void StringLiteralWithEmbeddedNulCheck::registerMatchers(MatchFinder *Finder) {
// Match a string that contains embedded NUL character. Extra-checks are
// applied in |check| to find incorectly escaped characters.
Finder->addMatcher(stringLiteral(containsNul()).bind("strlit"), this);
// The remaining checks only apply to C++.
if (!getLangOpts().CPlusPlus)
return;
const auto StrLitWithNul =
ignoringParenImpCasts(stringLiteral(containsNul()).bind("truncated"));
// Match string constructor.
const auto StringConstructorExpr = expr(anyOf(
cxxConstructExpr(argumentCountIs(1),
hasDeclaration(cxxMethodDecl(hasName("basic_string")))),
// If present, the second argument is the alloc object which must not
// be present explicitly.
cxxConstructExpr(argumentCountIs(2),
hasDeclaration(cxxMethodDecl(hasName("basic_string"))),
hasArgument(1, cxxDefaultArgExpr()))));
// Detect passing a suspicious string literal to a string constructor.
// example: std::string str = "abc\0def";
Finder->addMatcher(
cxxConstructExpr(StringConstructorExpr, hasArgument(0, StrLitWithNul)),
this);
// Detect passing a suspicious string literal through an overloaded operator.
Finder->addMatcher(cxxOperatorCallExpr(hasAnyArgument(StrLitWithNul)), this);
}
void InaccurateEraseCheck::registerMatchers(MatchFinder *Finder) {
// Only register the matchers for C++; the functionality currently does not
// provide any benefit to other languages, despite being benign.
if (!getLangOpts().CPlusPlus)
return;
const auto CheckForEndCall = hasArgument(
1, anyOf(cxxConstructExpr(has(ignoringParenImpCasts(
cxxMemberCallExpr(callee(cxxMethodDecl(hasName("end"))))
.bind("InaccEndCall")))),
anything()));
Finder->addMatcher(
cxxMemberCallExpr(
on(hasType(namedDecl(matchesName("^::std::")))),
callee(cxxMethodDecl(hasName("erase"))), argumentCountIs(1),
hasArgument(0, has(ignoringParenImpCasts(
callExpr(callee(functionDecl(matchesName(
"^::std::(remove(_if)?|unique)$"))),
CheckForEndCall)
.bind("InaccAlgCall")))),
unless(isInTemplateInstantiation()))
.bind("InaccErase"),
this);
}
void PassByValueCheck::registerMatchers(MatchFinder *Finder) {
// Only register the matchers for C++; the functionality currently does not
// provide any benefit to other languages, despite being benign.
if (!getLangOpts().CPlusPlus)
return;
Finder->addMatcher(
cxxConstructorDecl(
forEachConstructorInitializer(
cxxCtorInitializer(
// Clang builds a CXXConstructExpr only whin it knows which
// constructor will be called. In dependent contexts a
// ParenListExpr is generated instead of a CXXConstructExpr,
// filtering out templates automatically for us.
withInitializer(cxxConstructExpr(
has(ignoringParenImpCasts(declRefExpr(to(
parmVarDecl(
hasType(qualType(
// Match only const-ref or a non-const value
// parameters. Rvalues and const-values
// shouldn't be modified.
anyOf(constRefType(), nonConstValueType()))))
.bind("Param"))))),
hasDeclaration(cxxConstructorDecl(
isCopyConstructor(), unless(isDeleted()),
hasDeclContext(
cxxRecordDecl(isMoveConstructible())))))))
.bind("Initializer")))
.bind("Ctor"),
this);
}
void MakeSmartPtrCheck::registerMatchers(ast_matchers::MatchFinder *Finder) {
if (!isLanguageVersionSupported(getLangOpts()))
return;
// Calling make_smart_ptr from within a member function of a type with a
// private or protected constructor would be ill-formed.
auto CanCallCtor = unless(has(ignoringImpCasts(
cxxConstructExpr(hasDeclaration(decl(unless(isPublic())))))));
Finder->addMatcher(
cxxBindTemporaryExpr(has(ignoringParenImpCasts(
cxxConstructExpr(
hasType(getSmartPointerTypeMatcher()), argumentCountIs(1),
hasArgument(0,
cxxNewExpr(hasType(pointsTo(qualType(hasCanonicalType(
equalsBoundNode(PointerType))))),
CanCallCtor)
.bind(NewExpression)),
unless(isInTemplateInstantiation()))
.bind(ConstructorCall)))),
this);
Finder->addMatcher(
cxxMemberCallExpr(
thisPointerType(getSmartPointerTypeMatcher()),
callee(cxxMethodDecl(hasName("reset"))),
hasArgument(0, cxxNewExpr(CanCallCtor).bind(NewExpression)),
unless(isInTemplateInstantiation()))
.bind(ResetCall),
this);
}
void MisplacedOperatorInStrlenInAllocCheck::registerMatchers(
MatchFinder *Finder) {
const auto StrLenFunc = functionDecl(anyOf(
hasName("::strlen"), hasName("::std::strlen"), hasName("::strnlen"),
hasName("::std::strnlen"), hasName("::strnlen_s"),
hasName("::std::strnlen_s"), hasName("::wcslen"),
hasName("::std::wcslen"), hasName("::wcsnlen"), hasName("::std::wcsnlen"),
hasName("::wcsnlen_s"), hasName("std::wcsnlen_s")));
const auto BadUse =
callExpr(callee(StrLenFunc),
hasAnyArgument(ignoringImpCasts(
binaryOperator(
hasOperatorName("+"),
hasRHS(ignoringParenImpCasts(integerLiteral(equals(1)))))
.bind("BinOp"))))
.bind("StrLen");
const auto BadArg = anyOf(
allOf(unless(binaryOperator(
hasOperatorName("+"), hasLHS(BadUse),
hasRHS(ignoringParenImpCasts(integerLiteral(equals(1)))))),
hasDescendant(BadUse)),
BadUse);
const auto Alloc0Func =
functionDecl(anyOf(hasName("::malloc"), hasName("std::malloc"),
hasName("::alloca"), hasName("std::alloca")));
const auto Alloc1Func =
functionDecl(anyOf(hasName("::calloc"), hasName("std::calloc"),
hasName("::realloc"), hasName("std::realloc")));
const auto Alloc0FuncPtr =
varDecl(hasType(isConstQualified()),
hasInitializer(ignoringParenImpCasts(
declRefExpr(hasDeclaration(Alloc0Func)))));
const auto Alloc1FuncPtr =
varDecl(hasType(isConstQualified()),
hasInitializer(ignoringParenImpCasts(
declRefExpr(hasDeclaration(Alloc1Func)))));
Finder->addMatcher(callExpr(callee(decl(anyOf(Alloc0Func, Alloc0FuncPtr))),
hasArgument(0, BadArg))
.bind("Alloc"),
this);
Finder->addMatcher(callExpr(callee(decl(anyOf(Alloc1Func, Alloc1FuncPtr))),
hasArgument(1, BadArg))
.bind("Alloc"),
this);
Finder->addMatcher(
cxxNewExpr(isArray(), hasArraySize(BadArg)).bind("Alloc"), this);
}
void UseEmplaceCheck::registerMatchers(MatchFinder *Finder) {
if (!getLangOpts().CPlusPlus11)
return;
// FIXME: Bunch of functionality that could be easily added:
// + add handling of `push_front` for std::forward_list, std::list
// and std::deque.
// + add handling of `push` for std::stack, std::queue, std::priority_queue
// + add handling of `insert` for stl associative container, but be careful
// because this requires special treatment (it could cause performance
// regression)
// + match for emplace calls that should be replaced with insertion
// + match for make_pair calls.
auto callPushBack = cxxMemberCallExpr(
hasDeclaration(functionDecl(hasName("push_back"))),
on(hasType(cxxRecordDecl(hasAnyName("std::vector", "llvm::SmallVector",
"std::list", "std::deque")))));
// We can't replace push_backs of smart pointer because
// if emplacement fails (f.e. bad_alloc in vector) we will have leak of
// passed pointer because smart pointer won't be constructed
// (and destructed) as in push_back case.
auto isCtorOfSmartPtr = hasDeclaration(cxxConstructorDecl(
ofClass(hasAnyName("std::shared_ptr", "std::unique_ptr", "std::auto_ptr",
"std::weak_ptr"))));
// Bitfields binds only to consts and emplace_back take it by universal ref.
auto bitFieldAsArgument = hasAnyArgument(ignoringParenImpCasts(
memberExpr(hasDeclaration(fieldDecl(matchers::isBitfield())))));
// We could have leak of resource.
auto newExprAsArgument = hasAnyArgument(ignoringParenImpCasts(cxxNewExpr()));
auto constructingDerived =
hasParent(implicitCastExpr(hasCastKind(CastKind::CK_DerivedToBase)));
auto hasInitList = has(ignoringParenImpCasts(initListExpr()));
auto soughtConstructExpr =
cxxConstructExpr(
unless(anyOf(isCtorOfSmartPtr, hasInitList, bitFieldAsArgument,
newExprAsArgument, constructingDerived,
has(materializeTemporaryExpr(hasInitList)))))
.bind("ctor");
auto hasConstructExpr = has(ignoringParenImpCasts(soughtConstructExpr));
auto ctorAsArgument = materializeTemporaryExpr(
anyOf(hasConstructExpr, has(cxxFunctionalCastExpr(hasConstructExpr))));
Finder->addMatcher(
cxxMemberCallExpr(callPushBack, has(ctorAsArgument)).bind("call"), this);
}
void IncorrectRoundingsCheck::registerMatchers(MatchFinder *MatchFinder) {
// Match a floating literal with value 0.5.
auto FloatHalf = floatLiteral(floatHalf());
// Match a floating point expression.
auto FloatType = expr(hasType(realFloatingPointType()));
// Match a floating literal of 0.5 or a floating literal of 0.5 implicitly.
// cast to floating type.
auto FloatOrCastHalf =
anyOf(FloatHalf,
implicitCastExpr(FloatType, has(ignoringParenImpCasts(FloatHalf))));
// Match if either the LHS or RHS is a floating literal of 0.5 or a floating
// literal of 0.5 and the other is of type double or vice versa.
auto OneSideHalf = anyOf(allOf(hasLHS(FloatOrCastHalf), hasRHS(FloatType)),
allOf(hasRHS(FloatOrCastHalf), hasLHS(FloatType)));
// Find expressions of cast to int of the sum of a floating point expression
// and 0.5.
MatchFinder->addMatcher(
implicitCastExpr(
hasImplicitDestinationType(isInteger()),
ignoringParenCasts(binaryOperator(hasOperatorName("+"), OneSideHalf)))
.bind("CastExpr"),
this);
}
void SuspiciousMissingCommaCheck::registerMatchers(MatchFinder *Finder) {
const auto ConcatenatedStringLiteral =
stringLiteral(isConcatenatedLiteral(MaxConcatenatedTokens)).bind("str");
const auto StringsInitializerList =
initListExpr(hasType(constantArrayType()),
has(ignoringParenImpCasts(expr(ConcatenatedStringLiteral))));
Finder->addMatcher(StringsInitializerList.bind("list"), this);
}
void DurationAdditionCheck::registerMatchers(MatchFinder *Finder) {
Finder->addMatcher(
binaryOperator(hasOperatorName("+"),
hasEitherOperand(expr(ignoringParenImpCasts(
callExpr(callee(functionDecl(TimeConversionFunction())
.bind("function_decl")))
.bind("call")))))
.bind("binop"),
this);
}
void ThrownExceptionTypeCheck::registerMatchers(MatchFinder *Finder) {
if (!getLangOpts().CPlusPlus)
return;
Finder->addMatcher(
cxxThrowExpr(has(ignoringParenImpCasts(
cxxConstructExpr(hasDeclaration(cxxConstructorDecl(
isCopyConstructor(), unless(isNoThrow()))))
.bind("expr")))),
this);
}
void UnconventionalAssignOperatorCheck::registerMatchers(
ast_matchers::MatchFinder *Finder) {
// Only register the matchers for C++; the functionality currently does not
// provide any benefit to other languages, despite being benign.
if (!getLangOpts().CPlusPlus)
return;
const auto HasGoodReturnType = cxxMethodDecl(returns(lValueReferenceType(
pointee(unless(isConstQualified()),
anyOf(autoType(), hasDeclaration(equalsBoundNode("class")))))));
const auto IsSelf = qualType(
anyOf(hasDeclaration(equalsBoundNode("class")),
referenceType(pointee(hasDeclaration(equalsBoundNode("class"))))));
const auto IsAssign =
cxxMethodDecl(unless(anyOf(isDeleted(), isPrivate(), isImplicit())),
hasName("operator="), ofClass(recordDecl().bind("class")))
.bind("method");
const auto IsSelfAssign =
cxxMethodDecl(IsAssign, hasParameter(0, parmVarDecl(hasType(IsSelf))))
.bind("method");
Finder->addMatcher(
cxxMethodDecl(IsAssign, unless(HasGoodReturnType)).bind("ReturnType"),
this);
const auto BadSelf = referenceType(
anyOf(lValueReferenceType(pointee(unless(isConstQualified()))),
rValueReferenceType(pointee(isConstQualified()))));
Finder->addMatcher(
cxxMethodDecl(IsSelfAssign,
hasParameter(0, parmVarDecl(hasType(BadSelf))))
.bind("ArgumentType"),
this);
Finder->addMatcher(
cxxMethodDecl(IsSelfAssign, anyOf(isConst(), isVirtual())).bind("cv"),
this);
const auto IsBadReturnStatement = returnStmt(unless(has(ignoringParenImpCasts(
anyOf(unaryOperator(hasOperatorName("*"), hasUnaryOperand(cxxThisExpr())),
cxxOperatorCallExpr(argumentCountIs(1),
callee(unresolvedLookupExpr()),
hasArgument(0, cxxThisExpr())))))));
const auto IsGoodAssign = cxxMethodDecl(IsAssign, HasGoodReturnType);
Finder->addMatcher(returnStmt(IsBadReturnStatement, forFunction(IsGoodAssign))
.bind("returnStmt"),
this);
}
void UseBoolLiteralsCheck::registerMatchers(MatchFinder *Finder) {
if (!getLangOpts().CPlusPlus)
return;
Finder->addMatcher(
implicitCastExpr(
has(ignoringParenImpCasts(integerLiteral().bind("literal"))),
hasImplicitDestinationType(qualType(booleanType())),
unless(isInTemplateInstantiation()),
anyOf(hasParent(explicitCastExpr().bind("cast")), anything())),
this);
Finder->addMatcher(
conditionalOperator(
hasParent(implicitCastExpr(
hasImplicitDestinationType(qualType(booleanType())),
unless(isInTemplateInstantiation()))),
eachOf(hasTrueExpression(
ignoringParenImpCasts(integerLiteral().bind("literal"))),
hasFalseExpression(
ignoringParenImpCasts(integerLiteral().bind("literal"))))),
this);
}
void MisplacedWideningCastCheck::registerMatchers(MatchFinder *Finder) {
const auto Calc =
expr(anyOf(binaryOperator(
anyOf(hasOperatorName("+"), hasOperatorName("-"),
hasOperatorName("*"), hasOperatorName("<<"))),
unaryOperator(hasOperatorName("~"))),
hasType(isInteger()))
.bind("Calc");
const auto ExplicitCast = explicitCastExpr(hasDestinationType(isInteger()),
has(ignoringParenImpCasts(Calc)));
const auto ImplicitCast =
implicitCastExpr(hasImplicitDestinationType(isInteger()),
has(ignoringParenImpCasts(Calc)));
const auto Cast = expr(anyOf(ExplicitCast, ImplicitCast)).bind("Cast");
Finder->addMatcher(varDecl(hasInitializer(Cast)), this);
Finder->addMatcher(returnStmt(hasReturnValue(Cast)), this);
Finder->addMatcher(callExpr(hasAnyArgument(Cast)), this);
Finder->addMatcher(binaryOperator(hasOperatorName("="), hasRHS(Cast)), this);
Finder->addMatcher(
binaryOperator(matchers::isComparisonOperator(), hasEitherOperand(Cast)),
this);
}
void PointerAndIntegralOperationCheck::registerMatchers(MatchFinder *Finder) {
const auto PointerExpr = expr(hasType(pointerType()));
const auto BoolExpr = ignoringParenImpCasts(hasType(booleanType()));
const auto CharExpr = ignoringParenImpCasts(hasType(isAnyCharacter()));
const auto BinOpWithPointerExpr =
binaryOperator(unless(anyOf(hasOperatorName(","), hasOperatorName("="))),
hasEitherOperand(PointerExpr));
const auto AssignToPointerExpr =
binaryOperator(hasOperatorName("="), hasLHS(PointerExpr));
const auto CompareToPointerExpr =
binaryOperator(matchers::isRelationalOperator(),
hasEitherOperand(PointerExpr));
// Detect expression like: ptr = (x != y);
Finder->addMatcher(binaryOperator(AssignToPointerExpr, hasRHS(BoolExpr))
.bind("assign-bool-to-pointer"),
this);
// Detect expression like: ptr = A[i]; where A is char*.
Finder->addMatcher(binaryOperator(AssignToPointerExpr, hasRHS(CharExpr))
.bind("assign-char-to-pointer"),
this);
// Detect expression like: ptr < false;
Finder->addMatcher(
binaryOperator(BinOpWithPointerExpr,
hasEitherOperand(ignoringParenImpCasts(cxxBoolLiteral())))
.bind("pointer-and-bool-literal"),
this);
// Detect expression like: ptr < 'a';
Finder->addMatcher(binaryOperator(BinOpWithPointerExpr,
hasEitherOperand(ignoringParenImpCasts(
characterLiteral())))
.bind("pointer-and-char-literal"),
this);
// Detect expression like: ptr < 0;
Finder->addMatcher(binaryOperator(CompareToPointerExpr,
hasEitherOperand(ignoringParenImpCasts(
integerLiteral(equals(0)))))
.bind("compare-pointer-to-zero"),
this);
// Detect expression like: ptr < nullptr;
Finder->addMatcher(binaryOperator(CompareToPointerExpr,
hasEitherOperand(ignoringParenImpCasts(
cxxNullPtrLiteralExpr())))
.bind("compare-pointer-to-null"),
this);
}
void SizeofContainerCheck::registerMatchers(MatchFinder *Finder) {
Finder->addMatcher(
expr(unless(isInTemplateInstantiation()),
expr(sizeOfExpr(has(ignoringParenImpCasts(
expr(hasType(hasCanonicalType(hasDeclaration(cxxRecordDecl(
matchesName("^(::std::|::string)"),
unless(matchesName("^::std::(bitset|array)$")),
hasMethod(cxxMethodDecl(hasName("size"), isPublic(),
isConst())))))))))))
.bind("sizeof"),
// Ignore ARRAYSIZE(<array of containers>) pattern.
unless(hasAncestor(binaryOperator(
anyOf(hasOperatorName("/"), hasOperatorName("%")),
hasLHS(ignoringParenCasts(sizeOfExpr(expr()))),
hasRHS(ignoringParenCasts(equalsBoundNode("sizeof"))))))),
this);
}
void
ExplicitMakePairCheck::registerMatchers(ast_matchers::MatchFinder *Finder) {
// Only register the matchers for C++; the functionality currently does not
// provide any benefit to other languages, despite being benign.
if (!getLangOpts().CPlusPlus)
return;
// Look for std::make_pair with explicit template args. Ignore calls in
// templates.
Finder->addMatcher(
callExpr(unless(isInTemplateInstantiation()),
callee(expr(ignoringParenImpCasts(
declRefExpr(hasExplicitTemplateArgs(),
to(functionDecl(hasName("::std::make_pair"))))
.bind("declref"))))).bind("call"),
this);
}
void UniqueptrDeleteReleaseCheck::registerMatchers(MatchFinder *Finder) {
auto IsSusbstituted = qualType(anyOf(
substTemplateTypeParmType(), hasDescendant(substTemplateTypeParmType())));
auto UniquePtrWithDefaultDelete = classTemplateSpecializationDecl(
hasName("std::unique_ptr"),
hasTemplateArgument(1, refersToType(qualType(hasDeclaration(cxxRecordDecl(
hasName("std::default_delete")))))));
Finder->addMatcher(
cxxDeleteExpr(has(ignoringParenImpCasts(cxxMemberCallExpr(
on(expr(hasType(UniquePtrWithDefaultDelete),
unless(hasType(IsSusbstituted)))
.bind("uptr")),
callee(cxxMethodDecl(hasName("release")))))))
.bind("delete"),
this);
}
void UniqueptrResetReleaseCheck::registerMatchers(MatchFinder *Finder) {
// Only register the matchers for C++11; the functionality currently does not
// provide any benefit to other languages, despite being benign.
if (!getLangOpts().CPlusPlus11)
return;
Finder->addMatcher(
cxxMemberCallExpr(
on(expr().bind("left")), callee(memberExpr().bind("reset_member")),
callee(
cxxMethodDecl(hasName("reset"),
ofClass(cxxRecordDecl(hasName("::std::unique_ptr"),
decl().bind("left_class"))))),
has(ignoringParenImpCasts(cxxMemberCallExpr(
on(expr().bind("right")),
callee(memberExpr().bind("release_member")),
callee(cxxMethodDecl(
hasName("release"),
ofClass(cxxRecordDecl(hasName("::std::unique_ptr"),
decl().bind("right_class")))))))))
.bind("reset_call"),
this);
}
/// Returns `true` if `Node` is a value which evaluates to a literal `0`.
bool IsLiteralZero(const MatchFinder::MatchResult &Result, const Expr &Node) {
auto ZeroMatcher =
anyOf(integerLiteral(equals(0)), floatLiteral(equals(0.0)));
// Check to see if we're using a zero directly.
if (selectFirst<const clang::Expr>(
"val", match(expr(ignoringImpCasts(ZeroMatcher)).bind("val"), Node,
*Result.Context)) != nullptr)
return true;
// Now check to see if we're using a functional cast with a scalar
// initializer expression, e.g. `int{0}`.
if (selectFirst<const clang::Expr>(
"val", match(cxxFunctionalCastExpr(
hasDestinationType(
anyOf(isInteger(), realFloatingPointType())),
hasSourceExpression(initListExpr(
hasInit(0, ignoringParenImpCasts(ZeroMatcher)))))
.bind("val"),
Node, *Result.Context)) != nullptr)
return true;
return false;
}
void SuspiciousStringCompareCheck::registerMatchers(MatchFinder *Finder) {
// Match relational operators.
const auto ComparisonUnaryOperator = unaryOperator(hasOperatorName("!"));
const auto ComparisonBinaryOperator =
binaryOperator(matchers::isComparisonOperator());
const auto ComparisonOperator =
expr(anyOf(ComparisonUnaryOperator, ComparisonBinaryOperator));
// Add the list of known string compare-like functions and add user-defined
// functions.
std::vector<std::string> FunctionNames = utils::options::parseStringList(
(llvm::Twine(KnownStringCompareFunctions) + StringCompareLikeFunctions)
.str());
// Match a call to a string compare functions.
const auto FunctionCompareDecl =
functionDecl(hasAnyName(std::vector<StringRef>(FunctionNames.begin(),
FunctionNames.end())))
.bind("decl");
const auto DirectStringCompareCallExpr =
callExpr(hasDeclaration(FunctionCompareDecl)).bind("call");
const auto MacroStringCompareCallExpr = conditionalOperator(anyOf(
hasTrueExpression(ignoringParenImpCasts(DirectStringCompareCallExpr)),
hasFalseExpression(ignoringParenImpCasts(DirectStringCompareCallExpr))));
// The implicit cast is not present in C.
const auto StringCompareCallExpr = ignoringParenImpCasts(
anyOf(DirectStringCompareCallExpr, MacroStringCompareCallExpr));
if (WarnOnImplicitComparison) {
// Detect suspicious calls to string compare:
// 'if (strcmp())' -> 'if (strcmp() != 0)'
Finder->addMatcher(
stmt(anyOf(ifStmt(hasCondition(StringCompareCallExpr)),
whileStmt(hasCondition(StringCompareCallExpr)),
doStmt(hasCondition(StringCompareCallExpr)),
forStmt(hasCondition(StringCompareCallExpr)),
binaryOperator(
anyOf(hasOperatorName("&&"), hasOperatorName("||")),
hasEitherOperand(StringCompareCallExpr))))
.bind("missing-comparison"),
this);
}
if (WarnOnLogicalNotComparison) {
// Detect suspicious calls to string compared with '!' operator:
// 'if (!strcmp())' -> 'if (strcmp() == 0)'
Finder->addMatcher(unaryOperator(hasOperatorName("!"),
hasUnaryOperand(ignoringParenImpCasts(
StringCompareCallExpr)))
.bind("logical-not-comparison"),
this);
}
// Detect suspicious cast to an inconsistant type (i.e. not integer type).
Finder->addMatcher(
implicitCastExpr(unless(hasType(isInteger())),
hasSourceExpression(StringCompareCallExpr))
.bind("invalid-conversion"),
this);
// Detect suspicious operator with string compare function as operand.
Finder->addMatcher(
binaryOperator(
unless(anyOf(matchers::isComparisonOperator(), hasOperatorName("&&"),
hasOperatorName("||"), hasOperatorName("="))),
hasEitherOperand(StringCompareCallExpr))
.bind("suspicious-operator"),
this);
// Detect comparison to invalid constant: 'strcmp() == -1'.
const auto InvalidLiteral = ignoringParenImpCasts(
anyOf(integerLiteral(unless(equals(0))),
unaryOperator(
hasOperatorName("-"),
has(ignoringParenImpCasts(integerLiteral(unless(equals(0)))))),
characterLiteral(), cxxBoolLiteral()));
Finder->addMatcher(binaryOperator(matchers::isComparisonOperator(),
hasEitherOperand(StringCompareCallExpr),
hasEitherOperand(InvalidLiteral))
.bind("invalid-comparison"),
this);
}
