null pointer dereference, usage of uninitialized values, etc.
*These checkers must be always switched on as other checker rely on them.*
+.. _core-CallAndMessage:
+
core.CallAndMessage (C, C++, ObjC)
""""""""""""""""""""""""""""""""""
Check for logical errors for function calls and Objective-C message expressions (e.g., uninitialized arguments, null function pointers).
.. literalinclude:: checkers/callandmessage_example.c
:language: objc
+.. _core-DivideZero:
+
core.DivideZero (C, C++, ObjC)
""""""""""""""""""""""""""""""
Check for division by zero.
.. literalinclude:: checkers/dividezero_example.c
:language: c
+.. _core-NonNullParamChecker:
+
core.NonNullParamChecker (C, C++, ObjC)
"""""""""""""""""""""""""""""""""""""""
Check for null pointers passed as arguments to a function whose arguments are references or marked with the 'nonnull' attribute.
f(p); // warn
}
+.. _core-NullDereference:
+
core.NullDereference (C, C++, ObjC)
"""""""""""""""""""""""""""""""""""
Check for dereferences of null pointers.
obj->x = 1; // warn
}
+.. _core-StackAddressEscape:
+
core.StackAddressEscape (C)
"""""""""""""""""""""""""""
Check that addresses to stack memory do not escape the function.
}
+.. _core-UndefinedBinaryOperatorResult:
+
core.UndefinedBinaryOperatorResult (C)
""""""""""""""""""""""""""""""""""""""
Check for undefined results of binary operators.
int y = x + 1; // warn: left operand is garbage
}
+.. _core-VLASize:
+
core.VLASize (C)
""""""""""""""""
Check for declarations of Variable Length Arrays of undefined or zero size.
int vla2[x]; // warn: zero size
}
+.. _core-uninitialized-ArraySubscript:
+
core.uninitialized.ArraySubscript (C)
"""""""""""""""""""""""""""""""""""""
Check for uninitialized values used as array subscripts.
int x = a[i]; // warn: array subscript is undefined
}
+.. _core-uninitialized-Assign:
+
core.uninitialized.Assign (C)
"""""""""""""""""""""""""""""
Check for assigning uninitialized values.
x |= 1; // warn: left expression is uninitialized
}
+.. _core-uninitialized-Branch:
+
core.uninitialized.Branch (C)
"""""""""""""""""""""""""""""
Check for uninitialized values used as branch conditions.
return;
}
+.. _core-uninitialized-CapturedBlockVariable:
+
core.uninitialized.CapturedBlockVariable (C)
""""""""""""""""""""""""""""""""""""""""""""
Check for blocks that capture uninitialized values.
^{ int y = x; }(); // warn
}
+.. _core-uninitialized-UndefReturn:
+
core.uninitialized.UndefReturn (C)
""""""""""""""""""""""""""""""""""
Check for uninitialized values being returned to the caller.
C++ Checkers.
+.. _cplusplus-InnerPointer:
+
cplusplus.InnerPointer
""""""""""""""""""""""
Check for inner pointers of C++ containers used after re/deallocation.
+.. _cplusplus-NewDelete:
+
cplusplus.NewDelete (C++)
"""""""""""""""""""""""""
Check for double-free and use-after-free problems. Traces memory managed by new/delete.
.. literalinclude:: checkers/newdelete_example.cpp
:language: cpp
+.. _cplusplus-NewDeleteLeaks:
+
cplusplus.NewDeleteLeaks (C++)
""""""""""""""""""""""""""""""
Check for memory leaks. Traces memory managed by new/delete.
} // warn
+.. _cplusplus-SelfAssignment:
+
cplusplus.SelfAssignment (C++)
""""""""""""""""""""""""""""""
Checks C++ copy and move assignment operators for self assignment.
Dead Code Checkers.
+.. _deadcode-DeadStores:
+
deadcode.DeadStores (C)
"""""""""""""""""""""""
Check for values stored to variables that are never read afterwards.
Objective C checkers that warn for null pointer passing and dereferencing errors.
+.. _nullability-NullPassedToNonnull:
+
nullability.NullPassedToNonnull (ObjC)
""""""""""""""""""""""""""""""""""""""
Warns when a null pointer is passed to a pointer which has a _Nonnull type.
// Warning: nil passed to a callee that requires a non-null 1st parameter
NSString *greeting = [@"Hello " stringByAppendingString:name];
+.. _nullability-NullReturnedFromNonnull:
+
nullability.NullReturnedFromNonnull (ObjC)
""""""""""""""""""""""""""""""""""""""""""
Warns when a null pointer is returned from a function that has _Nonnull return type.
return result;
}
+.. _nullability-NullableDereferenced:
+
nullability.NullableDereferenced (ObjC)
"""""""""""""""""""""""""""""""""""""""
Warns when a nullable pointer is dereferenced.
next->data = 7;
}
+.. _nullability-NullablePassedToNonnull:
+
nullability.NullablePassedToNonnull (ObjC)
""""""""""""""""""""""""""""""""""""""""""
Warns when a nullable pointer is passed to a pointer which has a _Nonnull type.
takesNonnull(p); // warn
}
+.. _nullability-NullableReturnedFromNonnull:
+
nullability.NullableReturnedFromNonnull (ObjC)
""""""""""""""""""""""""""""""""""""""""""""""
Warns when a nullable pointer is returned from a function that has _Nonnull return type.
Checkers for portability, performance or coding style specific rules.
+.. _optin-cplusplus-UninitializedObject:
+
optin.cplusplus.UninitializedObject (C++)
"""""""""""""""""""""""""""""""""""""""""
structures that have a field with a name or type name that matches the given
pattern. *Defaults to ""*.
+.. _optin-cplusplus-VirtualCall:
+
optin.cplusplus.VirtualCall (C++)
"""""""""""""""""""""""""""""""""
Check virtual function calls during construction or destruction.
virtual void f();
};
+.. _optin-mpi-MPI-Checker:
+
optin.mpi.MPI-Checker (C)
"""""""""""""""""""""""""
Checks MPI code.
MPI_Wait(&sendReq1[1][7][9], MPI_STATUS_IGNORE); // warn
}
+.. _optin-osx-cocoa-localizability-EmptyLocalizationContextChecker:
+
optin.osx.cocoa.localizability.EmptyLocalizationContextChecker (ObjC)
"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
Check that NSLocalizedString macros include a comment for context.
@"LocalizedString", nil, [[NSBundle alloc] init], nil,@""); // warn
}
+.. _optin-osx-cocoa-localizability-NonLocalizedStringChecker:
+
optin.osx.cocoa.localizability.NonLocalizedStringChecker (ObjC)
"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
Warns about uses of non-localized NSStrings passed to UI methods expecting localized NSStrings.
// Warning: User-facing text should use localized string macro
[alarmStateLabel setText:alarmText];
+.. _optin-performance-GCDAntipattern:
+
optin.performance.GCDAntipattern
""""""""""""""""""""""""""""""""
Check for performance anti-patterns when using Grand Central Dispatch.
+.. _optin-performance-Padding:
+
optin.performance.Padding
"""""""""""""""""""""""""
Check for excessively padded structs.
+.. _optin-portability-UnixAPI:
+
optin.portability.UnixAPI
"""""""""""""""""""""""""
Finds implementation-defined behavior in UNIX/Posix functions.
Security related checkers.
+.. _security-FloatLoopCounter:
+
security.FloatLoopCounter (C)
"""""""""""""""""""""""""""""
Warn on using a floating point value as a loop counter (CERT: FLP30-C, FLP30-CPP).
for (float x = 0.1f; x <= 1.0f; x += 0.1f) {} // warn
}
+.. _security-insecureAPI-UncheckedReturn:
+
security.insecureAPI.UncheckedReturn (C)
""""""""""""""""""""""""""""""""""""""""
Warn on uses of functions whose return values must be always checked.
setuid(1); // warn
}
+.. _security-insecureAPI-bcmp:
+
security.insecureAPI.bcmp (C)
"""""""""""""""""""""""""""""
Warn on uses of the 'bcmp' function.
bcmp(ptr0, ptr1, n); // warn
}
+.. _security-insecureAPI-bcopy:
+
security.insecureAPI.bcopy (C)
""""""""""""""""""""""""""""""
Warn on uses of the 'bcopy' function.
bcopy(src, dst, n); // warn
}
+.. _security-insecureAPI-bzero:
+
security.insecureAPI.bzero (C)
""""""""""""""""""""""""""""""
Warn on uses of the 'bzero' function.
bzero(ptr, n); // warn
}
+.. _security-insecureAPI-getpw:
+
security.insecureAPI.getpw (C)
""""""""""""""""""""""""""""""
Warn on uses of the 'getpw' function.
getpw(2, buff); // warn
}
+.. _security-insecureAPI-gets:
+
security.insecureAPI.gets (C)
"""""""""""""""""""""""""""""
Warn on uses of the 'gets' function.
gets(buff); // warn
}
+.. _security-insecureAPI-mkstemp:
+
security.insecureAPI.mkstemp (C)
""""""""""""""""""""""""""""""""
Warn when 'mkstemp' is passed fewer than 6 X's in the format string.
mkstemp("XX"); // warn
}
+.. _security-insecureAPI-mktemp:
+
security.insecureAPI.mktemp (C)
"""""""""""""""""""""""""""""""
Warn on uses of the ``mktemp`` function.
char *x = mktemp("/tmp/zxcv"); // warn: insecure, use mkstemp
}
+.. _security-insecureAPI-rand:
+
security.insecureAPI.rand (C)
"""""""""""""""""""""""""""""
Warn on uses of inferior random number generating functions (only if arc4random function is available):
random(); // warn
}
+.. _security-insecureAPI-strcpy:
+
security.insecureAPI.strcpy (C)
"""""""""""""""""""""""""""""""
Warn on uses of the ``strcpy`` and ``strcat`` functions.
}
+.. _security-insecureAPI-vfork:
+
security.insecureAPI.vfork (C)
""""""""""""""""""""""""""""""
Warn on uses of the 'vfork' function.
vfork(); // warn
}
+.. _security-insecureAPI-DeprecatedOrUnsafeBufferHandling:
+
security.insecureAPI.DeprecatedOrUnsafeBufferHandling (C)
"""""""""""""""""""""""""""""""""""""""""""""""""""""""""
Warn on occurrences of unsafe or deprecated buffer handling functions, which now have a secure variant: ``sprintf, vsprintf, scanf, wscanf, fscanf, fwscanf, vscanf, vwscanf, vfscanf, vfwscanf, sscanf, swscanf, vsscanf, vswscanf, swprintf, snprintf, vswprintf, vsnprintf, memcpy, memmove, strncpy, strncat, memset``
^^^^
POSIX/Unix checkers.
+.. _unix-API:
+
unix.API (C)
""""""""""""
Check calls to various UNIX/Posix functions: ``open, pthread_once, calloc, malloc, realloc, alloca``.
.. literalinclude:: checkers/unix_api_example.c
:language: c
+.. _unix-Malloc:
+
unix.Malloc (C)
"""""""""""""""
Check for memory leaks, double free, and use-after-free problems. Traces memory managed by malloc()/free().
.. literalinclude:: checkers/unix_malloc_example.c
:language: c
+.. _unix-MallocSizeof:
+
unix.MallocSizeof (C)
"""""""""""""""""""""
Check for dubious ``malloc`` arguments involving ``sizeof``.
free(p);
}
+.. _unix-MismatchedDeallocator:
+
unix.MismatchedDeallocator (C, C++)
"""""""""""""""""""""""""""""""""""
Check for mismatched deallocators.
.. literalinclude:: checkers/mismatched_deallocator_example.cpp
:language: c
+.. _unix-Vfork:
+
unix.Vfork (C)
""""""""""""""
Check for proper usage of ``vfork``.
while(1);
}
+.. _unix-cstring-BadSizeArg:
+
unix.cstring.BadSizeArg (C)
"""""""""""""""""""""""""""
Check the size argument passed into C string functions for common erroneous patterns. Use ``-Wno-strncat-size`` compiler option to mute other ``strncat``-related compiler warnings.
// warn: potential buffer overflow
}
+.. _unix-cstrisng-NullArg:
+
unix.cstrisng.NullArg (C)
"""""""""""""""""""""""""
Check for null pointers being passed as arguments to C string functions:
^^^
macOS checkers.
+.. _osx-API:
+
osx.API (C)
"""""""""""
Check for proper uses of various Apple APIs.
dispatch_once(&pred, ^(){}); // warn: dispatch_once uses local
}
+.. _osx-NumberObjectConversion:
+
osx.NumberObjectConversion (C, C++, ObjC)
"""""""""""""""""""""""""""""""""""""""""
Check for erroneous conversions of objects representing numbers into numbers.
[self displayPhotos];
}
+.. _osx-ObjCProperty:
+
osx.ObjCProperty (ObjC)
"""""""""""""""""""""""
Check for proper uses of Objective-C properties.
}
+.. _osx-SecKeychainAPI:
+
osx.SecKeychainAPI (C)
""""""""""""""""""""""
Check for proper uses of Secure Keychain APIs.
.. literalinclude:: checkers/seckeychainapi_example.m
:language: objc
+.. _osx-cocoa-AtSync:
+
osx.cocoa.AtSync (ObjC)
"""""""""""""""""""""""
Check for nil pointers used as mutexes for @synchronized.
@synchronized(y) {} // warn: uninitialized value used as mutex
}
+.. _osx-cocoa-AutoreleaseWrite:
+
osx.cocoa.AutoreleaseWrite
""""""""""""""""""""""""""
Warn about potentially crashing writes to autoreleasing objects from different autoreleasing pools in Objective-C.
+.. _osx-cocoa-ClassRelease:
+
osx.cocoa.ClassRelease (ObjC)
"""""""""""""""""""""""""""""
Check for sending 'retain', 'release', or 'autorelease' directly to a Class.
[MyClass release]; // warn
}
+.. _osx-cocoa-Dealloc:
+
osx.cocoa.Dealloc (ObjC)
""""""""""""""""""""""""
Warn about Objective-C classes that lack a correct implementation of -dealloc
.. literalinclude:: checkers/dealloc_example.m
:language: objc
+.. _osx-cocoa-IncompatibleMethodTypes:
+
osx.cocoa.IncompatibleMethodTypes (ObjC)
""""""""""""""""""""""""""""""""""""""""
Warn about Objective-C method signatures with type incompatibilities.
- (float)foo { return 1.0; } // warn
@end
+.. _osx-cocoa-Loops:
+
osx.cocoa.Loops
"""""""""""""""
Improved modeling of loops using Cocoa collection types.
+.. _osx-cocoa-MissingSuperCall:
+
osx.cocoa.MissingSuperCall (ObjC)
"""""""""""""""""""""""""""""""""
Warn about Objective-C methods that lack a necessary call to super.
@end
+.. _osx-cocoa-NSAutoreleasePool:
+
osx.cocoa.NSAutoreleasePool (ObjC)
""""""""""""""""""""""""""""""""""
Warn for suboptimal uses of NSAutoreleasePool in Objective-C GC mode.
[pool release]; // warn
}
+.. _osx-cocoa-NSError:
+
osx.cocoa.NSError (ObjC)
""""""""""""""""""""""""
Check usage of NSError parameters.
}
@end
+.. _osx-cocoa-NilArg:
+
osx.cocoa.NilArg (ObjC)
"""""""""""""""""""""""
Check for prohibited nil arguments to ObjC method calls.
}
+.. _osx-cocoa-NonNilReturnValue:
+
osx.cocoa.NonNilReturnValue
"""""""""""""""""""""""""""
Models the APIs that are guaranteed to return a non-nil value.
+.. _osx-cocoa-ObjCGenerics:
+
osx.cocoa.ObjCGenerics (ObjC)
"""""""""""""""""""""""""""""
Check for type errors when using Objective-C generics.
// to incompatible type 'NSString *'
[birthDates addObject: [NSDate date]];
+.. _osx-cocoa-RetainCount:
+
osx.cocoa.RetainCount (ObjC)
""""""""""""""""""""""""""""
Check for leaks and improper reference count management
}
+.. _osx-cocoa-RunLoopAutoreleaseLeak:
+
osx.cocoa.RunLoopAutoreleaseLeak
""""""""""""""""""""""""""""""""
Check for leaked memory in autorelease pools that will never be drained.
+.. _osx-cocoa-SelfInit:
+
osx.cocoa.SelfInit (ObjC)
"""""""""""""""""""""""""
Check that 'self' is properly initialized inside an initializer method.
}
@end
+.. _osx-cocoa-SuperDealloc:
+
osx.cocoa.SuperDealloc (ObjC)
"""""""""""""""""""""""""""""
Warn about improper use of '[super dealloc]' in Objective-C.
}
@end
+.. _osx-cocoa-UnusedIvars:
+
osx.cocoa.UnusedIvars (ObjC)
""""""""""""""""""""""""""""
Warn about private ivars that are never used.
@implementation MyObj
@end
+.. _osx-cocoa-VariadicMethodTypes:
+
osx.cocoa.VariadicMethodTypes (ObjC)
""""""""""""""""""""""""""""""""""""
Check for passing non-Objective-C types to variadic collection
// warn: argument should be an ObjC pointer type, not 'char *'
}
+.. _osx-coreFoundation-CFError:
+
osx.coreFoundation.CFError (C)
""""""""""""""""""""""""""""""
Check usage of CFErrorRef* parameters
return 0;
}
+.. _osx-coreFoundation-CFNumber:
+
osx.coreFoundation.CFNumber (C)
"""""""""""""""""""""""""""""""
Check for proper uses of CFNumber APIs.
// warn: 8 bit integer is used to initialize a 16 bit integer
}
+.. _osx-coreFoundation-CFRetainRelease:
+
osx.coreFoundation.CFRetainRelease (C)
""""""""""""""""""""""""""""""""""""""
Check for null arguments to CFRetain/CFRelease/CFMakeCollectable.
CFRelease(p); // warn
}
+.. _osx-coreFoundation-containers-OutOfBounds:
+
osx.coreFoundation.containers.OutOfBounds (C)
"""""""""""""""""""""""""""""""""""""""""""""
Checks for index out-of-bounds when using 'CFArray' API.
CFArrayGetValueAtIndex(A, 0); // warn
}
+.. _osx-coreFoundation-containers-PointerSizedValues:
+
osx.coreFoundation.containers.PointerSizedValues (C)
""""""""""""""""""""""""""""""""""""""""""""""""""""
Warns if 'CFArray', 'CFDictionary', 'CFSet' are created with non-pointer-size values.
alpha.clone
^^^^^^^^^^^
+.. _alpha-clone-CloneChecker:
+
alpha.clone.CloneChecker (C, C++, ObjC)
"""""""""""""""""""""""""""""""""""""""
Reports similar pieces of code.
return y;
}
+.. _alpha-core-BoolAssignment:
+
alpha.core.BoolAssignment (ObjC)
""""""""""""""""""""""""""""""""
Warn about assigning non-{0,1} values to boolean variables.
alpha.core
^^^^^^^^^^
+.. _alpha-core-CallAndMessageUnInitRefArg:
+
alpha.core.CallAndMessageUnInitRefArg (C,C++, ObjC)
"""""""""""""""""""""""""""""""""""""""""""""""""""
Check for logical errors for function calls and Objective-C
foo(&x); // warn
}
+.. _alpha-core-CastSize:
+
alpha.core.CastSize (C)
"""""""""""""""""""""""
Check when casting a malloc'ed type ``T``, whether the size is a multiple of the size of ``T``.
int *x = (int *) malloc(11); // warn
}
+.. _alpha-core-CastToStruct:
+
alpha.core.CastToStruct (C, C++)
""""""""""""""""""""""""""""""""
Check for cast from non-struct pointer to struct pointer.
c *pc = (c *) p; // warn
}
+.. _alpha-core-Conversion:
+
alpha.core.Conversion (C, C++, ObjC)
""""""""""""""""""""""""""""""""""""
Loss of sign/precision in implicit conversions.
short X = A; // warn (loss of precision)
}
+.. _alpha-core-DynamicTypeChecker:
+
alpha.core.DynamicTypeChecker (ObjC)
""""""""""""""""""""""""""""""""""""
Check for cases where the dynamic and the static type of an object are unrelated.
NSNumber *number = date;
[number doubleValue];
+.. _alpha-core-FixedAddr:
+
alpha.core.FixedAddr (C)
""""""""""""""""""""""""
Check for assignment of a fixed address to a pointer.
p = (int *) 0x10000; // warn
}
+.. _alpha-core-IdenticalExpr:
+
alpha.core.IdenticalExpr (C, C++)
"""""""""""""""""""""""""""""""""
Warn about unintended use of identical expressions in operators.
}
}
+.. _alpha-core-PointerArithm:
+
alpha.core.PointerArithm (C)
""""""""""""""""""""""""""""
Check for pointer arithmetic on locations other than array elements.
p = &x + 1; // warn
}
+.. _alpha-core-PointerSub:
+
alpha.core.PointerSub (C)
"""""""""""""""""""""""""
Check for pointer subtractions on two pointers pointing to different memory chunks.
int d = &y - &x; // warn
}
+.. _alpha-core-SizeofPtr:
+
alpha.core.SizeofPtr (C)
""""""""""""""""""""""""
Warn about unintended use of ``sizeof()`` on pointer expressions.
// warn: sizeof(ptr) can produce an unexpected result
}
+.. _alpha-core-StackAddressAsyncEscape:
+
alpha.core.StackAddressAsyncEscape (C)
""""""""""""""""""""""""""""""""""""""
Check that addresses to stack memory do not escape the function that involves dispatch_after or dispatch_async.
// returned block
}
+.. _alpha-core-TestAfterDivZero:
+
alpha.core.TestAfterDivZero (C)
"""""""""""""""""""""""""""""""
Check for division by variable that is later compared against 0.
alpha.cplusplus
^^^^^^^^^^^^^^^
+.. _alpha-cplusplus-DeleteWithNonVirtualDtor:
+
alpha.cplusplus.DeleteWithNonVirtualDtor (C++)
""""""""""""""""""""""""""""""""""""""""""""""
Reports destructions of polymorphic objects with a non-virtual destructor in their base class.
// destructor
}
+.. _alpha-cplusplus-EnumCastOutOfRange:
+
alpha.cplusplus.EnumCastOutOfRange (C++)
""""""""""""""""""""""""""""""""""""""""
Check for integer to enumeration casts that could result in undefined values.
// warn: the value provided to the cast expression is not in
the valid range of values for the enum
+.. _alpha-cplusplus-InvalidatedIterator:
+
alpha.cplusplus.InvalidatedIterator (C++)
"""""""""""""""""""""""""""""""""""""""""
Check for use of invalidated iterators.
}
+.. _alpha-cplusplus-IteratorRange:
+
alpha.cplusplus.IteratorRange (C++)
"""""""""""""""""""""""""""""""""""
Check for iterators used outside their valid ranges.
*i; // warn: iterator accessed outside of its range
}
+.. _alpha-cplusplus-MismatchedIterator:
+
alpha.cplusplus.MismatchedIterator (C++)
""""""""""""""""""""""""""""""""""""""""
Check for use of iterators of different containers where iterators of the same container are expected.
// expected
}
+.. _alpha-cplusplus-MisusedMovedObject:
+
alpha.cplusplus.MisusedMovedObject (C++)
""""""""""""""""""""""""""""""""""""""""
Method calls on a moved-from object and copying a moved-from object will be reported.
alpha.deadcode
^^^^^^^^^^^^^^
+.. _alpha-deadcode-UnreachableCode:
+
alpha.deadcode.UnreachableCode (C, C++)
"""""""""""""""""""""""""""""""""""""""
Check unreachable code.
alpha.llvm
^^^^^^^^^^
+.. _alpha-llvm-Conventions:
+
alpha.llvm.Conventions
""""""""""""""""""""""
alpha.osx
^^^^^^^^^
+.. _alpha-osx-cocoa-DirectIvarAssignment:
+
alpha.osx.cocoa.DirectIvarAssignment (ObjC)
"""""""""""""""""""""""""""""""""""""""""""
Check for direct assignments to instance variables.
}
@end
+.. _alpha-osx-cocoa-DirectIvarAssignmentForAnnotatedFunctions:
+
alpha.osx.cocoa.DirectIvarAssignmentForAnnotatedFunctions (ObjC)
""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
Check for direct assignments to instance variables in
@end
+.. _alpha-osx-cocoa-InstanceVariableInvalidation:
+
alpha.osx.cocoa.InstanceVariableInvalidation (ObjC)
"""""""""""""""""""""""""""""""""""""""""""""""""""
Check that the invalidatable instance variables are
@end
// warn: var needs to be invalidated or set to nil
+.. _alpha-osx-cocoa-MissingInvalidationMethod:
+
alpha.osx.cocoa.MissingInvalidationMethod (ObjC)
""""""""""""""""""""""""""""""""""""""""""""""""
Check that the invalidation methods are present in classes that contain invalidatable instance variables.
@implementation MissingInvalidationMethodDecl
@end
+.. _alpha-osx-cocoa-localizability-PluralMisuseChecker:
+
alpha.osx.cocoa.localizability.PluralMisuseChecker (ObjC)
"""""""""""""""""""""""""""""""""""""""""""""""""""""""""
Warns against using one vs. many plural pattern in code when generating localized strings.
alpha.security
^^^^^^^^^^^^^^
+.. _alpha-security-ArrayBound:
+
alpha.security.ArrayBound (C)
"""""""""""""""""""""""""""""
Warn about buffer overflows (older checker).
b[1] = 3; // warn
}
+.. _alpha-security-ArrayBoundV2:
+
alpha.security.ArrayBoundV2 (C)
"""""""""""""""""""""""""""""""
Warn about buffer overflows (newer checker).
char c = s[x]; // warn: index is tainted
}
+.. _alpha-security-MallocOverflow:
+
alpha.security.MallocOverflow (C)
"""""""""""""""""""""""""""""""""
Check for overflows in the arguments to malloc().
void *p = malloc(n * sizeof(int)); // warn
}
+.. _alpha-security-MmapWriteExec:
+
alpha.security.MmapWriteExec (C)
""""""""""""""""""""""""""""""""
Warn on mmap() calls that are both writable and executable.
// code
}
+.. _alpha-security-ReturnPtrRange:
+
alpha.security.ReturnPtrRange (C)
"""""""""""""""""""""""""""""""""
Check for an out-of-bound pointer being returned to callers.
return x; // warn: undefined or garbage returned
}
+.. _alpha-security-taint-TaintPropagation:
+
alpha.security.taint.TaintPropagation (C, C++)
""""""""""""""""""""""""""""""""""""""""""""""
Generate taint information used by other checkers.
alpha.unix
^^^^^^^^^^^
+.. _alpha-unix-BlockInCriticalSection:
+
alpha.unix.BlockInCriticalSection (C)
"""""""""""""""""""""""""""""""""""""
Check for calls to blocking functions inside a critical section.
m.unlock();
}
+.. _alpha-unix-Chroot:
+
alpha.unix.Chroot (C)
"""""""""""""""""""""
Check improper use of chroot.
f(); // warn: no call of chdir("/") immediately after chroot
}
+.. _alpha-unix-PthreadLock:
+
alpha.unix.PthreadLock (C)
""""""""""""""""""""""""""
Simple lock -> unlock checker.
// warn: this was not the most recently acquired lock
}
+.. _alpha-unix-SimpleStream:
+
alpha.unix.SimpleStream (C)
"""""""""""""""""""""""""""
Check for misuses of stream APIs. Check for misuses of stream APIs: ``fopen, fclose``
fclose(F); // warn: closing a previously closed file stream
}
+.. _alpha-unix-Stream:
+
alpha.unix.Stream (C)
"""""""""""""""""""""
Check stream handling functions: ``fopen, tmpfile, fclose, fread, fwrite, fseek, ftell, rewind, fgetpos,``
}
+.. _alpha-unix-cstring-BufferOverlap:
+
alpha.unix.cstring.BufferOverlap (C)
""""""""""""""""""""""""""""""""""""
Checks for overlap in two buffer arguments. Applies to: ``memcpy, mempcpy``.
memcpy(a + 2, a + 1, 8); // warn
}
+.. _alpha-unix-cstring-NotNullTerminated:
+
alpha.unix.cstring.NotNullTerminated (C)
""""""""""""""""""""""""""""""""""""""""
Check for arguments which are not null-terminated strings; applies to: ``strlen, strnlen, strcpy, strncpy, strcat, strncat``.
int y = strlen((char *)&test); // warn
}
+.. _alpha-unix-cstring-OutOfBounds:
+
alpha.unix.cstring.OutOfBounds (C)
""""""""""""""""""""""""""""""""""
Check for out-of-bounds access in string functions; applies to:`` strncopy, strncat``.
int y = strlen((char *)&test); // warn
}
+.. _alpha-nondeterminism-PointerIteration:
+
alpha.nondeterminism.PointerIteration (C++)
"""""""""""""""""""""""""""""""""""""""""""
Check for non-determinism caused by iterating unordered containers of pointers.
f(i);
}
+.. _alpha-nondeterminism-PointerSorting:
+
alpha.nondeterminism.PointerSorting (C++)
"""""""""""""""""""""""""""""""""""""""""
Check for non-determinism caused by sorting of pointers.
Checkers used for debugging the analyzer.
:doc:`developer-docs/DebugChecks` page contains a detailed description.
+.. _debug-AnalysisOrder:
+
debug.AnalysisOrder
"""""""""""""""""""
Print callbacks that are called during analysis in order.
+.. _debug-ConfigDumper:
+
debug.ConfigDumper
""""""""""""""""""
Dump config table.
+.. _debug-DumpCFG Display:
+
debug.DumpCFG Display
"""""""""""""""""""""
Control-Flow Graphs.
+.. _debug-DumpCallGraph:
+
debug.DumpCallGraph
"""""""""""""""""""
Display Call Graph.
+.. _debug-DumpCalls:
+
debug.DumpCalls
"""""""""""""""
Print calls as they are traversed by the engine.
+.. _debug-DumpDominators:
+
debug.DumpDominators
""""""""""""""""""""
Print the dominance tree for a given CFG.
+.. _debug-DumpLiveVars:
+
debug.DumpLiveVars
""""""""""""""""""
Print results of live variable analysis.
+.. _debug-DumpTraversal:
+
debug.DumpTraversal
"""""""""""""""""""
Print branch conditions as they are traversed by the engine.
+.. _debug-ExprInspection:
+
debug.ExprInspection
""""""""""""""""""""
Check the analyzer's understanding of expressions.
+.. _debug-Stats:
+
debug.Stats
"""""""""""
Emit warnings with analyzer statistics.
+.. _debug-TaintTest:
+
debug.TaintTest
"""""""""""""""
Mark tainted symbols as such.
+.. _debug-ViewCFG:
+
debug.ViewCFG
"""""""""""""
View Control-Flow Graphs using GraphViz.
+.. _debug-ViewCallGraph:
+
debug.ViewCallGraph
"""""""""""""""""""
View Call Graph using GraphViz.
+.. _debug-ViewExplodedGraph:
+
debug.ViewExplodedGraph
"""""""""""""""""""""""
View Exploded Graphs using GraphViz.
projects / clang / commitdiff