Skip to content

Cmake clang tidy #1492

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

Cmake clang tidy #1492

wants to merge 2 commits into from
+10,530 −5,311

Conversation

@val-ms
Copy link
Contributor

@val-ms val-ms commented May 2, 2025

I discovered that clang-tidy integration in cmake is pretty good. Linting in Rust with cargo-clippy is a positive experience. So out of curiosity, I added this integration and tested auto-applying changes to enforce branches around statements.

I set up this integration so you have to very intentionally enable it by adding a cmake option like this: -D CLANG_TIDY=clang-tidy-16. This is because:

  • clang-tidy is slow af.
  • the output is verbose. It identified a LOT more issues beyond the braces stuff. And with the size of the clamav codebase, it is quite overwhelming.

github-advanced-security[bot]
github-advanced-security bot found potential problems May 2, 2025
View reviewed changes
libclamav/others.c Outdated

Check failure

Code scanning / CodeQL

Time-of-check time-of-use filesystem race condition High

The
filename
Loading
being operated upon was previously
checked
Loading
, but the underlying file may have been changed since then.
libclamav/pe_icons.c Outdated
if (x + ksize > res->bright_x[j] && x < res->bright_x[j] + ksize &&
y + ksize > res->bright_y[j] && y < res->bright_y[j] + ksize)
if (x + ksize > res->bright_x[j] &&
x < res->bright_x[j] + ksize &&

Check failure

Code scanning / CodeQL

Multiplication result converted to larger type High

Multiplication result may overflow 'unsigned int' before it is converted to 'unsigned long'.
libclamav/phishcheck.c
@@ -523,22 +544,25 @@
const char* str_end_what;
size_t cmp_len = what_len;

if (begin == NULL || str_end <= sbegin)
if (begin == NULL || str_end <= sbegin) {

Check failure

Code scanning / CodeQL

Redundant null check due to previous dereference High

This null check is redundant because
the value is dereferenced
Loading
in any case.
@val-ms val-ms force-pushed the cmake-clang-tidy branch from 2a44ce0 to ae395a2 Compare May 2, 2025 15:59
github-advanced-security[bot]
github-advanced-security bot found potential problems May 2, 2025
View reviewed changes
libclamav/mew.c
}
}
ret = loc_eax;
if (lzma_upack_esi_50(p, 1, *old_ecx, old_edx, *old_edx + (loc_eax << 2), &loc_eax, bs, bl) == 0xffffffff)
if (lzma_upack_esi_50(p, 1, *old_ecx, old_edx, *old_edx + (loc_eax << 2), &loc_eax, bs, bl) == 0xffffffff) {

Check notice

Code scanning / CodeQL

Pointer overflow check Low

Range check relying on pointer overflow.
val-ms added 2 commits May 2, 2025 16:10
@val-ms
CMake: add support for clang-tidy
79a1bf2 
Also add a couple of git checkouts to undue undesired changes to:
- libclamav/nsis/bzlib.c
- libclamav/nsis/infblock.c
- libclamav/strlcat.c
@val-ms
Clang-tidy: auto-apply changes using readability-braces-around-statem…
c7cdf24 
…ents

I applied the changes like this:
```bash
clang-apply-replacements ./build/
```
@val-ms val-ms force-pushed the cmake-clang-tidy branch from ae395a2 to c7cdf24 Compare May 2, 2025 20:12
@val-ms val-ms marked this pull request as draft August 19, 2025 18:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@val-ms