1 //===-- UncheckedOptionalAccessModel.h --------------------------*- C++ -*-===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 //
9 //  This file defines a dataflow analysis that detects unsafe uses of optional
10 //  values.
11 //
12 //===----------------------------------------------------------------------===//
13 
14 #ifndef CLANG_ANALYSIS_FLOWSENSITIVE_MODELS_UNCHECKEDOPTIONALACCESSMODEL_H
15 #define CLANG_ANALYSIS_FLOWSENSITIVE_MODELS_UNCHECKEDOPTIONALACCESSMODEL_H
16 
17 #include "clang/AST/ASTContext.h"
18 #include "clang/AST/Stmt.h"
19 #include "clang/Analysis/FlowSensitive/DataflowAnalysis.h"
20 #include "clang/Analysis/FlowSensitive/DataflowEnvironment.h"
21 #include "clang/Analysis/FlowSensitive/MatchSwitch.h"
22 #include "clang/Analysis/FlowSensitive/NoopLattice.h"
23 #include "clang/Basic/SourceLocation.h"
24 #include <vector>
25 
26 namespace clang {
27 namespace dataflow {
28 
29 // FIXME: Explore using an allowlist-approach, where constructs supported by the
30 // analysis are always enabled and additional constructs are enabled through the
31 // `Options`.
32 struct UncheckedOptionalAccessModelOptions {
33   /// Ignore optionals reachable through overloaded `operator*` or `operator->`
34   /// (other than those of the optional type itself). The analysis does not
35   /// equate the results of such calls, so it can't identify when their results
36   /// are used safely (across calls), resulting in false positives in all such
37   /// cases. Note: this option does not cover access through `operator[]`.
38   bool IgnoreSmartPointerDereference = false;
39 };
40 
41 /// Dataflow analysis that models whether optionals hold values or not.
42 ///
43 /// Models the `std::optional`, `absl::optional`, and `base::Optional` types.
44 class UncheckedOptionalAccessModel
45     : public DataflowAnalysis<UncheckedOptionalAccessModel, NoopLattice> {
46 public:
47   UncheckedOptionalAccessModel(
48       ASTContext &AstContext, UncheckedOptionalAccessModelOptions Options = {});
49 
50   /// Returns a matcher for the optional classes covered by this model.
51   static ast_matchers::DeclarationMatcher optionalClassDecl();
52 
53   static NoopLattice initialElement() { return {}; }
54 
55   void transfer(const Stmt *Stmt, NoopLattice &State, Environment &Env);
56 
57   bool compareEquivalent(QualType Type, const Value &Val1,
58                          const Environment &Env1, const Value &Val2,
59                          const Environment &Env2) override;
60 
61   bool merge(QualType Type, const Value &Val1, const Environment &Env1,
62              const Value &Val2, const Environment &Env2, Value &MergedVal,
63              Environment &MergedEnv) override;
64 
65 private:
66   MatchSwitch<TransferState<NoopLattice>> TransferMatchSwitch;
67 };
68 
69 class UncheckedOptionalAccessDiagnoser {
70 public:
71   UncheckedOptionalAccessDiagnoser(
72       UncheckedOptionalAccessModelOptions Options = {});
73 
74   std::vector<SourceLocation> diagnose(ASTContext &Context, const Stmt *Stmt,
75                                        const Environment &Env);
76 
77 private:
78   MatchSwitch<const Environment, std::vector<SourceLocation>>
79       DiagnoseMatchSwitch;
80 };
81 
82 } // namespace dataflow
83 } // namespace clang
84 
85 #endif // CLANG_ANALYSIS_FLOWSENSITIVE_MODELS_UNCHECKEDOPTIONALACCESSMODEL_H
86