Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Defect incorrectly marked as UNSPECIFIED when using clang-tidy:take-config-from-directory=true #4414

Open
orjangj opened this issue Jan 8, 2025 · 2 comments
Open

Defect incorrectly marked as UNSPECIFIED when using clang-tidy:take-config-from-directory=true #4414

orjangj opened this issue Jan 8, 2025 · 2 comments

Comments

@orjangj
Copy link

orjangj commented Jan 8, 2025

Describe the bug

When using --analyzer-config 'clang-tidy:take-config-from-directory=true', then CodeChecker incorrectly parses clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling as UNSPECIFIED. Additionally, when enabling --enable extreme, then CodeChecker reports the same issue twice. One with UNSPECIFIED and one with MEDIUM severity.

The following run only shows the output when also using the --enable extreme option.

$ CodeChecker check -l build/compile_commands.json --analyzer-config 'clang-tidy:take-config-from-directory=true' --enable extreme
[INFO 2025-01-08 10:07] - Enabled checker list can be found in /tmp/tmpkd01u_4a/metadata.json
[INFO 2025-01-08 10:07] - Starting static analysis ...
[INFO 2025-01-08 10:07] - [1/4] cppcheck analyzed example.c successfully.
[INFO 2025-01-08 10:07] - [2/4] clangsa analyzed example.c successfully.
[INFO 2025-01-08 10:07] - [3/4] gcc analyzed example.c successfully.
[INFO 2025-01-08 10:07] - [4/4] clang-tidy analyzed example.c successfully.
[INFO 2025-01-08 10:07] - ----==== Summary ====----
[INFO 2025-01-08 10:07] - Successfully analyzed
[INFO 2025-01-08 10:07] -   clangsa: 1
[INFO 2025-01-08 10:07] -   gcc: 1
[INFO 2025-01-08 10:07] -   clang-tidy: 1
[INFO 2025-01-08 10:07] -   cppcheck: 1
[INFO 2025-01-08 10:07] - Total analyzed compilation commands: 1
[INFO 2025-01-08 10:07] - ----=================----
[INFO 2025-01-08 10:07] - Analysis finished.
[INFO 2025-01-08 10:07] - To view results in the terminal use the "CodeChecker parse" command.
[INFO 2025-01-08 10:07] - To store results use the "CodeChecker store" command.
[INFO 2025-01-08 10:07] - See --help and the user guide for further options about parsing and storing the reports.
[INFO 2025-01-08 10:07] - ----=================----
[INFO 2025-01-08 10:07] - Analysis length: 0.19728589057922363 sec.
Found no defects in example.c
[MEDIUM] /path/to/example.c:8:5: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
    memcpy(dst, src, sz);
    ^

Found 1 defect(s) in example.c

[UNSPECIFIED] /path/to/example.c:8:5: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
    memcpy(dst, src, sz);
    ^

Found 1 defect(s) in example.c


----==== Severity Statistics ====----
-------------------------------
Severity    | Number of reports
-------------------------------
MEDIUM      |                 1
UNSPECIFIED |                 1
-------------------------------
----=================----

----==== Checker Statistics ====----
------------------------------------------------------------------------------------------------------
Checker name                                                         | Severity    | Number of reports
------------------------------------------------------------------------------------------------------
security.insecureAPI.DeprecatedOrUnsafeBufferHandling                | MEDIUM      |                 1
clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling | UNSPECIFIED |                 1
------------------------------------------------------------------------------------------------------
----=================----

----==== File Statistics ====----
-----------------------------
File name | Number of reports
-----------------------------
example.c |                 2
-----------------------------
----=================----

----======== Summary ========----
---------------------------------------------
Number of processed analyzer result files | 4
Number of analyzer reports                | 2
---------------------------------------------
----=================----

As a side-note: Why does the output contain both Found no defects in example.c and Found 1 defect(s) in example.c? Seems contradicting.

CodeChecker version

$ CodeChecker version
[INFO 2025-01-08 09:49] - CodeChecker analyzer version:
---------------------------------------------------------------
Kind                 | Version                                 
---------------------------------------------------------------
Base package version | 6.24.4                                  
Package build date   | 2024-10-28T15:46                        
Git commit ID (hash) | 454d978191ed42c8202a2244dc092dfb6fd8c83a
Git tag information  | 6.24.4                                  
---------------------------------------------------------------

[INFO 2025-01-08 09:49] - CodeChecker web version:
------------------------------------------------------------------------------
Kind                                | Version                                 
------------------------------------------------------------------------------
Base package version                | 6.24.4                                  
Package build date                  | 2024-10-28T15:46                        
Git commit ID (hash)                | 454d978191ed42c8202a2244dc092dfb6fd8c83a
Git tag information                 | 6.24.4                                  
Server supported Thrift API version | 6.58                                    
Client Thrift API version           | 6.58                                    
------------------------------------------------------------------------------

To Reproduce

The following example project can be used to reproduce the issue:

Example project layout

.
├── .clang-tidy
├── CMakeLists.txt
├── example.c
└── example.h

Contents of .clang-tidy

---
Checks: '-*,clang-analyzer-*'
WarningsAsErrors: ''
HeaderFilterRegex: ''
FormatStyle: none
SystemHeaders: false
...

Contents of CMakeLists.txt

cmake_minimum_required(VERSION 3.21)

project(example LANGUAGES C)

set(CMAKE_EXPORT_COMPILE_COMMANDS ON)

add_library(example)
target_sources(example PRIVATE example.c)
target_include_directories(example PUBLIC ${CMAKE_CURRENT_LIST_DIR})

Contents of example.h

#ifndef EXAMPLE_H
#define EXAMPLE_H

#include <stddef.h>

void example_copy(void * dst, void const * src, size_t sz);

#endif // EXAMPLE_H

Contents of example.c

#include "example.h"
#include <string.h>

void example_copy(void * dst, const void * src, size_t sz)
{
    memcpy(dst, src, sz);
}

Steps to reproduce the behaviour:

  1. Install CodeChecker via pip
  2. cmake -B build
  3. CodeChecker check -l build/compile_commands.json --analyzer-config 'clang-tidy:take-config-from-directory=true'
  4. See the issue being marked as UNSPECIFIED in the output
  5. CodeChecker check -l build/compile_commands.json --analyzer-config 'clang-tidy:take-config-from-directory=true' --enable extreme
  6. Now the same issue is being marked two times as both UNSPECIFIED and as MEDIUM

Expected behaviour

I expect the issue to be reported as:

...
[MEDIUM] /path/to/example.c:8:5: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
    memcpy(dst, src, sz);
    ^

Found 1 defect(s) in example.c

----==== Severity Statistics ====----
-------------------------------
Severity    | Number of reports
-------------------------------
MEDIUM      |                 1
-------------------------------
----=================----

----==== Checker Statistics ====----
------------------------------------------------------------------------------------------------------
Checker name                                                         | Severity    | Number of reports
------------------------------------------------------------------------------------------------------
security.insecureAPI.DeprecatedOrUnsafeBufferHandling                | MEDIUM      |                 1
------------------------------------------------------------------------------------------------------
...

Desktop (please complete the following information)

  • OS: Linux (Fedora 40)
  • Version: Kernel version 6.12.6-100.fc40.x86_64
@orjangj
Copy link
Author

orjangj commented Jan 8, 2025
edited
Loading

Forgot to mention clang & clang-tidy version:

$ clang --version
clang version 18.1.8 (Fedora 18.1.8-1.fc40)
Target: x86_64-redhat-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
Configuration file: /etc/clang/x86_64-redhat-linux-gnu-clang.cfg

$ clang-tidy --version
LLVM (http://llvm.org/):
  LLVM version 18.1.8
  Optimized build.

@orjangj
Copy link
Author

orjangj commented Jan 8, 2025

I believe this is somewhat related to #4211 as well.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@orjangj