| blob | 71350098613d19a77642bff667f76f609f1bc06d |
1 // RUN: %clang_cc1 -std=c++20 -Wno-all -Wunsafe-buffer-usage -fcxx-exceptions -fsafe-buffer-usage-suggestions -verify %s
2 // RUN: %clang_cc1 -std=c++20 -Wunsafe-buffer-usage -fcxx-exceptions -fdiagnostics-parseable-fixits -fsafe-buffer-usage-suggestions %s 2>&1 | FileCheck %s
5 #define MACRO_PTR int*
7 // We CANNOT fix a pointer whose type is defined in a typedef or a
8 // macro. Because if the typedef is changed after the fix, the fix
9 // becomes incorrect and may not be noticed.
11 // CHECK-NOT: fix-it:"{{.*}}":{[[@LINE+1]]
12 void typedefPointer(TYPEDEF_PTR p) { // expected-warning{{'p' is an unsafe pointer used for buffer access}}
14 }
15 }
17 // CHECK-NOT: fix-it:"{{.*}}":{[[@LINE+1]]
18 void macroPointer(MACRO_PTR p) { // expected-warning{{'p' is an unsafe pointer used for buffer access}}
20 }
21 }
23 // The analysis requires accurate source location informations from
24 // `TypeLoc`s of types of variable (parameter) declarations in order
25 // to generate fix-its for them. But those information is not always
26 // available (probably due to some bugs in clang but it is irrelevant
27 // to the safe-buffer project). The following is an example. When
28 // `_Atomic` is used, we cannot get valid source locations of the
29 // pointee type of `unsigned *`. The analysis gives up in such a
30 // case.
31 // CHECK-NOT: fix-it:
32 void typeLocSourceLocationInvalid(_Atomic unsigned *map) { // expected-warning{{'map' is an unsafe pointer used for buffer access}}
34 }
36 // CHECK: fix-it:"{{.*}}":{[[@LINE+1]]:33-[[@LINE+1]]:46}:"std::span<unsigned> map"
37 void typeLocSourceLocationValid(unsigned *map) { // expected-warning{{'map' is an unsafe pointer used for buffer access}} \
40 }
41 // CHECK: fix-it:"{{.*}}":{[[@LINE-1]]:2-[[@LINE-1]]:2}:"\n{{\[}}{{\[}}clang::unsafe_buffer_usage{{\]}}{{\]}} void typeLocSourceLocationValid(unsigned *map) {return typeLocSourceLocationValid(std::span<unsigned>(map, <# size #>));}\n"
43 // We do not fix parameters participating unsafe operations for the
44 // following functions/methods or function-like expressions:
46 // CHECK-NOT: fix-it:
48 // constructor & descructor
52 }
54 // class member methods
58 }
60 // overload operator
65 }
66 };
68 // lambdas
75 };
76 }
78 // template
80 void template_foo(T * p) { // expected-warning{{'p' is an unsafe pointer used for buffer access}}
81 T tmp;
83 }
87 template_foo(p); // FIXME expected note {{in instantiation of function template specialization 'template_foo<int>' requested here}}
88 }
90 // variadic function
91 void vararg_foo(int * p...) { // expected-warning{{'p' is an unsafe pointer used for buffer access}}
94 }
96 // constexpr functions
97 constexpr int constexpr_foo(int * p) { // expected-warning{{'p' is an unsafe pointer used for buffer access}}
99 }
101 // function body is a try-block
102 void fn_with_try_block(int* p) // expected-warning{{'p' is an unsafe pointer used for buffer access}}
109 }
112 }
114 // The following two unsupported cases are not specific to
115 // parm-fixits. Adding them here in case they get forgotten.
117 // expected-warning@-1{{'a' is an unsafe pointer used for buffer access}}
118 // expected-warning@-2{{'b' is an unsafe pointer used for buffer access}}
121 tmp = a[5][5] + b[5][5]; // expected-warning2{{unsafe buffer access}} expected-note2{{used in buffer access here}}
122 }
124 // parameter having default values:
126 // expected-warning@-1{{'x' is an unsafe pointer used for buffer access}}
129 }
134 // expected-warning@-1{{'x' is an unsafe pointer used for buffer access}}
137 }
139 #define MACRO_NAME MyName
141 // The fix-it ends with a macro. It will be discarded due to overlap with macros.
142 // CHECK-NOT: fix-it:{{.*}}:{[[@LINE+1]]
143 void macroIdentifier(int * MACRO_NAME) { // expected-warning{{'MyName' is an unsafe pointer used for buffer access}}
145 }
147 // CHECK-NOT: fix-it:{{.*}}:{[[@LINE+1]]
148 void parmHasNoName(int *p, int *) { // cannot fix the function because there is one parameter has no name. \
151 }