Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[clang-tidy] create a check that looks for constructing a string from a nullptr #92061

Closed
LegalizeAdulthood opened this issue May 14, 2024 · 9 comments
Closed

[clang-tidy] create a check that looks for constructing a string from a nullptr #92061

LegalizeAdulthood opened this issue May 14, 2024 · 9 comments
Labels
clang-tidy enhancement Improving things as opposed to bug fixing, e.g. new or missing feature good first issue https://github.com/llvm/llvm-project/contribute worksforme Resolved as "works for me"

Comments

@LegalizeAdulthood
Copy link
Contributor

LegalizeAdulthood commented May 14, 2024
edited

Consider the following code:

std::string foo()
{
    return nullptr;
}

See compiler explorer example

This code compiles just fine with no warnings or errors, but crashes when you run it. We should be able to detect cases where a nullptr is used to construct a string, at least in the simple case above. I had a real-world bug that was exactly the above scenario, although I have simplified the example to remove irrelevant code. Obviously more sophisticated data flow analysis can propagate nullptr through usages until it hits a std::basic_string constructor, but even detecting the above simple case would be a useful start.

Note: there are several constructor overloads that take a pointer to a character as an argument and they are all invalid if the pointer is nullptr.
@LegalizeAdulthood LegalizeAdulthood added enhancement Improving things as opposed to bug fixing, e.g. new or missing feature good first issue https://github.com/llvm/llvm-project/contribute clang-tidy labels May 14, 2024
@llvmbot
Copy link
Collaborator

llvmbot commented May 14, 2024

@llvm/issue-subscribers-clang-tidy

Author: Richard Thomson (LegalizeAdulthood)

Consider the following code: 
std::string foo()
{
    return nullptr;
}

See compiler explorer example

This code compiles just fine with no warnings or errors, but crashes when you run it. We should be able to detect cases where a nullptr is used to construct a string, at least in the simple case above. I had a real-world bug that was exactly the above scenario, although I have simplified the example to remove irrelevant code. Obviously more sophisticated data flow analysis can propagate nullptr through usages until it hits a std::basic_string constructor, but even detecting the above simple case would be a useful start.

@llvmbot
Copy link
Collaborator

llvmbot commented May 14, 2024

Hi!

This issue may be a good introductory issue for people new to working on LLVM. If you would like to work on this issue, your first steps are:

  1. Check that no other contributor has already been assigned to this issue. If you believe that no one is actually working on it despite an assignment, ping the person. After one week without a response, the assignee may be changed.
  2. In the comments of this issue, request for it to be assigned to you, or just create a pull request after following the steps below. Mention this issue in the description of the pull request.
  3. Fix the issue locally.
  4. Run the test suite locally. Remember that the subdirectories under test/ create fine-grained testing targets, so you can e.g. use make check-clang-ast to only run Clang's AST tests.
  5. Create a Git commit.
  6. Run git clang-format HEAD~1 to format your changes.
  7. Open a pull request to the upstream repository on GitHub. Detailed instructions can be found in GitHub's documentation. Mention this issue in the description of the pull request.

If you have any further questions about this issue, don't hesitate to ask via a comment in the thread below.

@llvmbot
Copy link
Collaborator

llvmbot commented May 14, 2024

@llvm/issue-subscribers-good-first-issue

Author: Richard Thomson (LegalizeAdulthood)

Consider the following code: 
std::string foo()
{
    return nullptr;
}

See compiler explorer example

This code compiles just fine with no warnings or errors, but crashes when you run it. We should be able to detect cases where a nullptr is used to construct a string, at least in the simple case above. I had a real-world bug that was exactly the above scenario, although I have simplified the example to remove irrelevant code. Obviously more sophisticated data flow analysis can propagate nullptr through usages until it hits a std::basic_string constructor, but even detecting the above simple case would be a useful start.

@chrchr-github
Copy link

Caught by bugprone-string-constructor and clang-analyzer-cplusplus.StringChecker:

<source>:9:12: warning: constructing string from nullptr is undefined behaviour [bugprone-string-constructor]
    9 |     return nullptr;
      |            ^
<source>:9:12: warning: The parameter must not be null [clang-analyzer-cplusplus.StringChecker]

@vaisakh-prod
Copy link

Hi @chrchr-github,
are you looking into this??
@LegalizeAdulthood
I'd like to give have a look at this.

@chrchr-github
Copy link

Not sure what there is to do, with two checks already reporting the issue...

@carlosgalvezp
Copy link
Contributor

Then I would say we don't need a third check ;)

@carlosgalvezp carlosgalvezp closed this as not planned Won't fix, can't repro, duplicate, stale May 14, 2024
@EugeneZelenko EugeneZelenko added the worksforme Resolved as "works for me" label May 14, 2024
@LegalizeAdulthood
Copy link
Contributor Author

which two checks report the issue?

@LegalizeAdulthood
Copy link
Contributor Author

oic now github mobile wasn't showing all the comments (how unhelpful!)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
clang-tidy enhancement Improving things as opposed to bug fixing, e.g. new or missing feature good first issue https://github.com/llvm/llvm-project/contribute worksforme Resolved as "works for me"
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@carlosgalvezp @LegalizeAdulthood @EugeneZelenko @llvmbot @vaisakh-prod @chrchr-github