Refine checking and diagnostics for use of floating point variable as a counter.
This implements <rdar://problem/6336718> and checks for CERT secure coding
advisory FLP30-C.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@76900 91177308-0d34-0410-b5e6-96231b3b80d8
diff --git a/test/Analysis/security-syntax-checks.m b/test/Analysis/security-syntax-checks.m
new file mode 100644
index 0000000..897c925
--- /dev/null
+++ b/test/Analysis/security-syntax-checks.m
@@ -0,0 +1,23 @@
+// RUN: clang-cc -analyze -warn-security-syntactic %s -verify
+
+// <rdar://problem/6336718> rule request: floating point used as loop
+// condition (FLP30-C, FLP-30-CPP)
+//
+// For reference: https://www.securecoding.cert.org/confluence/display/seccode/FLP30-C.+Do+not+use+floating+point+variables+as+loop+counters
+//
+void test_float_condition() {
+ for (float x = 0.1f; x <= 1.0f; x += 0.1f) {} // expected-warning{{Variable 'x' with floating point type 'float'}}
+ for (float x = 100000001.0f; x <= 100000010.0f; x += 1.0f) {} // expected-warning{{Variable 'x' with floating point type 'float'}}
+ for (float x = 100000001.0f; x <= 100000010.0f; x++ ) {} // expected-warning{{Variable 'x' with floating point type 'float'}}
+ for (double x = 100000001.0; x <= 100000010.0; x++ ) {} // expected-warning{{Variable 'x' with floating point type 'double'}}
+ for (double x = 100000001.0; ((x)) <= 100000010.0; ((x))++ ) {} // expected-warning{{Variable 'x' with floating point type 'double'}}
+
+ for (double x = 100000001.0; 100000010.0 >= x; x = x + 1.0 ) {} // expected-warning{{Variable 'x' with floating point type 'double'}}
+
+ int i = 0;
+ for (double x = 100000001.0; ((x)) <= 100000010.0; ((x))++, ++i ) {} // expected-warning{{Variable 'x' with floating point type 'double'}}
+
+ typedef float FooType;
+ for (FooType x = 100000001.0f; x <= 100000010.0f; x++ ) {} // expected-warning{{Variable 'x' with floating point type 'FooType'}}
+}
+