[clang-tidy] Move 'cert-msc51-cpp', 'cert-msc32-c' checks outside of 'cert' module and give a proper name #167143
+155
−119
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…'cert' module and give a proper name Summary: This change addresses sub-issue llvm#157296 of parent issue llvm#157287, which aims to clean up the `cert` module by moving checks that don't directly map to CERT security standards to more appropriate modules. The checks `cert-msc51-cpp` and `cert-msc32-c` both implement the same logic to detect random number generators that are not properly seeded. This is a generic bug pattern rather than a CERT-specific security constraint, making it more suitable for the `bugprone` module. Closes: llvm#157296
|
Thank you for submitting a Pull Request (PR) to the LLVM Project! This PR will be automatically labeled and the relevant teams will be notified. If you wish to, you can add reviewers by using the "Reviewers" section on this page. If this is not working for you, it is probably because you do not have write permissions for the repository. In which case you can instead tag reviewers by name in a comment by using If you have received no comments on your PR for a week, you can request a review by "ping"ing the PR by adding a comment “Ping”. The common courtesy "ping" rate is once a week. Please remember that you are asking for valuable time from other developers. If you have further questions, they may be answered by the LLVM GitHub User Guide. You can also ask questions in a comment on this PR, on the LLVM Discord or on the forums. |
Member
|
@llvm/pr-subscribers-clang-tools-extra @llvm/pr-subscribers-clang-tidy Author: None (luobochuanqi) Changes…'cert' module and give a proper name Summary: The checks Closes: #157296 Patch is 34.89 KiB, truncated to 20.00 KiB below, full version: https://github.com/llvm/llvm-project/pull/167143.diff 12 Files Affected:
diff --git a/clang-tools-extra/clang-tidy/bugprone/BugproneTidyModule.cpp b/clang-tools-extra/clang-tidy/bugprone/BugproneTidyModule.cpp
index baea231f6e060..48f0b13145db1 100644
--- a/clang-tools-extra/clang-tidy/bugprone/BugproneTidyModule.cpp
+++ b/clang-tools-extra/clang-tidy/bugprone/BugproneTidyModule.cpp
@@ -64,6 +64,7 @@
#include "ParentVirtualCallCheck.h"
#include "PointerArithmeticOnPolymorphicObjectCheck.h"
#include "PosixReturnCheck.h"
+#include "ProperlySeededRandomGeneratorCheck.h"
#include "RawMemoryCallOnNonTrivialTypeCheck.h"
#include "RedundantBranchConditionCheck.h"
#include "ReservedIdentifierCheck.h"
@@ -227,6 +228,8 @@ class BugproneModule : public ClangTidyModule {
CheckFactories.registerCheck<ParentVirtualCallCheck>(
"bugprone-parent-virtual-call");
CheckFactories.registerCheck<PosixReturnCheck>("bugprone-posix-return");
+ CheckFactories.registerCheck<ProperlySeededRandomGeneratorCheck>(
+ "bugprone-random-generator-seed");
CheckFactories.registerCheck<RawMemoryCallOnNonTrivialTypeCheck>(
"bugprone-raw-memory-call-on-non-trivial-type");
CheckFactories.registerCheck<ReservedIdentifierCheck>(
diff --git a/clang-tools-extra/clang-tidy/bugprone/CMakeLists.txt b/clang-tools-extra/clang-tidy/bugprone/CMakeLists.txt
index aacaa61888147..e5fdd96409c74 100644
--- a/clang-tools-extra/clang-tidy/bugprone/CMakeLists.txt
+++ b/clang-tools-extra/clang-tidy/bugprone/CMakeLists.txt
@@ -65,6 +65,7 @@ add_clang_library(clangTidyBugproneModule STATIC
ParentVirtualCallCheck.cpp
PointerArithmeticOnPolymorphicObjectCheck.cpp
PosixReturnCheck.cpp
+ ProperlySeededRandomGeneratorCheck.cpp
RawMemoryCallOnNonTrivialTypeCheck.cpp
RedundantBranchConditionCheck.cpp
ReservedIdentifierCheck.cpp
diff --git a/clang-tools-extra/clang-tidy/cert/ProperlySeededRandomGeneratorCheck.cpp b/clang-tools-extra/clang-tidy/bugprone/ProperlySeededRandomGeneratorCheck.cpp
similarity index 100%
rename from clang-tools-extra/clang-tidy/cert/ProperlySeededRandomGeneratorCheck.cpp
rename to clang-tools-extra/clang-tidy/bugprone/ProperlySeededRandomGeneratorCheck.cpp
diff --git a/clang-tools-extra/clang-tidy/cert/ProperlySeededRandomGeneratorCheck.h b/clang-tools-extra/clang-tidy/bugprone/ProperlySeededRandomGeneratorCheck.h
similarity index 74%
rename from clang-tools-extra/clang-tidy/cert/ProperlySeededRandomGeneratorCheck.h
rename to clang-tools-extra/clang-tidy/bugprone/ProperlySeededRandomGeneratorCheck.h
index 8cb2e624e0501..fee00f1f180a7 100644
--- a/clang-tools-extra/clang-tidy/cert/ProperlySeededRandomGeneratorCheck.h
+++ b/clang-tools-extra/clang-tidy/bugprone/ProperlySeededRandomGeneratorCheck.h
@@ -6,13 +6,13 @@
//
//===----------------------------------------------------------------------===//
-#ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_PROPERLYSEEDEDRANDOMGENERATORCHECK_H
-#define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_PROPERLYSEEDEDRANDOMGENERATORCHECK_H
+#ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_BUGPRONE_PROPERLY_SEEDED_RANDOM_GENERATOR_H
+#define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_BUGPRONE_PROPERLY_SEEDED_RANDOM_GENERATOR_H
#include "../ClangTidyCheck.h"
#include <string>
-namespace clang::tidy::cert {
+namespace clang::tidy::bugprone {
/// Random number generator must be seeded properly.
///
@@ -20,7 +20,7 @@ namespace clang::tidy::cert {
/// constant expression is a security vulnerability.
///
/// For the user-facing documentation see:
-/// https://clang.llvm.org/extra/clang-tidy/checks/cert/msc51-cpp.html
+/// https://clang.llvm.org/extra/clang-tidy/checks/bugprone/random-generator-seed.html
class ProperlySeededRandomGeneratorCheck : public ClangTidyCheck {
public:
ProperlySeededRandomGeneratorCheck(StringRef Name, ClangTidyContext *Context);
@@ -37,6 +37,6 @@ class ProperlySeededRandomGeneratorCheck : public ClangTidyCheck {
SmallVector<StringRef, 5> DisallowedSeedTypes;
};
-} // namespace clang::tidy::cert
+} // namespace clang::tidy::bugprone
-#endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_PROPERLYSEEDEDRANDOMGENERATORCHECK_H
+#endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_BUGPRONE_PROPERLY_SEEDED_RANDOM_GENERATOR_H
diff --git a/clang-tools-extra/clang-tidy/cert/CERTTidyModule.cpp b/clang-tools-extra/clang-tidy/cert/CERTTidyModule.cpp
index 2f6fc4db46545..c53a742202c99 100644
--- a/clang-tools-extra/clang-tidy/cert/CERTTidyModule.cpp
+++ b/clang-tools-extra/clang-tidy/cert/CERTTidyModule.cpp
@@ -15,6 +15,7 @@
#include "../bugprone/DefaultOperatorNewOnOveralignedTypeCheck.h"
#include "../bugprone/FloatLoopCounterCheck.h"
#include "../bugprone/PointerArithmeticOnPolymorphicObjectCheck.h"
+#include "../bugprone/ProperlySeededRandomGeneratorCheck.h"
#include "../bugprone/RawMemoryCallOnNonTrivialTypeCheck.h"
#include "../bugprone/ReservedIdentifierCheck.h"
#include "../bugprone/SignalHandlerCheck.h"
@@ -41,6 +42,7 @@
#include "../readability/UppercaseLiteralSuffixCheck.h"
#include "LimitedRandomnessCheck.h"
#include "ProperlySeededRandomGeneratorCheck.h"
+#include "MutatingCopyCheck.h"
#include "ThrownExceptionTypeCheck.h"
namespace {
@@ -271,7 +273,7 @@ class CERTModule : public ClangTidyModule {
"cert-mem57-cpp");
// MSC
CheckFactories.registerCheck<LimitedRandomnessCheck>("cert-msc50-cpp");
- CheckFactories.registerCheck<ProperlySeededRandomGeneratorCheck>(
+ CheckFactories.registerCheck<bugprone::ProperlySeededRandomGeneratorCheck>(
"cert-msc51-cpp");
CheckFactories.registerCheck<bugprone::SignalHandlerCheck>(
"cert-msc54-cpp");
@@ -324,7 +326,7 @@ class CERTModule : public ClangTidyModule {
CheckFactories.registerCheck<bugprone::UnsafeFunctionsCheck>(
"cert-msc24-c");
CheckFactories.registerCheck<LimitedRandomnessCheck>("cert-msc30-c");
- CheckFactories.registerCheck<ProperlySeededRandomGeneratorCheck>(
+ CheckFactories.registerCheck<bugprone::ProperlySeededRandomGeneratorCheck>(
"cert-msc32-c");
CheckFactories.registerCheck<bugprone::UnsafeFunctionsCheck>(
"cert-msc33-c");
diff --git a/clang-tools-extra/clang-tidy/cert/CMakeLists.txt b/clang-tools-extra/clang-tidy/cert/CMakeLists.txt
index 5abb47277e78f..31410b0b129a3 100644
--- a/clang-tools-extra/clang-tidy/cert/CMakeLists.txt
+++ b/clang-tools-extra/clang-tidy/cert/CMakeLists.txt
@@ -7,6 +7,7 @@ add_clang_library(clangTidyCERTModule STATIC
CERTTidyModule.cpp
LimitedRandomnessCheck.cpp
ProperlySeededRandomGeneratorCheck.cpp
+ MutatingCopyCheck.cpp
ThrownExceptionTypeCheck.cpp
LINK_LIBS
diff --git a/clang-tools-extra/docs/clang-tidy/checks/bugprone/random-generator-seed.rst b/clang-tools-extra/docs/clang-tidy/checks/bugprone/random-generator-seed.rst
new file mode 100644
index 0000000000000..836bd18ecfc7b
--- /dev/null
+++ b/clang-tools-extra/docs/clang-tidy/checks/bugprone/random-generator-seed.rst
@@ -0,0 +1,40 @@
+.. title:: clang-tidy - bugprone-random-generator-seed
+
+bugprone-random-generator-seed
+==============================
+
+This check flags all pseudo-random number engines, engine adaptor
+instantiations and ``srand()`` when initialized or seeded with default argument,
+constant expression or any user-configurable type. Pseudo-random number
+engines seeded with a predictable value may cause vulnerabilities e.g. in
+security protocols.
+This is a CERT security rule, see
+`MSC51-CPP. Ensure your random number generator is properly seeded
+<https://wiki.sei.cmu.edu/confluence/display/cplusplus/MSC51-CPP.+Ensure+your+random+number+generator+is+properly+seeded>`_ and
+`MSC32-C. Properly seed pseudorandom number generators
+<https://wiki.sei.cmu.edu/confluence/display/c/MSC32-C.+Properly+seed+pseudorandom+number+generators>`_.
+
+Examples:
+
+.. code-block:: c++
+
+ void foo() {
+ std::mt19937 engine1; // Diagnose, always generate the same sequence
+ std::mt19937 engine2(1); // Diagnose
+ engine1.seed(); // Diagnose
+ engine2.seed(1); // Diagnose
+
+ std::time_t t;
+ engine1.seed(std::time(&t)); // Diagnose, system time might be controlled by user
+
+ int x = atoi(argv[1]);
+ std::mt19937 engine3(x); // Will not warn
+ }
+
+Options
+-------
+
+.. option:: DisallowedSeedTypes
+
+ A comma-separated list of the type names which are disallowed.
+ Default value is `time_t,std::time_t`.
diff --git a/clang-tools-extra/docs/clang-tidy/checks/cert/msc32-c.rst b/clang-tools-extra/docs/clang-tidy/checks/cert/msc32-c.rst
index 6e453edefa76e..5cbc385c0c1ba 100644
--- a/clang-tools-extra/docs/clang-tidy/checks/cert/msc32-c.rst
+++ b/clang-tools-extra/docs/clang-tidy/checks/cert/msc32-c.rst
@@ -6,4 +6,4 @@ cert-msc32-c
============
The `cert-msc32-c` check is an alias, please see
-:doc:`cert-msc51-cpp <../cert/msc51-cpp>` for more information.
+:doc:`bugprone-random-generator-seed <../bugprone/random-generator-seed>` for more information.
diff --git a/clang-tools-extra/docs/clang-tidy/checks/cert/msc51-cpp.rst b/clang-tools-extra/docs/clang-tidy/checks/cert/msc51-cpp.rst
index 99e550aef0e7a..993ce31937d26 100644
--- a/clang-tools-extra/docs/clang-tidy/checks/cert/msc51-cpp.rst
+++ b/clang-tools-extra/docs/clang-tidy/checks/cert/msc51-cpp.rst
@@ -3,38 +3,5 @@
cert-msc51-cpp
==============
-This check flags all pseudo-random number engines, engine adaptor
-instantiations and ``srand()`` when initialized or seeded with default argument,
-constant expression or any user-configurable type. Pseudo-random number
-engines seeded with a predictable value may cause vulnerabilities e.g. in
-security protocols.
-This is a CERT security rule, see
-`MSC51-CPP. Ensure your random number generator is properly seeded
-<https://wiki.sei.cmu.edu/confluence/display/cplusplus/MSC51-CPP.+Ensure+your+random+number+generator+is+properly+seeded>`_ and
-`MSC32-C. Properly seed pseudorandom number generators
-<https://wiki.sei.cmu.edu/confluence/display/c/MSC32-C.+Properly+seed+pseudorandom+number+generators>`_.
-
-Examples:
-
-.. code-block:: c++
-
- void foo() {
- std::mt19937 engine1; // Diagnose, always generate the same sequence
- std::mt19937 engine2(1); // Diagnose
- engine1.seed(); // Diagnose
- engine2.seed(1); // Diagnose
-
- std::time_t t;
- engine1.seed(std::time(&t)); // Diagnose, system time might be controlled by user
-
- int x = atoi(argv[1]);
- std::mt19937 engine3(x); // Will not warn
- }
-
-Options
--------
-
-.. option:: DisallowedSeedTypes
-
- A comma-separated list of the type names which are disallowed.
- Default value is `time_t,std::time_t`.
+The `cert-msc51-cpp` check is an alias, please see
+:doc:`bugprone-random-generator-seed <../bugprone/random-generator-seed>` for more information.
diff --git a/clang-tools-extra/docs/clang-tidy/checks/list.rst b/clang-tools-extra/docs/clang-tidy/checks/list.rst
index e2875604af72b..84a5ca1bc52aa 100644
--- a/clang-tools-extra/docs/clang-tidy/checks/list.rst
+++ b/clang-tools-extra/docs/clang-tidy/checks/list.rst
@@ -132,6 +132,7 @@ Clang-Tidy Checks
:doc:`bugprone-parent-virtual-call <bugprone/parent-virtual-call>`, "Yes"
:doc:`bugprone-pointer-arithmetic-on-polymorphic-object <bugprone/pointer-arithmetic-on-polymorphic-object>`,
:doc:`bugprone-posix-return <bugprone/posix-return>`, "Yes"
+ :doc:`bugprone-random-generator-seed <bugprone/random-generator-seed>`, "Yes"
:doc:`bugprone-raw-memory-call-on-non-trivial-type <bugprone/raw-memory-call-on-non-trivial-type>`,
:doc:`bugprone-redundant-branch-condition <bugprone/redundant-branch-condition>`, "Yes"
:doc:`bugprone-reserved-identifier <bugprone/reserved-identifier>`, "Yes"
@@ -181,7 +182,6 @@ Clang-Tidy Checks
:doc:`cert-err33-c <cert/err33-c>`,
:doc:`cert-err60-cpp <cert/err60-cpp>`,
:doc:`cert-msc50-cpp <cert/msc50-cpp>`,
- :doc:`cert-msc51-cpp <cert/msc51-cpp>`,
:doc:`cert-oop58-cpp <cert/oop58-cpp>`,
:doc:`concurrency-mt-unsafe <concurrency/mt-unsafe>`,
:doc:`concurrency-thread-canceltype-asynchronous <concurrency/thread-canceltype-asynchronous>`,
@@ -458,7 +458,7 @@ Check aliases
:doc:`cert-mem57-cpp <cert/mem57-cpp>`, :doc:`bugprone-default-operator-new-on-overaligned-type <bugprone/default-operator-new-on-overaligned-type>`,
:doc:`cert-msc24-c <cert/msc24-c>`, :doc:`bugprone-unsafe-functions <bugprone/unsafe-functions>`,
:doc:`cert-msc30-c <cert/msc30-c>`, :doc:`cert-msc50-cpp <cert/msc50-cpp>`,
- :doc:`cert-msc32-c <cert/msc32-c>`, :doc:`cert-msc51-cpp <cert/msc51-cpp>`,
+ :doc:`cert-msc32-c <cert/msc32-c>`, :doc:`bugprone-random-generator-seed <bugprone/random-generator-seed>`,
:doc:`cert-msc33-c <cert/msc33-c>`, :doc:`bugprone-unsafe-functions <bugprone/unsafe-functions>`,
:doc:`cert-msc54-cpp <cert/msc54-cpp>`, :doc:`bugprone-signal-handler <bugprone/signal-handler>`,
:doc:`cert-oop11-cpp <cert/oop11-cpp>`, :doc:`performance-move-constructor-init <performance/move-constructor-init>`,
diff --git a/clang-tools-extra/test/clang-tidy/checkers/cert/msc32-c.c b/clang-tools-extra/test/clang-tidy/checkers/bugprone/random-generator-seed.c
similarity index 66%
rename from clang-tools-extra/test/clang-tidy/checkers/cert/msc32-c.c
rename to clang-tools-extra/test/clang-tidy/checkers/bugprone/random-generator-seed.c
index 0a1d79b4d916b..e767af2c3e11b 100644
--- a/clang-tools-extra/test/clang-tidy/checkers/cert/msc32-c.c
+++ b/clang-tools-extra/test/clang-tidy/checkers/bugprone/random-generator-seed.c
@@ -1,4 +1,4 @@
-// RUN: %check_clang_tidy %s cert-msc32-c %t -- -config="{CheckOptions: {cert-msc32-c.DisallowedSeedTypes: 'some_type,time_t'}}" -- -std=c99
+// RUN: %check_clang_tidy %s bugprone-random-generator-seed %t -- -config="{CheckOptions: {bugprone-random-generator-seed.DisallowedSeedTypes: 'some_type,time_t'}}" -- -std=c99
void srand(int seed);
typedef int time_t;
@@ -6,15 +6,15 @@ time_t time(time_t *t);
void f(void) {
srand(1);
- // CHECK-MESSAGES: :[[@LINE-1]]:3: warning: random number generator seeded with a constant value will generate a predictable sequence of values [cert-msc32-c]
+ // CHECK-MESSAGES: :[[@LINE-1]]:3: warning: random number generator seeded with a constant value will generate a predictable sequence of values [bugprone-random-generator-seed]
const int a = 1;
srand(a);
- // CHECK-MESSAGES: :[[@LINE-1]]:3: warning: random number generator seeded with a constant value will generate a predictable sequence of values [cert-msc32-c]
+ // CHECK-MESSAGES: :[[@LINE-1]]:3: warning: random number generator seeded with a constant value will generate a predictable sequence of values [bugprone-random-generator-seed]
time_t t;
srand(time(&t)); // Disallowed seed type
- // CHECK-MESSAGES: :[[@LINE-1]]:3: warning: random number generator seeded with a disallowed source of seed value will generate a predictable sequence of values [cert-msc32-c]
+ // CHECK-MESSAGES: :[[@LINE-1]]:3: warning: random number generator seeded with a disallowed source of seed value will generate a predictable sequence of values [bugprone-random-generator-seed]
}
void g(void) {
diff --git a/clang-tools-extra/test/clang-tidy/checkers/cert/msc51-cpp.cpp b/clang-tools-extra/test/clang-tidy/checkers/bugprone/random-generator-seed.cpp
similarity index 77%
rename from clang-tools-extra/test/clang-tidy/checkers/cert/msc51-cpp.cpp
rename to clang-tools-extra/test/clang-tidy/checkers/bugprone/random-generator-seed.cpp
index 637ba58688abe..c8818d6770799 100644
--- a/clang-tools-extra/test/clang-tidy/checkers/cert/msc51-cpp.cpp
+++ b/clang-tools-extra/test/clang-tidy/checkers/bugprone/random-generator-seed.cpp
@@ -1,5 +1,5 @@
-// RUN: %check_clang_tidy %s cert-msc51-cpp %t -- \
-// RUN: -config="{CheckOptions: {cert-msc51-cpp.DisallowedSeedTypes: 'some_type,time_t'}}"
+// RUN: %check_clang_tidy %s bugprone-random-generator-seed %t -- \
+// RUN: -config="{CheckOptions: {bugprone-random-generator-seed.DisallowedSeedTypes: 'some_type,time_t'}}"
namespace std {
@@ -71,114 +71,114 @@ void f() {
time_t t;
std::srand(0);
- // CHECK-MESSAGES: :[[@LINE-1]]:3: warning: random number generator seeded with a constant value will generate a predictable sequence of values [cert-msc51-cpp]
+ // CHECK-MESSAGES: :[[@LINE-1]]:3: warning: random number generator seeded with a constant value will generate a predictable sequence of values [bugprone-random-generator-seed]
std::srand(seed);
- // CHECK-MESSAGES: :[[@LINE-1]]:3: warning: random number generator seeded with a constant value will generate a predictable sequence of values [cert-msc51-cpp]
+ // CHECK-MESSAGES: :[[@LINE-1]]:3: warning: random number generator seeded with a constant value will generate a predictable sequence of values [bugprone-random-generator-seed]
std::srand(time(&t));
- // CHECK-MESSAGES: :[[@LINE-1]]:3: warning: random number generator seeded with a disallowed source of seed value will generate a predictable sequence of values [cert-msc51-cpp]
+ // CHECK-MESSAGES: :[[@LINE-1]]:3: warning: random number generator seeded with a disallowed source of seed value will generate a predictable sequence of values [bugprone-random-generator-seed]
// One instantiation for every engine
std::default_random_engine engine1;
- // CHECK-MESSAGES: :[[@LINE-1]]:30: warning: random number generator seeded with a default argument will generate a predictable sequence of values [cert-msc51-cpp]
+ // CHECK-MESSAGES: :[[@LINE-1]]:30: warning: random number generator seeded with a default argument will generate a predictable sequence of values [bugprone-random-generator-seed]
std::default_random_engine engine2(1);
- // CHECK-MESSAGES: :[[@LINE-1]]:30: warning: random number generator seeded with a constant value will generate a predictable sequence of values [cert-msc51-cpp]
+ // CHECK-MESSAGES: :[[@LINE-1]]:30: warning: random number generator seeded with a constant value will generate a predictable sequence of values [bugprone-random-generator-seed]
std::default_random_engine engine3(seed);
- // CHECK-MESSAGES: :[[@LINE-1]]:30: warning: random number generator seeded with a constant value will generate a predictable sequence of values [cert-msc51-cpp]
+ // CHECK-MESSAGES: :[[@LINE-1]]:30: warning: random number generator seeded with a constant value will generate a predictable sequence of values [bugprone-random-generator-seed]
std::default_random_engine engine4(time(&t));
- // CHECK-MESSAGES: :[[@LINE-1]]:30: warning: random number generator seeded with a disallowed source of seed value will generate a predictable sequence of values [cert-msc51-cpp]
+ // CHECK-MESSAGES: :[[@LINE-1]]:30: warning: random number generator seeded with a disallowed source of seed value will generate a predictable sequence of values [bugprone-random-generator-seed]
engine1.seed();
- // CHECK-MESSAGES: :[[@LINE-1]]:11: warning: random number generator seeded with a default argument will generate a predictable sequence of values [cert-msc51-cpp]
+ // CHECK-MESSAGES: :[[@LINE-1]]:11: warning: random number generator seeded with a default argument will generate a predictable sequence of values [bugprone-random-generator-seed]
engine1.seed(1);
- // CHECK-MESSAGES: :[[@LINE-1]]:11: warning: random number generator seeded with a constant value will generate a predictable sequence of values [cert-msc51-cpp]
+ // CHECK-MESSAGES: :[[@LINE-1]]:11: warning: random number generator seeded with a constant value will generate a predictable sequence of values [bugprone-random-generator-seed]
engine1.seed(seed);
- // CHECK-MESSAGES: :[[@LINE-1]]:11: warning: random number generator seeded with a constant value will generate a predictable sequence of values [cert-msc51-cpp]
+ // CHECK-MESSAGES: :[[@LINE-1]]:11: warning: random number generator seeded with a constant value will generate a predictable sequence of values [bugprone-random-generator-seed]
engine1.seed(time(&t));
- // CHECK-MESSAGES: :[[@LINE-1]]:11: warning: random number generator seeded with a disallowed source of seed value will generate a predictable sequence of values [cert-msc51-cpp]
+ // CHECK-MESSAGES: :[[@LINE-1]]:11: warning: random number generator seeded with a disallowed source of seed value will generate a predictable sequence of values [bugprone-random-generator-seed]
std::mt19937 engine5;
- // CHECK-MESSAGES: :[[@LINE-1]]:16: warning: random number generator seeded with a default argument will generate a predictabl...
[truncated]
|
zeyi2
reviewed
Nov 8, 2025
clang-tools-extra/docs/clang-tidy/checks/bugprone/random-generator-seed.rst
Outdated
Show resolved
Hide resolved
clang-tools-extra/docs/clang-tidy/checks/bugprone/random-generator-seed.rst
Outdated
Show resolved
Hide resolved
clang-tools-extra/clang-tidy/bugprone/ProperlySeededRandomGeneratorCheck.h
Outdated
Show resolved
Hide resolved
|
✅ With the latest revision this PR passed the C/C++ code formatter. |
EugeneZelenko
requested review from
HerrCai0907,
carlosgalvezp,
localspook and
vbvictor
zeyi2
reviewed
Nov 8, 2025
Contributor
|
Please update the PR title, IMO we shouldn't split it into separate lines. |
luobochuanqi
changed the title
vbvictor
reviewed
Nov 9, 2025
clang-tools-extra/docs/clang-tidy/checks/bugprone/random-generator-seed.rst
Outdated
Show resolved
Hide resolved
clang-tools-extra/test/clang-tidy/checkers/bugprone/random-generator-seed.c
Outdated
Show resolved
Hide resolved
clang-tools-extra/test/clang-tidy/checkers/bugprone/random-generator-seed.c
Outdated
Show resolved
Hide resolved
…ator-seed.rst Co-authored-by: Baranov Victor <bar.victor.2002@gmail.com>
…erator-seed.c Co-authored-by: Baranov Victor <bar.victor.2002@gmail.com>
Co-authored-by: Baranov Victor <bar.victor.2002@gmail.com>
vbvictor
approved these changes
Nov 9, 2025
localspook
approved these changes
Nov 9, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
…'cert' module and give a proper name
Summary:
This change addresses sub-issue #157296 of parent issue #157287, which aims to clean up the
certmodule by moving checks that don't directly map to CERT security standards to more appropriate modules.The checks
cert-msc51-cppandcert-msc32-cboth implement the same logic to detect random number generators that are not properly seeded. This is a generic bug pattern rather than a CERT-specific security constraint, making it more suitable for thebugpronemodule.Closes: #157296