1 //===-- UncheckedOptionalAccessModel.h --------------------------*- C++ -*-===// 2 // 3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4 // See https://llvm.org/LICENSE.txt for license information. 5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6 // 7 //===----------------------------------------------------------------------===// 8 // 9 // This file defines a dataflow analysis that detects unsafe uses of optional 10 // values. 11 // 12 //===----------------------------------------------------------------------===// 13 14 #ifndef CLANG_ANALYSIS_FLOWSENSITIVE_MODELS_UNCHECKEDOPTIONALACCESSMODEL_H 15 #define CLANG_ANALYSIS_FLOWSENSITIVE_MODELS_UNCHECKEDOPTIONALACCESSMODEL_H 16 17 #include "clang/AST/ASTContext.h" 18 #include "clang/Analysis/CFG.h" 19 #include "clang/Analysis/FlowSensitive/CFGMatchSwitch.h" 20 #include "clang/Analysis/FlowSensitive/DataflowAnalysis.h" 21 #include "clang/Analysis/FlowSensitive/DataflowEnvironment.h" 22 #include "clang/Analysis/FlowSensitive/NoopLattice.h" 23 #include "clang/Basic/SourceLocation.h" 24 #include <vector> 25 26 namespace clang { 27 namespace dataflow { 28 29 // FIXME: Explore using an allowlist-approach, where constructs supported by the 30 // analysis are always enabled and additional constructs are enabled through the 31 // `Options`. 32 struct UncheckedOptionalAccessModelOptions { 33 /// In generating diagnostics, ignore optionals reachable through overloaded 34 /// `operator*` or `operator->` (other than those of the optional type 35 /// itself). The analysis does not equate the results of such calls, so it 36 /// can't identify when their results are used safely (across calls), 37 /// resulting in false positives in all such cases. Note: this option does not 38 /// cover access through `operator[]`. 39 bool IgnoreSmartPointerDereference = false; 40 }; 41 42 /// Dataflow analysis that models whether optionals hold values or not. 43 /// 44 /// Models the `std::optional`, `absl::optional`, and `base::Optional` types. 45 class UncheckedOptionalAccessModel 46 : public DataflowAnalysis<UncheckedOptionalAccessModel, NoopLattice> { 47 public: 48 UncheckedOptionalAccessModel(ASTContext &Ctx); 49 50 /// Returns a matcher for the optional classes covered by this model. 51 static ast_matchers::DeclarationMatcher optionalClassDecl(); 52 53 static NoopLattice initialElement() { return {}; } 54 55 void transfer(const CFGElement &Elt, NoopLattice &L, Environment &Env); 56 57 ComparisonResult compare(QualType Type, const Value &Val1, 58 const Environment &Env1, const Value &Val2, 59 const Environment &Env2) override; 60 61 bool merge(QualType Type, const Value &Val1, const Environment &Env1, 62 const Value &Val2, const Environment &Env2, Value &MergedVal, 63 Environment &MergedEnv) override; 64 65 Value *widen(QualType Type, Value &Prev, const Environment &PrevEnv, 66 Value &Current, Environment &CurrentEnv) override; 67 68 private: 69 CFGMatchSwitch<TransferState<NoopLattice>> TransferMatchSwitch; 70 }; 71 72 class UncheckedOptionalAccessDiagnoser { 73 public: 74 UncheckedOptionalAccessDiagnoser( 75 UncheckedOptionalAccessModelOptions Options = {}); 76 77 std::vector<SourceLocation> diagnose(ASTContext &Ctx, const CFGElement *Elt, 78 const Environment &Env); 79 80 private: 81 CFGMatchSwitch<const Environment, std::vector<SourceLocation>> 82 DiagnoseMatchSwitch; 83 }; 84 85 } // namespace dataflow 86 } // namespace clang 87 88 #endif // CLANG_ANALYSIS_FLOWSENSITIVE_MODELS_UNCHECKEDOPTIONALACCESSMODEL_H 89