lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 5 Oct 2023 15:38:57 -0700
From:   Ian Rogers <irogers@...gle.com>
To:     Nick Desaulniers <ndesaulniers@...gle.com>
Cc:     Nathan Chancellor <nathan@...nel.org>, Tom Rix <trix@...hat.com>,
        Peter Zijlstra <peterz@...radead.org>,
        Ingo Molnar <mingo@...hat.com>,
        Arnaldo Carvalho de Melo <acme@...nel.org>,
        Mark Rutland <mark.rutland@....com>,
        Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
        Jiri Olsa <jolsa@...nel.org>,
        Namhyung Kim <namhyung@...nel.org>,
        Adrian Hunter <adrian.hunter@...el.com>,
        Yicong Yang <yangyicong@...ilicon.com>,
        Jonathan Cameron <jonathan.cameron@...wei.com>,
        Yang Jihong <yangjihong1@...wei.com>,
        Kan Liang <kan.liang@...ux.intel.com>,
        Ming Wang <wangming01@...ngson.cn>,
        Huacai Chen <chenhuacai@...nel.org>,
        Sean Christopherson <seanjc@...gle.com>,
        K Prateek Nayak <kprateek.nayak@....com>,
        Yanteng Si <siyanteng@...ngson.cn>,
        Yuan Can <yuancan@...wei.com>,
        Ravi Bangoria <ravi.bangoria@....com>,
        James Clark <james.clark@....com>,
        Paolo Bonzini <pbonzini@...hat.com>, llvm@...ts.linux.dev,
        linux-kernel@...r.kernel.org, linux-perf-users@...r.kernel.org,
        bpf@...r.kernel.org
Subject: Re: [PATCH v1 03/18] run-clang-tools: Add pass through checks and and
 header-filter arguments

On Mon, Sep 25, 2023 at 8:44 AM Nick Desaulniers
<ndesaulniers@...gle.com> wrote:
>
> On Fri, Sep 22, 2023 at 10:35 PM Ian Rogers <irogers@...gle.com> wrote:
> >
> > Add a -checks argument to allow the checks passed to the clang-tool to
> > be set on the command line.
> >
> > Add a pass through -header-filter option.
> >
> > Signed-off-by: Ian Rogers <irogers@...gle.com>
> > ---
> >  scripts/clang-tools/run-clang-tools.py | 34 ++++++++++++++++++++------
> >  1 file changed, 27 insertions(+), 7 deletions(-)
> >
> > diff --git a/scripts/clang-tools/run-clang-tools.py b/scripts/clang-tools/run-clang-tools.py
> > index 3266708a8658..5dfe03852cb4 100755
> > --- a/scripts/clang-tools/run-clang-tools.py
> > +++ b/scripts/clang-tools/run-clang-tools.py
> > @@ -33,6 +33,11 @@ def parse_arguments():
> >      path_help = "Path to the compilation database to parse"
> >      parser.add_argument("path", type=str, help=path_help)
> >
> > +    checks_help = "Checks to pass to the analysis"
> > +    parser.add_argument("-checks", type=str, default=None, help=checks_help)
> > +    header_filter_help = "Pass the -header-filter value to the tool"
> > +    parser.add_argument("-header-filter", type=str, default=None, help=header_filter_help)
> > +
> >      return parser.parse_args()
> >
> >
> > @@ -45,14 +50,29 @@ def init(l, a):
> >
> >  def run_analysis(entry):
> >      # Disable all checks, then re-enable the ones we want
> > -    checks = []
> > -    checks.append("-checks=-*")
> > -    if args.type == "clang-tidy":
> > -        checks.append("linuxkernel-*")
> > +    global args
> > +    checks = None
> > +    if args.checks:
> > +        checks = args.checks.split(',')
> >      else:
> > -        checks.append("clang-analyzer-*")
> > -        checks.append("-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling")
> > -    p = subprocess.run(["clang-tidy", "-p", args.path, ",".join(checks), entry["file"]],
> > +        checks = ["-*"]
> > +        if args.type == "clang-tidy":
> > +            checks.append("linuxkernel-*")
> > +        else:
> > +            checks.append("clang-analyzer-*")
> > +            checks.append("-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling")
> > +    file = entry["file"]
> > +    if not file.endswith(".c") and not file.endswith(".cpp"):
> > +        with lock:
> > +            print(f"Skipping non-C file: '{file}'", file=sys.stderr)
> > +        return
> > +    pargs = ["clang-tidy", "-p", args.path]
> > +    if checks:
>
> ^ can `checks` ever be falsy here?  I don't think we need this
> conditional check?

Agreed, it was for an option that I removed. Will fix in v2.

Thanks,
Ian

> > +        pargs.append("-checks=" + ",".join(checks))
> > +    if args.header_filter:
> > +        pargs.append("-header-filter=" + args.header_filter)
> > +    pargs.append(file)
> > +    p = subprocess.run(pargs,
> >                         stdout=subprocess.PIPE,
> >                         stderr=subprocess.STDOUT,
> >                         cwd=entry["directory"])
> > --
> > 2.42.0.515.g380fc7ccd1-goog
> >
>
>
> --
> Thanks,
> ~Nick Desaulniers

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ