This CL adds an optional warning to diagnose uses of the
`__builtin_alloca` family of functions. The use of these functions is
discouraged by many, so it seems like a good idea to allow clang to warn
about it.
Patch by Elaina Guan!
Differential Revision: https://reviews.llvm.org/D64883
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@367067
91177308-0d34-0410-b5e6-
96231b3b80d8
def err_cannot_find_suitable_accessor : Error<
"cannot find suitable %select{getter|setter}0 for property %1">;
+def warn_alloca : Warning<
+ "use of function %0 is discouraged; there is no way to check for failure but "
+ "failure may still occur, resulting in a possibly exploitable security vulnerability">,
+ InGroup<DiagGroup<"alloca">>, DefaultIgnore;
+
def warn_alloca_align_alignof : Warning<
"second argument to __builtin_alloca_with_align is supposed to be in bits">,
InGroup<DiagGroup<"alloca-with-align-alignof">>;
case Builtin::BI__builtin_alloca_with_align:
if (SemaBuiltinAllocaWithAlign(TheCall))
return ExprError();
+ LLVM_FALLTHROUGH;
+ case Builtin::BI__builtin_alloca:
+ Diag(TheCall->getBeginLoc(), diag::warn_alloca)
+ << TheCall->getDirectCallee();
break;
case Builtin::BI__assume:
case Builtin::BI__builtin_assume:
--- /dev/null
+// RUN: %clang_cc1 -DSILENCE -fsyntax-only -verify -Wall %s
+// RUN: %clang_cc1 -fsyntax-only -verify -Walloca %s
+
+#ifdef SILENCE
+ // expected-no-diagnostics
+#endif
+
+void test1(int a) {
+ __builtin_alloca(a);
+#ifndef SILENCE
+ // expected-warning@-2 {{use of function '__builtin_alloca' is discouraged; there is no way to check for failure but failure may still occur, resulting in a possibly exploitable security vulnerability}}
+#endif
+}
+
+void test2(int a) {
+ __builtin_alloca_with_align(a, 32);
+#ifndef SILENCE
+ // expected-warning@-2 {{use of function '__builtin_alloca_with_align' is discouraged; there is no way to check for failure but failure may still occur, resulting in a possibly exploitable security vulnerability}}
+#endif
+}
projects / clang / commitdiff