19225d08cSWhisperity // This test fails on "x86_64-sie" buildbot and "x86_64-scei-ps4" target. 29225d08cSWhisperity // According to @dyung, something related to the kind of standard library 39225d08cSWhisperity // availability is causing the failure. Even though we explicitly define 49225d08cSWhisperity // the relevant macros the check is hunting for in the invocation, the real 59225d08cSWhisperity // parsing and preprocessor state will not have that case. 69225d08cSWhisperity // UNSUPPORTED: target={{.*-(ps4|ps5)}} 79225d08cSWhisperity // 8f27c8ac8SGergely Fűtő // RUN: %check_clang_tidy -check-suffix=WITH-ANNEX-K %s bugprone-unsafe-functions %t -- -- -D__STDC_LIB_EXT1__=1 -D__STDC_WANT_LIB_EXT1__=1 9f27c8ac8SGergely Fűtő // RUN: %check_clang_tidy -check-suffix=WITHOUT-ANNEX-K %s bugprone-unsafe-functions %t -- -- -U__STDC_LIB_EXT1__ -U__STDC_WANT_LIB_EXT1__ 10f27c8ac8SGergely Fűtő // RUN: %check_clang_tidy -check-suffix=WITHOUT-ANNEX-K %s bugprone-unsafe-functions %t -- -- -D__STDC_LIB_EXT1__=1 -U__STDC_WANT_LIB_EXT1__ 11f27c8ac8SGergely Fűtő // RUN: %check_clang_tidy -check-suffix=WITHOUT-ANNEX-K %s bugprone-unsafe-functions %t -- -- -U__STDC_LIB_EXT1__ -D__STDC_WANT_LIB_EXT1__=1 12f27c8ac8SGergely Fűtő // RUN: %check_clang_tidy -check-suffix=WITH-ANNEX-K-CERT-ONLY %s bugprone-unsafe-functions %t -- \ 131af159e9SPiotr Zegar // RUN: -config="{CheckOptions: {bugprone-unsafe-functions.ReportMoreUnsafeFunctions: false}}" \ 14f27c8ac8SGergely Fűtő // RUN: -- -D__STDC_LIB_EXT1__=1 -D__STDC_WANT_LIB_EXT1__=1 15*0b8866d1SDiscookie // RUN: %check_clang_tidy -check-suffix=WITH-NONE-ENABLED %s bugprone-unsafe-functions %t --\ 16*0b8866d1SDiscookie // RUN: -config="{CheckOptions: {bugprone-unsafe-functions.ReportDefaultFunctions: false}}" \ 17*0b8866d1SDiscookie // RUN: -- -D__STDC_LIB_EXT1__=1 -D__STDC_WANT_LIB_EXT1__=1 18*0b8866d1SDiscookie 19*0b8866d1SDiscookie // CHECK-MESSAGES-WITH-NONE-ENABLED: 1 warning generated 20*0b8866d1SDiscookie // CHECK-MESSAGES-WITH-NONE-ENABLED: Suppressed 1 warnings 21f27c8ac8SGergely Fűtő 22f27c8ac8SGergely Fűtő typedef __SIZE_TYPE__ size_t; 23f27c8ac8SGergely Fűtő typedef __WCHAR_TYPE__ wchar_t; 24f27c8ac8SGergely Fűtő 25f27c8ac8SGergely Fűtő char *gets(char *S); 26f27c8ac8SGergely Fűtő size_t strlen(const char *S); 27f27c8ac8SGergely Fűtő size_t wcslen(const wchar_t *S); 28f27c8ac8SGergely Fűtő 29f27c8ac8SGergely Fűtő void f1(char *S) { 30f27c8ac8SGergely Fűtő gets(S); 31ed740e74SWhisperity // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'gets' is insecure, was deprecated and removed in C11 and C++14; 'gets_s' should be used instead [bugprone-unsafe-functions] 329225d08cSWhisperity // FIXME(?): On target=x86_64-scie-ps4, the above warning in the 339225d08cSWhisperity // "-WITH-ANNEX-K" case will still report the suggestion to use 'fgets' 349225d08cSWhisperity // instead of the expected 'get_s', as if "Annex K" was not available. 359225d08cSWhisperity // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-5]]:3: warning: function 'gets' is insecure, was deprecated and removed in C11 and C++14; 'gets_s' should be used instead 369225d08cSWhisperity // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-6]]:3: warning: function 'gets' is insecure, was deprecated and removed in C11 and C++14; 'fgets' should be used instead 37f27c8ac8SGergely Fűtő 38f27c8ac8SGergely Fűtő strlen(S); 39f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'strlen' is not bounds-checking; 'strnlen_s' should be used instead 40f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'strlen' is not bounds-checking; 'strnlen_s' should be used instead 41f27c8ac8SGergely Fűtő // no-warning WITHOUT-ANNEX-K 42f27c8ac8SGergely Fűtő } 43f27c8ac8SGergely Fűtő 44f27c8ac8SGergely Fűtő void f1w(wchar_t *S) { 45f27c8ac8SGergely Fűtő wcslen(S); 46f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'wcslen' is not bounds-checking; 'wcsnlen_s' should be used instead 47f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'wcslen' is not bounds-checking; 'wcsnlen_s' should be used instead 48f27c8ac8SGergely Fűtő // no-warning WITHOUT-ANNEX-K 49f27c8ac8SGergely Fűtő } 50f27c8ac8SGergely Fűtő 51f27c8ac8SGergely Fűtő struct tm; 52f27c8ac8SGergely Fűtő char *asctime(const struct tm *TimePtr); 53f27c8ac8SGergely Fűtő 54f27c8ac8SGergely Fűtő void f2(const struct tm *Time) { 55f27c8ac8SGergely Fűtő asctime(Time); 56f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'asctime' is not bounds-checking and non-reentrant; 'asctime_s' should be used instead 57f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'asctime' is not bounds-checking and non-reentrant; 'asctime_s' should be used instead 58f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-3]]:3: warning: function 'asctime' is not bounds-checking and non-reentrant; 'strftime' should be used instead 59f27c8ac8SGergely Fűtő 60f27c8ac8SGergely Fűtő char *(*F1)(const struct tm *) = asctime; 61f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:36: warning: function 'asctime' is not bounds-checking and non-reentrant; 'asctime_s' should be used instead 62f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:36: warning: function 'asctime' is not bounds-checking and non-reentrant; 'asctime_s' should be used instead 63f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-3]]:36: warning: function 'asctime' is not bounds-checking and non-reentrant; 'strftime' should be used instead 64f27c8ac8SGergely Fűtő 65f27c8ac8SGergely Fűtő char *(*F2)(const struct tm *) = &asctime; 66f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:37: warning: function 'asctime' is not bounds-checking and non-reentrant; 'asctime_s' should be used instead 67f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:37: warning: function 'asctime' is not bounds-checking and non-reentrant; 'asctime_s' should be used instead 68f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-3]]:37: warning: function 'asctime' is not bounds-checking and non-reentrant; 'strftime' should be used instead 69f27c8ac8SGergely Fűtő } 70f27c8ac8SGergely Fűtő 71f27c8ac8SGergely Fűtő typedef void *FILE; 72f27c8ac8SGergely Fűtő FILE *fopen(const char *Filename, const char *Mode); 73f27c8ac8SGergely Fűtő FILE *freopen(const char *Filename, const char *Mode, FILE *Stream); 74f27c8ac8SGergely Fűtő int fscanf(FILE *Stream, const char *Format, ...); 75f27c8ac8SGergely Fűtő void rewind(FILE *Stream); 76f27c8ac8SGergely Fűtő void setbuf(FILE *Stream, char *Buf); 77f27c8ac8SGergely Fűtő 78f27c8ac8SGergely Fűtő void f3(char *S, FILE *F) { 79f27c8ac8SGergely Fűtő fopen(S, S); 80f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'fopen' has no exclusive access to the opened file; 'fopen_s' should be used instead 81f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'fopen' has no exclusive access to the opened file; 'fopen_s' should be used instead 82f27c8ac8SGergely Fűtő // no-warning WITHOUT-ANNEX-K 83f27c8ac8SGergely Fűtő 84f27c8ac8SGergely Fűtő freopen(S, S, F); 85f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'freopen' has no exclusive access to the opened file; 'freopen_s' should be used instead 86f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'freopen' has no exclusive access to the opened file; 'freopen_s' should be used instead 87f27c8ac8SGergely Fűtő // no-warning WITHOUT-ANNEX-K 88f27c8ac8SGergely Fűtő 89f27c8ac8SGergely Fűtő int I; 90f27c8ac8SGergely Fűtő fscanf(F, "%d", &I); 91f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'fscanf' is not bounds-checking; 'fscanf_s' should be used instead 92f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'fscanf' is not bounds-checking; 'fscanf_s' should be used instead 93f27c8ac8SGergely Fűtő // no-warning WITHOUT-ANNEX-K 94f27c8ac8SGergely Fűtő 95f27c8ac8SGergely Fűtő rewind(F); 96f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'rewind' has no error detection; 'fseek' should be used instead 97f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'rewind' has no error detection; 'fseek' should be used instead 98f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-3]]:3: warning: function 'rewind' has no error detection; 'fseek' should be used instead 99f27c8ac8SGergely Fűtő 100f27c8ac8SGergely Fűtő setbuf(F, S); 101f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'setbuf' has no error detection; 'setvbuf' should be used instead 102f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'setbuf' has no error detection; 'setvbuf' should be used instead 103f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-3]]:3: warning: function 'setbuf' has no error detection; 'setvbuf' should be used instead 104f27c8ac8SGergely Fűtő } 105f27c8ac8SGergely Fűtő 106f27c8ac8SGergely Fűtő typedef int time_t; 107f27c8ac8SGergely Fűtő char *ctime(const time_t *Timer); 108f27c8ac8SGergely Fűtő 109f27c8ac8SGergely Fűtő void f4(const time_t *Timer) { 110f27c8ac8SGergely Fűtő ctime(Timer); 111f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'ctime' is not bounds-checking and non-reentrant; 'ctime_s' should be used instead 112f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K-CERT-ONLY: :[[@LINE-2]]:3: warning: function 'ctime' is not bounds-checking and non-reentrant; 'ctime_s' should be used instead 113f27c8ac8SGergely Fűtő // no-warning WITHOUT-ANNEX-K 114f27c8ac8SGergely Fűtő } 115f27c8ac8SGergely Fűtő 116f27c8ac8SGergely Fűtő #define BUFSIZ 128 117f27c8ac8SGergely Fűtő typedef int uid_t; 118f27c8ac8SGergely Fűtő typedef int pid_t; 119f27c8ac8SGergely Fűtő int bcmp(const void *S1, const void *S2, size_t N); 120f27c8ac8SGergely Fűtő void bcopy(const void *Src, void *Dest, size_t N); 121f27c8ac8SGergely Fűtő void bzero(void *S, size_t N); 122f27c8ac8SGergely Fűtő int getpw(uid_t UId, char *Buf); 123f27c8ac8SGergely Fűtő pid_t vfork(void); 124f27c8ac8SGergely Fűtő 125f27c8ac8SGergely Fűtő void fOptional() { 126f27c8ac8SGergely Fűtő char Buf1[BUFSIZ] = {0}; 127f27c8ac8SGergely Fűtő char Buf2[BUFSIZ] = {0}; 128f27c8ac8SGergely Fűtő 129f27c8ac8SGergely Fűtő bcmp(Buf1, Buf2, BUFSIZ); 130f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'bcmp' is deprecated; 'memcmp' should be used instead 131f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-2]]:3: warning: function 'bcmp' is deprecated; 'memcmp' should be used instead 132f27c8ac8SGergely Fűtő // no-warning CERT-ONLY 133f27c8ac8SGergely Fűtő 134f27c8ac8SGergely Fűtő bcopy(Buf1, Buf2, BUFSIZ); 135f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'bcopy' is deprecated; 'memcpy_s' should be used instead 136f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-2]]:3: warning: function 'bcopy' is deprecated; 'memcpy' should be used instead 137f27c8ac8SGergely Fűtő // no-warning CERT-ONLY 138f27c8ac8SGergely Fűtő 139f27c8ac8SGergely Fűtő bzero(Buf1, BUFSIZ); 140f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'bzero' is deprecated; 'memset_s' should be used instead 141f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-2]]:3: warning: function 'bzero' is deprecated; 'memset' should be used instead 142f27c8ac8SGergely Fűtő // no-warning CERT-ONLY 143f27c8ac8SGergely Fűtő 144f27c8ac8SGergely Fűtő getpw(0, Buf1); 145f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'getpw' is dangerous as it may overflow the provided buffer; 'getpwuid' should be used instead 146f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-2]]:3: warning: function 'getpw' is dangerous as it may overflow the provided buffer; 'getpwuid' should be used instead 147f27c8ac8SGergely Fűtő // no-warning CERT-ONLY 148f27c8ac8SGergely Fűtő 149f27c8ac8SGergely Fűtő vfork(); 150f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITH-ANNEX-K: :[[@LINE-1]]:3: warning: function 'vfork' is insecure as it can lead to denial of service situations in the parent process; 'posix_spawn' should be used instead 151f27c8ac8SGergely Fűtő // CHECK-MESSAGES-WITHOUT-ANNEX-K: :[[@LINE-2]]:3: warning: function 'vfork' is insecure as it can lead to denial of service situations in the parent process; 'posix_spawn' should be used instead 152f27c8ac8SGergely Fűtő // no-warning CERT-ONLY 153f27c8ac8SGergely Fűtő } 154f27c8ac8SGergely Fűtő 155f27c8ac8SGergely Fűtő typedef int errno_t; 156f27c8ac8SGergely Fűtő typedef size_t rsize_t; 157f27c8ac8SGergely Fűtő errno_t asctime_s(char *S, rsize_t Maxsize, const struct tm *TimePtr); 158f27c8ac8SGergely Fűtő errno_t strcat_s(char *S1, rsize_t S1Max, const char *S2); 159f27c8ac8SGergely Fűtő 160f27c8ac8SGergely Fűtő void fUsingSafeFunctions(const struct tm *Time, FILE *F) { 161f27c8ac8SGergely Fűtő char Buf[BUFSIZ] = {0}; 162f27c8ac8SGergely Fűtő 163f27c8ac8SGergely Fűtő // no-warning, safe function from annex K is used 164f27c8ac8SGergely Fűtő if (asctime_s(Buf, BUFSIZ, Time) != 0) 165f27c8ac8SGergely Fűtő return; 166f27c8ac8SGergely Fűtő 167f27c8ac8SGergely Fűtő // no-warning, safe function from annex K is used 168f27c8ac8SGergely Fűtő if (strcat_s(Buf, BUFSIZ, "something") != 0) 169f27c8ac8SGergely Fűtő return; 170f27c8ac8SGergely Fűtő } 171