DirectIvarAssignment.cpp source code [clang_source_code/lib/StaticAnalyzer/Checkers/DirectIvarAssignment.cpp]

1	//=- DirectIvarAssignment.cpp - Check rules on ObjC properties -- C++ -----==//
2	//
3	// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4	// See https://llvm.org/LICENSE.txt for license information.
5	// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6	//
7	//===----------------------------------------------------------------------===//
8	//
9	// Check that Objective C properties are set with the setter, not though a
10	// direct assignment.
11	//
12	// Two versions of a checker exist: one that checks all methods and the other
13	// that only checks the methods annotated with
14	// __attribute__((annotate("objc_no_direct_instance_variable_assignment")))
15	//
16	// The checker does not warn about assignments to Ivars, annotated with
17	// __attribute__((objc_allow_direct_instance_variable_assignment"))). This
18	// annotation serves as a false positive suppression mechanism for the
19	// checker. The annotation is allowed on properties and Ivars.
20	//
21	//===----------------------------------------------------------------------===//
22
23	#include "clang/StaticAnalyzer/Checkers/BuiltinCheckerRegistration.h"
24	#include "clang/AST/Attr.h"
25	#include "clang/AST/DeclObjC.h"
26	#include "clang/AST/StmtVisitor.h"
27	#include "clang/StaticAnalyzer/Core/BugReporter/BugReporter.h"
28	#include "clang/StaticAnalyzer/Core/Checker.h"
29	#include "clang/StaticAnalyzer/Core/PathSensitive/AnalysisManager.h"
30	#include "llvm/ADT/DenseMap.h"
31
32	using namespace clang;
33	using namespace ento;
34
35	namespace {
36
37	/// The default method filter, which is used to filter out the methods on which
38	/// the check should not be performed.
39	///
40	/// Checks for the init, dealloc, and any other functions that might be allowed
41	/// to perform direct instance variable assignment based on their name.
42	static bool DefaultMethodFilter(const ObjCMethodDecl *M) {
43	return M->getMethodFamily() == OMF_init \|\|
44	M->getMethodFamily() == OMF_dealloc \|\|
45	M->getMethodFamily() == OMF_copy \|\|
46	M->getMethodFamily() == OMF_mutableCopy \|\|
47	M->getSelector().getNameForSlot(0).find("init") != StringRef::npos \|\|
48	M->getSelector().getNameForSlot(0).find("Init") != StringRef::npos;
49	}
50
51	class DirectIvarAssignment :
52	public Checker<check::ASTDecl<ObjCImplementationDecl> > {
53
54	typedef llvm::DenseMap<const ObjCIvarDecl*,
55	const ObjCPropertyDecl*> IvarToPropertyMapTy;
56
57	/// A helper class, which walks the AST and locates all assignments to ivars
58	/// in the given function.
59	class MethodCrawler : public ConstStmtVisitor<MethodCrawler> {
60	const IvarToPropertyMapTy &IvarToPropMap;
61	const ObjCMethodDecl *MD;
62	const ObjCInterfaceDecl *InterfD;
63	BugReporter &BR;
64	const CheckerBase *Checker;
65	LocationOrAnalysisDeclContext DCtx;
66
67	public:
68	MethodCrawler(const IvarToPropertyMapTy &InMap, const ObjCMethodDecl *InMD,
69	const ObjCInterfaceDecl *InID, BugReporter &InBR,
70	const CheckerBase Checker, AnalysisDeclContext InDCtx)
71	: IvarToPropMap(InMap), MD(InMD), InterfD(InID), BR(InBR),
72	Checker(Checker), DCtx(InDCtx) {}
73
74	void VisitStmt(const Stmt *S) { VisitChildren(S); }
75
76	void VisitBinaryOperator(const BinaryOperator *BO);
77
78	void VisitChildren(const Stmt *S) {
79	for (const Stmt *Child : S->children())
80	if (Child)
81	this->Visit(Child);
82	}
83	};
84
85	public:
86	bool (ShouldSkipMethod)(const ObjCMethodDecl );
87
88	DirectIvarAssignment() : ShouldSkipMethod(&DefaultMethodFilter) {}
89
90	void checkASTDecl(const ObjCImplementationDecl *D, AnalysisManager& Mgr,
91	BugReporter &BR) const;
92	};
93
94	static const ObjCIvarDecl findPropertyBackingIvar(const ObjCPropertyDecl PD,
95	const ObjCInterfaceDecl *InterD,
96	ASTContext &Ctx) {
97	// Check for synthesized ivars.
98	ObjCIvarDecl *ID = PD->getPropertyIvarDecl();
99	if (ID)
100	return ID;
101
102	ObjCInterfaceDecl NonConstInterD = const_cast<ObjCInterfaceDecl>(InterD);
103
104	// Check for existing "_PropName".
105	ID = NonConstInterD->lookupInstanceVariable(PD->getDefaultSynthIvarName(Ctx));
106	if (ID)
107	return ID;
108
109	// Check for existing "PropName".
110	IdentifierInfo *PropIdent = PD->getIdentifier();
111	ID = NonConstInterD->lookupInstanceVariable(PropIdent);
112
113	return ID;
114	}
115
116	void DirectIvarAssignment::checkASTDecl(const ObjCImplementationDecl *D,
117	AnalysisManager& Mgr,
118	BugReporter &BR) const {
119	const ObjCInterfaceDecl *InterD = D->getClassInterface();
120
121
122	IvarToPropertyMapTy IvarToPropMap;
123
124	// Find all properties for this class.
125	for (const auto *PD : InterD->instance_properties()) {
126	// Find the corresponding IVar.
127	const ObjCIvarDecl *ID = findPropertyBackingIvar(PD, InterD,
128	Mgr.getASTContext());
129
130	if (!ID)
131	continue;
132
133	// Store the IVar to property mapping.
134	IvarToPropMap[ID] = PD;
135	}
136
137	if (IvarToPropMap.empty())
138	return;
139
140	for (const auto *M : D->instance_methods()) {
141	AnalysisDeclContext *DCtx = Mgr.getAnalysisDeclContext(M);
142
143	if ((*ShouldSkipMethod)(M))
144	continue;
145
146	const Stmt *Body = M->getBody();
147	assert(Body);
148
149	MethodCrawler MC(IvarToPropMap, M->getCanonicalDecl(), InterD, BR, this,
150	DCtx);
151	MC.VisitStmt(Body);
152	}
153	}
154
155	static bool isAnnotatedToAllowDirectAssignment(const Decl *D) {
156	for (const auto *Ann : D->specific_attrs<AnnotateAttr>())
157	if (Ann->getAnnotation() ==
158	"objc_allow_direct_instance_variable_assignment")
159	return true;
160	return false;
161	}
162
163	void DirectIvarAssignment::MethodCrawler::VisitBinaryOperator(
164	const BinaryOperator *BO) {
165	if (!BO->isAssignmentOp())
166	return;
167
168	const ObjCIvarRefExpr *IvarRef =
169	dyn_cast<ObjCIvarRefExpr>(BO->getLHS()->IgnoreParenCasts());
170
171	if (!IvarRef)
172	return;
173
174	if (const ObjCIvarDecl *D = IvarRef->getDecl()) {
175	IvarToPropertyMapTy::const_iterator I = IvarToPropMap.find(D);
176
177	if (I != IvarToPropMap.end()) {
178	const ObjCPropertyDecl *PD = I->second;
179	// Skip warnings on Ivars, annotated with
180	// objc_allow_direct_instance_variable_assignment. This annotation serves
181	// as a false positive suppression mechanism for the checker. The
182	// annotation is allowed on properties and ivars.
183	if (isAnnotatedToAllowDirectAssignment(PD) \|\|
184	isAnnotatedToAllowDirectAssignment(D))
185	return;
186
187	ObjCMethodDecl *GetterMethod =
188	InterfD->getInstanceMethod(PD->getGetterName());
189	ObjCMethodDecl *SetterMethod =
190	InterfD->getInstanceMethod(PD->getSetterName());
191
192	if (SetterMethod && SetterMethod->getCanonicalDecl() == MD)
193	return;
194
195	if (GetterMethod && GetterMethod->getCanonicalDecl() == MD)
196	return;
197
198	BR.EmitBasicReport(
199	MD, Checker, "Property access", categories::CoreFoundationObjectiveC,
200	"Direct assignment to an instance variable backing a property; "
201	"use the setter instead",
202	PathDiagnosticLocation(IvarRef, BR.getSourceManager(), DCtx));
203	}
204	}
205	}
206	}
207
208	// Register the checker that checks for direct accesses in functions annotated
209	// with __attribute__((annotate("objc_no_direct_instance_variable_assignment"))).
210	static bool AttrFilter(const ObjCMethodDecl *M) {
211	for (const auto *Ann : M->specific_attrs<AnnotateAttr>())
212	if (Ann->getAnnotation() == "objc_no_direct_instance_variable_assignment")
213	return false;
214	return true;
215	}
216
217	// Register the checker that checks for direct accesses in all functions,
218	// except for the initialization and copy routines.
219	void ento::registerDirectIvarAssignment(CheckerManager &mgr) {
220	mgr.registerChecker<DirectIvarAssignment>();
221	}
222
223	bool ento::shouldRegisterDirectIvarAssignment(const LangOptions &LO) {
224	return true;
225	}
226
227	void ento::registerDirectIvarAssignmentForAnnotatedFunctions(
228	CheckerManager &mgr) {
229	mgr.getChecker<DirectIvarAssignment>()->ShouldSkipMethod = &AttrFilter;
230	}
231
232	bool ento::shouldRegisterDirectIvarAssignmentForAnnotatedFunctions(
233	const LangOptions &LO) {
234	return true;
235	}
236

Clang Project