diff options
| author | Aaron Ballman <aaron@aaronballman.com> | 2016-04-29 20:56:48 +0000 |
|---|---|---|
| committer | Aaron Ballman <aaron@aaronballman.com> | 2016-04-29 20:56:48 +0000 |
| commit | d744e63d903ea0bbf6a4d7a80be019fb908a571f (patch) | |
| tree | 57da8095f5644e02eac4cb3be72f3ee9f5e046eb /clang-tools-extra/docs/clang-tidy | |
| parent | 9190b4add8a84ec662c323cec5daf31dc1508eda (diff) | |
| download | bcm5719-llvm-d744e63d903ea0bbf6a4d7a80be019fb908a571f.tar.gz bcm5719-llvm-d744e63d903ea0bbf6a4d7a80be019fb908a571f.zip | |
Add a clang-tidy check that flags string-to-number conversion functions that have insufficient error checking, suggesting a better alternative.
This check corresponds to: https://www.securecoding.cert.org/confluence/display/c/ERR34-C.+Detect+errors+when+converting+a+string+to+a+number
llvm-svn: 268100
Diffstat (limited to 'clang-tools-extra/docs/clang-tidy')
| -rw-r--r-- | clang-tools-extra/docs/clang-tidy/checks/cert-err34-c.rst | 28 | ||||
| -rw-r--r-- | clang-tools-extra/docs/clang-tidy/checks/list.rst | 1 |
2 files changed, 29 insertions, 0 deletions
diff --git a/clang-tools-extra/docs/clang-tidy/checks/cert-err34-c.rst b/clang-tools-extra/docs/clang-tidy/checks/cert-err34-c.rst new file mode 100644 index 00000000000..11a8ceca0a1 --- /dev/null +++ b/clang-tools-extra/docs/clang-tidy/checks/cert-err34-c.rst @@ -0,0 +1,28 @@ +.. title:: clang-tidy - cert-err34-c + +cert-err34-c +============ + +This check flags calls to string-to-number conversion functions that do not +verify the validity of the conversion, such as ``atoi()`` or ``scanf()``. It +does not flag calls to ``strtol()``, or other, related conversion functions that +do perform better error checking. + +.. code:: c + + #include <stdlib.h> + + void func(const char *buff) { + int si; + + if (buff) { + si = atoi(buff); /* 'atoi' used to convert a string to an integer, but function will + not report conversion errors; consider using 'strtol' instead. */ + } else { + /* Handle error */ + } + } + +This check corresponds to the CERT C Coding Standard rule +`ERR34-C. Detect errors when converting a string to a number +<https://www.securecoding.cert.org/confluence/display/c/ERR34-C.+Detect+errors+when+converting+a+string+to+a+number>`_. diff --git a/clang-tools-extra/docs/clang-tidy/checks/list.rst b/clang-tools-extra/docs/clang-tidy/checks/list.rst index 267eb314017..cff26126050 100644 --- a/clang-tools-extra/docs/clang-tidy/checks/list.rst +++ b/clang-tools-extra/docs/clang-tidy/checks/list.rst @@ -11,6 +11,7 @@ Clang-Tidy Checks cert-dcl54-cpp (redirects to misc-new-delete-overloads) <cert-dcl54-cpp> cert-dcl59-cpp (redirects to google-build-namespaces) <cert-dcl59-cpp> cert-env33-c + cert-err34-c cert-err52-cpp cert-err58-cpp cert-err60-cpp |
