# HG changeset patch # User Chris Peterson # Date 1531634860 25200 # Sat Jul 14 23:07:40 2018 -0700 # Node ID 138f27a016f6dd7dde91c6d8b66c3da179dc6e06 # Parent cb66954c173fce66cfc4b22c34098cd8170eb32e Bug 1475882 - clang-analyzer: Enable clang-analyzer-cplusplus.NewDelete check. r=andi Check for double-free, use-after-free and offset problems involving C++ delete. There are currently no clang-analyzer-cplusplus.NewDelete warnings in mozilla-central! https://clang-analyzer.llvm.org/available_checks.html MozReview-Commit-ID: 9sVp4fc4JTj diff --git a/tools/clang-tidy/config.yaml b/tools/clang-tidy/config.yaml --- a/tools/clang-tidy/config.yaml +++ b/tools/clang-tidy/config.yaml @@ -6,16 +6,18 @@ target: obj-x86_64-pc-linux-gnu platforms: - macosx64 - linux64 - win64 - win32 clang_checkers: - name: -* publish: !!bool no + - name: clang-analyzer-cplusplus.NewDelete + publish: !!bool yes - name: clang-analyzer-deadcode.DeadStores publish: !!bool yes - name: clang-analyzer-security.FloatLoopCounter publish: !!bool yes - name: clang-analyzer-security.insecureAPI.getpw publish: !!bool yes # We don't add clang-analyzer-security.insecureAPI.gets here; it's deprecated. - name: clang-analyzer-security.insecureAPI.mkstemp diff --git a/tools/clang-tidy/test/clang-analyzer-cplusplus.NewDelete.cpp b/tools/clang-tidy/test/clang-analyzer-cplusplus.NewDelete.cpp new file mode 100644 --- /dev/null +++ b/tools/clang-tidy/test/clang-analyzer-cplusplus.NewDelete.cpp @@ -0,0 +1,50 @@ +// https://clang-analyzer.llvm.org/available_checks.html + +void use(int *p); + +void test_use_parameter_after_delete(int *p) +{ + delete p; + use(p); // warning: use after free +} + +class SomeClass { +public: + void f(); +}; + +void test_use_local_after_delete() +{ + SomeClass *c = new SomeClass; + delete c; + c->f(); // warning: use after free +} + +// XXX clang documentation says this should cause a warning but it doesn't! +void test_delete_alloca() +{ + int *p = (int *)__builtin_alloca(sizeof(int)); + delete p; // NO warning: deleting memory allocated by alloca +} + +void test_double_free() +{ + int *p = new int; + delete p; + delete p; // warning: attempt to free released +} + +void test_delete_local() +{ + int i; + delete &i; // warning: delete address of local +} + +// XXX clang documentation says this should cause a warning but it doesn't! +void test_delete_offset() +{ + int *p = new int[1]; + delete[] (++p); + // NO warning: argument to 'delete[]' is offset by 4 bytes + // from the start of memory allocated by 'new[]' +} diff --git a/tools/clang-tidy/test/clang-analyzer-cplusplus.NewDelete.json b/tools/clang-tidy/test/clang-analyzer-cplusplus.NewDelete.json new file mode 100644 --- /dev/null +++ b/tools/clang-tidy/test/clang-analyzer-cplusplus.NewDelete.json @@ -0,0 +1,1 @@ +"[[\"warning\", \"Use of memory after it is freed\", \"clang-analyzer-cplusplus.NewDelete\"], [\"warning\", \"Use of memory after it is freed\", \"clang-analyzer-cplusplus.NewDelete\"], [\"warning\", \"Attempt to free released memory\", \"clang-analyzer-cplusplus.NewDelete\"], [\"warning\", \"Argument to 'delete' is the address of the local variable 'i', which is not memory allocated by 'new'\", \"clang-analyzer-cplusplus.NewDelete\"]]" \ No newline at end of file