1 //===--- CommandInterpreterCheck.h - clang-tidy------------------*- C++ -*-===// 2 // 3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4 // See https://llvm.org/LICENSE.txt for license information. 5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6 // 7 //===----------------------------------------------------------------------===// 8 9 #ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_COMMAND_PROCESSOR_CHECK_H 10 #define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_COMMAND_PROCESSOR_CHECK_H 11 12 #include "../ClangTidyCheck.h" 13 14 namespace clang::tidy::cert { 15 16 /// Execution of a command processor can lead to security vulnerabilities, 17 /// and is generally not required. Instead, prefer to launch executables 18 /// directly via mechanisms that give you more control over what executable is 19 /// actually launched. 20 /// 21 /// For the user-facing documentation see: 22 /// http://clang.llvm.org/extra/clang-tidy/checks/cert/env33-c.html 23 class CommandProcessorCheck : public ClangTidyCheck { 24 public: CommandProcessorCheck(StringRef Name,ClangTidyContext * Context)25 CommandProcessorCheck(StringRef Name, ClangTidyContext *Context) 26 : ClangTidyCheck(Name, Context) {} 27 void registerMatchers(ast_matchers::MatchFinder *Finder) override; 28 void check(const ast_matchers::MatchFinder::MatchResult &Result) override; 29 }; 30 31 } // namespace clang::tidy::cert 32 33 #endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_COMMAND_PROCESSOR_CHECK_H 34