.
00007 //
00008 //===----------------------------------------------------------------------===//
00009 //
00010 // This files defines FixedAddressChecker, a builtin checker that checks for
00011 // assignment of a fixed address to a pointer.
00012 // This check corresponds to CWE-587.
00013 //
00014 //===----------------------------------------------------------------------===//
00015 
00016 #include "ClangSACheckers.h"
00017 #include "clang/StaticAnalyzer/Core/BugReporter/BugType.h"
00018 #include "clang/StaticAnalyzer/Core/Checker.h"
00019 #include "clang/StaticAnalyzer/Core/CheckerManager.h"
00020 #include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"
00021 
00022 using namespace clang;
00023 using namespace ento;
00024 
00025 namespace {
00026 class FixedAddressChecker 
00027   : public Checker< check::PreStmt<BinaryOperator> > {
00028   mutable std::unique_ptr<BuiltinBug> BT;
00029 
00030 public:
00031   void checkPreStmt(const BinaryOperator *B, CheckerContext &C) const;
00032 };
00033 }
00034 
00035 void FixedAddressChecker::checkPreStmt(const BinaryOperator *B,
00036                                        CheckerContext &C) const {
00037   // Using a fixed address is not portable because that address will probably
00038   // not be valid in all environments or platforms.
00039 
00040   if (B->getOpcode() != BO_Assign)
00041     return;
00042 
00043   QualType T = B->getType();
00044   if (!T->isPointerType())
00045     return;
00046 
00047   ProgramStateRef state = C.getState();
00048   SVal RV = state->getSVal(B->getRHS(), C.getLocationContext());
00049 
00050   if (!RV.isConstant() || RV.isZeroConstant())
00051     return;
00052 
00053   if (ExplodedNode *N = C.addTransition()) {
00054     if (!BT)
00055       BT.reset(
00056           new BuiltinBug(this, "Use fixed address",
00057                          "Using a fixed address is not portable because that "
00058                          "address will probably not be valid in all "
00059                          "environments or platforms."));
00060     BugReport *R = new BugReport(*BT, BT->getDescription(), N);
00061     R->addRange(B->getRHS()->getSourceRange());
00062     C.emitReport(R);
00063   }
00064 }
00065 
00066 void ento::registerFixedAddressChecker(CheckerManager &mgr) {
00067   mgr.registerChecker<FixedAddressChecker>();
00068 }

Generated on Tue Nov 18 2014 04:29:24 for r222231 by Doxygen 1.7.6.1.

See the Main Clang Web Page for more information.