Author: aaronballman
Date: Wed Jul 4 18:35:49 2018
New Revision: 336302
URL: http://llvm.org/viewvc/llvm-project?rev=336302&view=rev
Log:
Adding some documentation changes that were missed in r336301.
Added:
clang-tools-extra/trunk/docs/clang-tidy/checks/cert-msc51-cpp.rst
Modified:
clang-tools-extra/trunk/docs/clang-tidy/checks/list.rst
Added: clang-tools-extra/trunk/docs/clang-tidy/checks/cert-msc51-cpp.rst
URL:
http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/docs/clang-tidy/checks/cert-msc51-cpp.rst?rev=336302&view=auto
==============================================================================
--- clang-tools-extra/trunk/docs/clang-tidy/checks/cert-msc51-cpp.rst (added)
+++ clang-tools-extra/trunk/docs/clang-tidy/checks/cert-msc51-cpp.rst Wed Jul
4 18:35:49 2018
@@ -0,0 +1,40 @@
+.. title:: clang-tidy - cert-msc51-cpp
+
+cert-msc51-cpp
+==============
+
+This check flags all pseudo-random number engines, engine adaptor
+instantiations and ``srand()`` when initialized or seeded with default
argument,
+constant expression or any user-configurable type. Pseudo-random number
+engines seeded with a predictable value may cause vulnerabilities e.g. in
+security protocols.
+This is a CERT security rule, see
+`MSC51-CPP. Ensure your random number generator is properly seeded
+<https://wiki.sei.cmu.edu/confluence/display/cplusplus/MSC51-CPP.+Ensure+your+random+number+generator+is+properly+seeded>`_
and
+`MSC32-C. Properly seed pseudorandom number generators
+<https://wiki.sei.cmu.edu/confluence/display/c/MSC32-C.+Properly+seed+pseudorandom+number+generators>`_.
+
+Examples:
+
+.. code-block:: c++
+
+ void foo() {
+ std::mt19937 engine1; // Diagnose, always generate the same sequence
+ std::mt19937 engine2(1); // Diagnose
+ engine1.seed(); // Diagnose
+ engine2.seed(1); // Diagnose
+
+ std::time_t t;
+ engine1.seed(std::time(&t)); // Diagnose, system time might be controlled
by user
+
+ int x = atoi(argv[1]);
+ std::mt19937 engine3(x); // Will not warn
+ }
+
+Options
+-------
+
+.. option:: DisallowedSeedTypes
+
+ A comma-separated list of the type names which are disallowed.
+ Default values are ``time_t``, ``std::time_t``.
Modified: clang-tools-extra/trunk/docs/clang-tidy/checks/list.rst
URL:
http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/docs/clang-tidy/checks/list.rst?rev=336302&r1=336301&r2=336302&view=diff
==============================================================================
--- clang-tools-extra/trunk/docs/clang-tidy/checks/list.rst (original)
+++ clang-tools-extra/trunk/docs/clang-tidy/checks/list.rst Wed Jul 4 18:35:49
2018
@@ -73,7 +73,9 @@ Clang-Tidy Checks
cert-fio38-c (redirects to misc-non-copyable-objects) <cert-fio38-c>
cert-flp30-c
cert-msc30-c (redirects to cert-msc50-cpp) <cert-msc30-c>
+ cert-msc32-c (redirects to cert-msc51-cpp) <cert-msc32-c>
cert-msc50-cpp
+ cert-msc51-cpp
cert-oop11-cpp (redirects to performance-move-constructor-init)
<cert-oop11-cpp>
cppcoreguidelines-avoid-goto
cppcoreguidelines-c-copy-assignment-signature (redirects to
misc-unconventional-assign-operator)
<cppcoreguidelines-c-copy-assignment-signature>
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
