diff options
Diffstat (limited to 'clang-tools-extra/docs/clang-tidy')
| -rw-r--r-- | clang-tools-extra/docs/clang-tidy/checks/cert-err34-c.rst | 28 | ||||
| -rw-r--r-- | clang-tools-extra/docs/clang-tidy/checks/list.rst | 1 |
2 files changed, 29 insertions, 0 deletions
diff --git a/clang-tools-extra/docs/clang-tidy/checks/cert-err34-c.rst b/clang-tools-extra/docs/clang-tidy/checks/cert-err34-c.rst new file mode 100644 index 00000000000..11a8ceca0a1 --- /dev/null +++ b/clang-tools-extra/docs/clang-tidy/checks/cert-err34-c.rst @@ -0,0 +1,28 @@ +.. title:: clang-tidy - cert-err34-c + +cert-err34-c +============ + +This check flags calls to string-to-number conversion functions that do not +verify the validity of the conversion, such as ``atoi()`` or ``scanf()``. It +does not flag calls to ``strtol()``, or other, related conversion functions that +do perform better error checking. + +.. code:: c + + #include <stdlib.h> + + void func(const char *buff) { + int si; + + if (buff) { + si = atoi(buff); /* 'atoi' used to convert a string to an integer, but function will + not report conversion errors; consider using 'strtol' instead. */ + } else { + /* Handle error */ + } + } + +This check corresponds to the CERT C Coding Standard rule +`ERR34-C. Detect errors when converting a string to a number +<https://www.securecoding.cert.org/confluence/display/c/ERR34-C.+Detect+errors+when+converting+a+string+to+a+number>`_. diff --git a/clang-tools-extra/docs/clang-tidy/checks/list.rst b/clang-tools-extra/docs/clang-tidy/checks/list.rst index 267eb314017..cff26126050 100644 --- a/clang-tools-extra/docs/clang-tidy/checks/list.rst +++ b/clang-tools-extra/docs/clang-tidy/checks/list.rst @@ -11,6 +11,7 @@ Clang-Tidy Checks cert-dcl54-cpp (redirects to misc-new-delete-overloads) <cert-dcl54-cpp> cert-dcl59-cpp (redirects to google-build-namespaces) <cert-dcl59-cpp> cert-env33-c + cert-err34-c cert-err52-cpp cert-err58-cpp cert-err60-cpp |
