[-Wunsafe-buffer-usage] Generate fix-it for local variable declarations

Use clang fix-its to transform declarations of local variables, which are used for buffer access , to be of std::span type. We placed a few limitations to keep the solution simple: - it only transforms local variable declarations (no parameter declaration); - it only considers single level pointers, i.e., pointers of type T * regardless of whether T is again a pointer; - it only transforms to std::span types (no std::array, or std::span::iterator, or ...); - it can only transform a VarDecl that belongs to a DeclStmt whose has a single child. One of the purposes of keeping this patch simple enough is to first evaluate if fix-it is an appropriate approach to do the transformation. This commit was reverted by 622be09 for a compilation warning and now it is fixed. Reviewed by: NoQ, jkorous Differential revision: https://reviews.llvm.org/D139737
llvm · Feb 7, 2023 · bdf4f2b · bdf4f2b
1 parent 82d852c
commit bdf4f2b
Show file tree

Hide file tree

Showing 7 changed files with 539 additions and 29 deletions.
diff --git a/clang/include/clang/Analysis/Analyses/UnsafeBufferUsage.h b/clang/include/clang/Analysis/Analyses/UnsafeBufferUsage.h
@@ -37,6 +37,15 @@ class UnsafeBufferUsageHandler {
   /// Invoked when a fix is suggested against a variable.
   virtual void handleFixableVariable(const VarDecl *Variable,
                                      FixItList &&List) = 0;
+
+  /// Returns the text indicating that the user needs to provide input there:
+  virtual std::string
+  getUserFillPlaceHolder(StringRef HintTextToUser = "placeholder") {
+    std::string s = std::string("<# ");
+    s += HintTextToUser;
+    s += " #>";
+    return s;
+  }
 };
 
 // This function invokes the analysis and allows the caller to react to it

diff --git a/clang/include/clang/Analysis/Analyses/UnsafeBufferUsageGadgets.def b/clang/include/clang/Analysis/Analyses/UnsafeBufferUsageGadgets.def
@@ -30,6 +30,7 @@ WARNING_GADGET(Decrement)
 WARNING_GADGET(ArraySubscript)
 WARNING_GADGET(PointerArithmetic)
 WARNING_GADGET(UnsafeBufferUsageAttr)
+FIXABLE_GADGET(ULCArraySubscript)
 
 #undef FIXABLE_GADGET
 #undef WARNING_GADGET

diff --git a/clang/include/clang/Basic/DiagnosticSemaKinds.td b/clang/include/clang/Basic/DiagnosticSemaKinds.td
@@ -11790,6 +11790,8 @@ def warn_unsafe_buffer_operation : Warning<
   InGroup<UnsafeBufferUsage>, DefaultIgnore;
 def note_unsafe_buffer_operation : Note<
   "used%select{| in pointer arithmetic| in buffer access}0 here">;
+def note_unsafe_buffer_variable_fixit : Note<
+  "change type of '%0' to '%select{std::span|std::array|std::span::iterator}1' to preserve bounds information">;
 def err_loongarch_builtin_requires_la32 : Error<
   "this builtin requires target: loongarch32">;
 } // end of sema component.