shylie/llvm-project
1
0
Fork 0
Code Issues Pull Requests Actions 6 Packages Projects Releases Wiki Activity
llvm-project/clang/test/SemaCXX/new-delete-0x.cpp
Aaron Ballman 84a3aadf0f Diagnose use of VLAs in C++ by default 
Reapplication of 7339c0f782d5c70e0928f8991b0c05338a90c84c with a fix
for a crash involving arrays without a size expression.

Clang supports VLAs in C++ as an extension, but we currently only warn
on their use when you pass -Wvla, -Wvla-extension, or -pedantic.
However, VLAs as they're expressed in C have been considered by WG21
and rejected, are easy to use accidentally to the surprise of users
(e.g., https://ddanilov.me/default-non-standard-features/), and they
have potential security implications beyond constant-size arrays
(https://wiki.sei.cmu.edu/confluence/display/c/ARR32-C.+Ensure+size+arguments+for+variable+length+arrays+are+in+a+valid+range).
C++ users should strongly consider using other functionality such as
std::vector instead.

This seems like sufficiently compelling evidence to warn users about
VLA use by default in C++ modes. This patch enables the -Wvla-extension
diagnostic group in C++ language modes by default, and adds the warning
group to -Wall in GNU++ language modes. The warning is still opt-in in
C language modes, where support for VLAs is somewhat less surprising to
users.

RFC: https://discourse.llvm.org/t/rfc-diagnosing-use-of-vlas-in-c/73109
Fixes https://github.com/llvm/llvm-project/issues/62836
Differential Revision: https://reviews.llvm.org/D156565
2023-10-20 13:10:03 -04:00

41 lines
1.6 KiB
C++
Raw Blame History

// RUN: %clang_cc1 -fsyntax-only -verify %s -triple=i686-pc-linux-gnu -std=c++11
using size_t = decltype(sizeof(0));
struct noreturn_t {} constexpr noreturn = {};
void *operator new [[noreturn]] (size_t, noreturn_t);
void operator delete [[noreturn]] (void*, noreturn_t);
void good_news()
{
auto p = new int[2][[]];
auto q = new int[[]][2];
auto r = new int*[[]][2][[]];
auto s = new (int(*[[]])[2][[]]);
}
void bad_news(int *ip)
{
// attribute-specifiers can go almost anywhere in a new-type-id...
auto r = new int[[]{return 1;}()][2]; // expected-error {{expected ']'}}
auto s = new int*[[]{return 1;}()][2]; // expected-error {{expected ']'}}
// ... but not here:
auto t = new (int(*)[[]]); // expected-error {{an attribute list cannot appear here}}
auto u = new (int(*)[[]{return 1;}()][2]); // expected-error {{C++11 only allows consecutive left square brackets when introducing an attribute}} \
expected-error {{variably modified type}} \
expected-error {{a lambda expression may not appear inside of a constant expression}} \
expected-warning {{variable length arrays in C++ are a Clang extension}} \
expected-note-re {{non-literal type '(lambda at {{.*}})' cannot be used in a constant expression}}
}
void good_deletes()
{
delete [&]{ return (int*)0; }();
}
void bad_deletes()
{
// 'delete []' is always array delete, per [expr.delete]p1.
delete []{ return (int*)0; }(); // expected-error {{'[]' after delete interpreted as 'delete[]'}}
}
Reference in New Issue View Git Blame Copy Permalink