From ec4812e3ddf5cd7b67bff8eda8d171ca3262c1b7 Mon Sep 17 00:00:00 2001 From: George Burgess IV Date: Thu, 25 Jul 2019 22:23:40 +0000 Subject: [PATCH] [Sema] add -Walloca to flag uses of `alloca` This CL adds an optional warning to diagnose uses of the `__builtin_alloca` family of functions. The use of these functions is discouraged by many, so it seems like a good idea to allow clang to warn about it. Patch by Elaina Guan! Differential Revision: https://reviews.llvm.org/D64883 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@367067 91177308-0d34-0410-b5e6-96231b3b80d8 --- include/clang/Basic/DiagnosticSemaKinds.td | 5 +++++ lib/Sema/SemaChecking.cpp | 4 ++++ test/Sema/warn-alloca.c | 20 ++++++++++++++++++++ 3 files changed, 29 insertions(+) create mode 100644 test/Sema/warn-alloca.c diff --git a/include/clang/Basic/DiagnosticSemaKinds.td b/include/clang/Basic/DiagnosticSemaKinds.td index e58a0b16bd..d5e3b767e9 100644 --- a/include/clang/Basic/DiagnosticSemaKinds.td +++ b/include/clang/Basic/DiagnosticSemaKinds.td @@ -2779,6 +2779,11 @@ def err_no_accessor_for_property : Error< def err_cannot_find_suitable_accessor : Error< "cannot find suitable %select{getter|setter}0 for property %1">; +def warn_alloca : Warning< + "use of function %0 is discouraged; there is no way to check for failure but " + "failure may still occur, resulting in a possibly exploitable security vulnerability">, + InGroup>, DefaultIgnore; + def warn_alloca_align_alignof : Warning< "second argument to __builtin_alloca_with_align is supposed to be in bits">, InGroup>; diff --git a/lib/Sema/SemaChecking.cpp b/lib/Sema/SemaChecking.cpp index f9f82cdeef..436e17a0e3 100644 --- a/lib/Sema/SemaChecking.cpp +++ b/lib/Sema/SemaChecking.cpp @@ -1179,6 +1179,10 @@ Sema::CheckBuiltinFunctionCall(FunctionDecl *FDecl, unsigned BuiltinID, case Builtin::BI__builtin_alloca_with_align: if (SemaBuiltinAllocaWithAlign(TheCall)) return ExprError(); + LLVM_FALLTHROUGH; + case Builtin::BI__builtin_alloca: + Diag(TheCall->getBeginLoc(), diag::warn_alloca) + << TheCall->getDirectCallee(); break; case Builtin::BI__assume: case Builtin::BI__builtin_assume: diff --git a/test/Sema/warn-alloca.c b/test/Sema/warn-alloca.c new file mode 100644 index 0000000000..0990e11ef2 --- /dev/null +++ b/test/Sema/warn-alloca.c @@ -0,0 +1,20 @@ +// RUN: %clang_cc1 -DSILENCE -fsyntax-only -verify -Wall %s +// RUN: %clang_cc1 -fsyntax-only -verify -Walloca %s + +#ifdef SILENCE + // expected-no-diagnostics +#endif + +void test1(int a) { + __builtin_alloca(a); +#ifndef SILENCE + // expected-warning@-2 {{use of function '__builtin_alloca' is discouraged; there is no way to check for failure but failure may still occur, resulting in a possibly exploitable security vulnerability}} +#endif +} + +void test2(int a) { + __builtin_alloca_with_align(a, 32); +#ifndef SILENCE + // expected-warning@-2 {{use of function '__builtin_alloca_with_align' is discouraged; there is no way to check for failure but failure may still occur, resulting in a possibly exploitable security vulnerability}} +#endif +} -- 2.40.0