1//===-- UncheckedOptionalAccessModel.h --------------------------*- C++ -*-===//
2//
3// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4// See https://llvm.org/LICENSE.txt for license information.
5// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6//
7//===----------------------------------------------------------------------===//
8//
9//  This file defines a dataflow analysis that detects unsafe uses of optional
10//  values.
11//
12//===----------------------------------------------------------------------===//
13
14#ifndef CLANG_ANALYSIS_FLOWSENSITIVE_MODELS_UNCHECKEDOPTIONALACCESSMODEL_H
15#define CLANG_ANALYSIS_FLOWSENSITIVE_MODELS_UNCHECKEDOPTIONALACCESSMODEL_H
16
17#include "clang/AST/ASTContext.h"
18#include "clang/Analysis/CFG.h"
19#include "clang/Analysis/FlowSensitive/CFGMatchSwitch.h"
20#include "clang/Analysis/FlowSensitive/DataflowAnalysis.h"
21#include "clang/Analysis/FlowSensitive/DataflowEnvironment.h"
22#include "clang/Analysis/FlowSensitive/NoopLattice.h"
23#include "clang/Basic/SourceLocation.h"
24#include "llvm/ADT/SmallVector.h"
25
26namespace clang {
27namespace dataflow {
28
29// FIXME: Explore using an allowlist-approach, where constructs supported by the
30// analysis are always enabled and additional constructs are enabled through the
31// `Options`.
32struct UncheckedOptionalAccessModelOptions {
33  /// In generating diagnostics, ignore optionals reachable through overloaded
34  /// `operator*` or `operator->` (other than those of the optional type
35  /// itself). The analysis does not equate the results of such calls, so it
36  /// can't identify when their results are used safely (across calls),
37  /// resulting in false positives in all such cases. Note: this option does not
38  /// cover access through `operator[]`.
39  bool IgnoreSmartPointerDereference = false;
40};
41
42/// Dataflow analysis that models whether optionals hold values or not.
43///
44/// Models the `std::optional`, `absl::optional`, and `base::Optional` types.
45class UncheckedOptionalAccessModel
46    : public DataflowAnalysis<UncheckedOptionalAccessModel, NoopLattice> {
47public:
48  UncheckedOptionalAccessModel(ASTContext &Ctx, dataflow::Environment &Env);
49
50  /// Returns a matcher for the optional classes covered by this model.
51  static ast_matchers::DeclarationMatcher optionalClassDecl();
52
53  static NoopLattice initialElement() { return {}; }
54
55  void transfer(const CFGElement &Elt, NoopLattice &L, Environment &Env);
56
57private:
58  CFGMatchSwitch<TransferState<NoopLattice>> TransferMatchSwitch;
59};
60
61class UncheckedOptionalAccessDiagnoser {
62public:
63  UncheckedOptionalAccessDiagnoser(
64      UncheckedOptionalAccessModelOptions Options = {});
65
66  llvm::SmallVector<SourceLocation>
67  operator()(const CFGElement &Elt, ASTContext &Ctx,
68             const TransferStateForDiagnostics<NoopLattice> &State) {
69    return DiagnoseMatchSwitch(Elt, Ctx, State.Env);
70  }
71
72private:
73  CFGMatchSwitch<const Environment, llvm::SmallVector<SourceLocation>>
74      DiagnoseMatchSwitch;
75};
76
77} // namespace dataflow
78} // namespace clang
79
80#endif // CLANG_ANALYSIS_FLOWSENSITIVE_MODELS_UNCHECKEDOPTIONALACCESSMODEL_H
81