1 //===--- CommandInterpreterCheck.h - clang-tidy------------------*- C++ -*-===// 2 // 3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4 // See https://llvm.org/LICENSE.txt for license information. 5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6 // 7 //===----------------------------------------------------------------------===// 8 9 #ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_COMMAND_PROCESSOR_CHECK_H 10 #define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_COMMAND_PROCESSOR_CHECK_H 11 12 #include "../ClangTidyCheck.h" 13 14 namespace clang { 15 namespace tidy { 16 namespace cert { 17 18 /// Execution of a command processor can lead to security vulnerabilities, 19 /// and is generally not required. Instead, prefer to launch executables 20 /// directly via mechanisms that give you more control over what executable is 21 /// actually launched. 22 /// 23 /// For the user-facing documentation see: 24 /// http://clang.llvm.org/extra/clang-tidy/checks/cert-env33-c.html 25 class CommandProcessorCheck : public ClangTidyCheck { 26 public: CommandProcessorCheck(StringRef Name,ClangTidyContext * Context)27 CommandProcessorCheck(StringRef Name, ClangTidyContext *Context) 28 : ClangTidyCheck(Name, Context) {} 29 void registerMatchers(ast_matchers::MatchFinder *Finder) override; 30 void check(const ast_matchers::MatchFinder::MatchResult &Result) override; 31 }; 32 33 } // namespace cert 34 } // namespace tidy 35 } // namespace clang 36 37 #endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CERT_COMMAND_PROCESSOR_CHECK_H 38