Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[analyzer] Add yaml parser to GenericTaintChecker
While we implemented taint propagation rules for several builtin/standard functions, there's a natural desire for users to add such rules to custom functions. A series of patches will implement an option that allows users to annotate their functions with taint propagation rules through a YAML file. This one adds parsing of the configuration file, which may be specified in the commands line with the analyzer config: alpha.security.taint.TaintPropagation:Config. The configuration may contain propagation rules, filter functions (remove taint) and sink functions (give a warning if it gets a tainted value). I also added a new header for future checkers to conveniently read YAML files as checker options. Differential Revision: https://reviews.llvm.org/D59555 llvm-svn: 367190
- Loading branch information
Showing
8 changed files
with
327 additions
and
25 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,59 @@ | ||
//== Yaml.h ---------------------------------------------------- -*- C++ -*--=// | ||
// | ||
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. | ||
// See https://llvm.org/LICENSE.txt for license information. | ||
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception | ||
// | ||
//===----------------------------------------------------------------------===// | ||
// | ||
// This file defines convenience functions for handling YAML configuration files | ||
// for checkers/packages. | ||
// | ||
//===----------------------------------------------------------------------===// | ||
|
||
#ifndef LLVM_CLANG_LIB_STATICANALYZER_CHECKER_YAML_H | ||
#define LLVM_CLANG_LIB_STATICANALYZER_CHECKER_YAML_H | ||
|
||
#include "clang/StaticAnalyzer/Core/CheckerManager.h" | ||
#include "llvm/Support/YAMLTraits.h" | ||
|
||
namespace clang { | ||
namespace ento { | ||
|
||
/// Read the given file from the filesystem and parse it as a yaml file. The | ||
/// template parameter must have a yaml MappingTraits. | ||
/// Emit diagnostic error in case of any failure. | ||
template <class T, class Checker> | ||
llvm::Optional<T> getConfiguration(CheckerManager &Mgr, Checker *Chk, | ||
StringRef Option, StringRef ConfigFile) { | ||
if (ConfigFile.trim().empty()) | ||
return None; | ||
|
||
llvm::vfs::FileSystem *FS = llvm::vfs::getRealFileSystem().get(); | ||
llvm::ErrorOr<std::unique_ptr<llvm::MemoryBuffer>> Buffer = | ||
FS->getBufferForFile(ConfigFile.str()); | ||
|
||
if (std::error_code ec = Buffer.getError()) { | ||
Mgr.reportInvalidCheckerOptionValue(Chk, Option, | ||
"a valid filename instead of '" + | ||
std::string(ConfigFile) + "'"); | ||
return None; | ||
} | ||
|
||
llvm::yaml::Input Input(Buffer.get()->getBuffer()); | ||
T Config; | ||
Input >> Config; | ||
|
||
if (std::error_code ec = Input.error()) { | ||
Mgr.reportInvalidCheckerOptionValue(Chk, Option, | ||
"a valid yaml file: " + ec.message()); | ||
return None; | ||
} | ||
|
||
return Config; | ||
} | ||
|
||
} // namespace ento | ||
} // namespace clang | ||
|
||
#endif // LLVM_CLANG_LIB_STATICANALYZER_CHECKERS_MOVE_H |
4 changes: 4 additions & 0 deletions
4
clang/test/Analysis/Inputs/taint-generic-config-ill-formed.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
Propagations: | ||
- Name: mySource1 | ||
DstArgs: [-1] | ||
NotExist: 1 |
3 changes: 3 additions & 0 deletions
3
clang/test/Analysis/Inputs/taint-generic-config-invalid-arg.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
Propagations: | ||
- Name: mySource1 | ||
DstArgs: [-2] |
Oops, something went wrong.