rust/clippy_lints/src/functions.rs

243 lines
8.0 KiB
Rust
Raw Normal View History

2018-10-06 09:18:06 -07:00
// Copyright 2014-2018 The Rust Project Developers. See the COPYRIGHT
// file at the top-level directory of this distribution.
//
// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
// http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
// option. This file may not be copied, modified, or distributed
// except according to those terms.
2018-07-19 00:24:19 -07:00
use matches::matches;
use crate::rustc::hir::intravisit;
use crate::rustc::hir;
use crate::rustc::lint::{LateContext, LateLintPass, LintArray, LintPass};
use crate::rustc::{declare_tool_lint, lint_array};
use crate::rustc::ty;
use crate::rustc::hir::def::Def;
use crate::rustc_data_structures::fx::FxHashSet;
use crate::syntax::ast;
use crate::rustc_target::spec::abi::Abi;
use crate::syntax::source_map::Span;
2018-05-30 10:15:50 +02:00
use crate::utils::{iter_input_pats, span_lint, type_is_unsafe_function};
2016-03-09 00:48:10 +01:00
/// **What it does:** Checks for functions with too many parameters.
2016-03-09 00:48:10 +01:00
///
/// **Why is this bad?** Functions with lots of parameters are considered bad
/// style and reduce readability (“what does the 5th parameter mean?”). Consider
/// grouping some parameters into a new type.
2016-03-09 00:48:10 +01:00
///
/// **Known problems:** None.
///
/// **Example:**
/// ```rust
2017-08-09 09:30:56 +02:00
/// fn foo(x: u32, y: u32, name: &str, c: Color, w: f32, h: f32, a: f32, b:
/// f32) { .. }
2016-03-09 00:48:10 +01:00
/// ```
2018-03-28 15:24:26 +02:00
declare_clippy_lint! {
2016-03-09 00:48:10 +01:00
pub TOO_MANY_ARGUMENTS,
2018-03-29 13:41:53 +02:00
complexity,
2016-03-09 00:48:10 +01:00
"functions with too many arguments"
}
/// **What it does:** Checks for public functions that dereferences raw pointer
/// arguments but are not marked unsafe.
///
/// **Why is this bad?** The function should probably be marked `unsafe`, since
/// for an arbitrary raw pointer, there is no way of telling for sure if it is
/// valid.
///
/// **Known problems:**
///
/// * It does not check functions recursively so if the pointer is passed to a
2017-08-09 09:30:56 +02:00
/// private non-`unsafe` function which does the dereferencing, the lint won't
/// trigger.
/// * It only checks for arguments whose type are raw pointers, not raw pointers
/// got from an argument in some other way (`fn foo(bar: &[*const u8])` or
/// `some_argument.get_raw_ptr()`).
///
/// **Example:**
/// ```rust
/// pub fn foo(x: *const u8) { println!("{}", unsafe { *x }); }
/// ```
2018-03-28 15:24:26 +02:00
declare_clippy_lint! {
pub NOT_UNSAFE_PTR_ARG_DEREF,
2018-03-28 15:24:26 +02:00
correctness,
"public functions dereferencing raw pointer arguments but not marked `unsafe`"
}
2017-08-09 09:30:56 +02:00
#[derive(Copy, Clone)]
2016-03-09 00:48:10 +01:00
pub struct Functions {
threshold: u64,
}
impl Functions {
2017-08-21 13:32:12 +02:00
pub fn new(threshold: u64) -> Self {
2017-09-05 11:33:04 +02:00
Self {
threshold,
2017-09-05 11:33:04 +02:00
}
2016-03-09 00:48:10 +01:00
}
}
impl LintPass for Functions {
fn get_lints(&self) -> LintArray {
lint_array!(TOO_MANY_ARGUMENTS, NOT_UNSAFE_PTR_ARG_DEREF)
2016-03-09 00:48:10 +01:00
}
}
impl<'a, 'tcx> LateLintPass<'a, 'tcx> for Functions {
fn check_fn(
&mut self,
cx: &LateContext<'a, 'tcx>,
kind: intravisit::FnKind<'tcx>,
decl: &'tcx hir::FnDecl,
body: &'tcx hir::Body,
span: Span,
2017-08-09 09:30:56 +02:00
nodeid: ast::NodeId,
) {
2018-08-28 13:13:42 +02:00
let is_impl = if let Some(hir::Node::Item(item)) = cx.tcx.hir.find(cx.tcx.hir.get_parent_node(nodeid)) {
2018-07-16 15:07:39 +02:00
matches!(item.node, hir::ItemKind::Impl(_, _, _, _, Some(_), _, _))
} else {
false
};
let unsafety = match kind {
hir::intravisit::FnKind::ItemFn(_, _, hir::FnHeader { unsafety, .. }, _, _) => unsafety,
hir::intravisit::FnKind::Method(_, sig, _, _) => sig.header.unsafety,
hir::intravisit::FnKind::Closure(_) => return,
};
// don't warn for implementations, it's not their fault
if !is_impl {
// don't lint extern functions decls, it's not their fault either
match kind {
hir::intravisit::FnKind::Method(_, &hir::MethodSig { header: hir::FnHeader { abi: Abi::Rust, .. }, .. }, _, _) |
hir::intravisit::FnKind::ItemFn(_, _, hir::FnHeader { abi: Abi::Rust, .. }, _, _) => self.check_arg_number(cx, decl, span),
_ => {},
}
2016-03-09 00:48:10 +01:00
}
self.check_raw_ptr(cx, unsafety, decl, body, nodeid);
2016-03-09 00:48:10 +01:00
}
fn check_trait_item(&mut self, cx: &LateContext<'a, 'tcx>, item: &'tcx hir::TraitItem) {
if let hir::TraitItemKind::Method(ref sig, ref eid) = item.node {
// don't lint extern functions decls, it's not their fault
if sig.header.abi == Abi::Rust {
self.check_arg_number(cx, &sig.decl, item.span);
}
if let hir::TraitMethod::Provided(eid) = *eid {
2017-02-02 17:53:28 +01:00
let body = cx.tcx.hir.body(eid);
self.check_raw_ptr(cx, sig.header.unsafety, &sig.decl, body, item.id);
}
2016-03-09 00:48:10 +01:00
}
}
}
impl<'a, 'tcx> Functions {
2018-07-23 13:01:12 +02:00
fn check_arg_number(self, cx: &LateContext<'_, '_>, decl: &hir::FnDecl, span: Span) {
2016-03-09 00:48:10 +01:00
let args = decl.inputs.len() as u64;
if args > self.threshold {
2017-08-09 09:30:56 +02:00
span_lint(
cx,
TOO_MANY_ARGUMENTS,
span,
&format!("this function has too many arguments ({}/{})", args, self.threshold),
);
2016-03-09 00:48:10 +01:00
}
}
fn check_raw_ptr(
self,
cx: &LateContext<'a, 'tcx>,
unsafety: hir::Unsafety,
decl: &'tcx hir::FnDecl,
body: &'tcx hir::Body,
2017-08-09 09:30:56 +02:00
nodeid: ast::NodeId,
) {
let expr = &body.value;
if unsafety == hir::Unsafety::Normal && cx.access_levels.is_exported(nodeid) {
2017-01-04 15:53:16 -08:00
let raw_ptrs = iter_input_pats(decl, body)
.zip(decl.inputs.iter())
.filter_map(|(arg, ty)| raw_ptr_arg(arg, ty))
.collect::<FxHashSet<_>>();
if !raw_ptrs.is_empty() {
2017-08-21 12:57:33 +02:00
let tables = cx.tcx.body_tables(body.id());
let mut v = DerefVisitor {
cx,
ptrs: raw_ptrs,
2017-08-21 12:57:33 +02:00
tables,
};
hir::intravisit::walk_expr(&mut v, expr);
}
}
}
}
2017-09-12 14:26:40 +02:00
fn raw_ptr_arg(arg: &hir::Arg, ty: &hir::Ty) -> Option<ast::NodeId> {
2018-07-12 16:03:06 +08:00
if let (&hir::PatKind::Binding(_, id, _, _), &hir::TyKind::Ptr(_)) = (&arg.pat.node, &ty.node) {
2017-09-12 14:26:40 +02:00
Some(id)
} else {
None
}
}
struct DerefVisitor<'a, 'tcx: 'a> {
cx: &'a LateContext<'a, 'tcx>,
ptrs: FxHashSet<ast::NodeId>,
2017-08-21 12:57:33 +02:00
tables: &'a ty::TypeckTables<'tcx>,
}
impl<'a, 'tcx> hir::intravisit::Visitor<'tcx> for DerefVisitor<'a, 'tcx> {
fn visit_expr(&mut self, expr: &'tcx hir::Expr) {
match expr.node {
2018-07-12 15:30:57 +08:00
hir::ExprKind::Call(ref f, ref args) => {
2017-08-21 12:57:33 +02:00
let ty = self.tables.expr_ty(f);
if type_is_unsafe_function(self.cx, ty) {
for arg in args {
self.check_arg(arg);
}
}
2016-12-20 18:21:30 +01:00
},
2018-07-12 15:30:57 +08:00
hir::ExprKind::MethodCall(_, _, ref args) => {
2017-08-21 12:57:33 +02:00
let def_id = self.tables.type_dependent_defs()[expr.hir_id].def_id();
let base_type = self.cx.tcx.type_of(def_id);
if type_is_unsafe_function(self.cx, base_type) {
for arg in args {
self.check_arg(arg);
}
}
2016-12-20 18:21:30 +01:00
},
2018-07-12 15:30:57 +08:00
hir::ExprKind::Unary(hir::UnDeref, ref ptr) => self.check_arg(ptr),
_ => (),
}
hir::intravisit::walk_expr(self, expr);
}
fn nested_visit_map<'this>(&'this mut self) -> intravisit::NestedVisitorMap<'this, 'tcx> {
intravisit::NestedVisitorMap::None
}
2016-03-09 00:48:10 +01:00
}
impl<'a, 'tcx: 'a> DerefVisitor<'a, 'tcx> {
fn check_arg(&self, ptr: &hir::Expr) {
2018-07-12 15:30:57 +08:00
if let hir::ExprKind::Path(ref qpath) = ptr.node {
2017-09-12 14:26:40 +02:00
if let Def::Local(id) = self.cx.tables.qpath_def(qpath, ptr.hir_id) {
if self.ptrs.contains(&id) {
span_lint(
self.cx,
NOT_UNSAFE_PTR_ARG_DEREF,
ptr.span,
"this public function dereferences a raw pointer but is not marked `unsafe`",
);
}
}
}
}
}