1 use rustc::hir::intravisit;
5 use std::collections::HashSet;
8 use syntax::codemap::Span;
9 use utils::{span_lint, type_is_unsafe_function, iter_input_pats};
11 /// **What it does:** Checks for functions with too many parameters.
13 /// **Why is this bad?** Functions with lots of parameters are considered bad
14 /// style and reduce readability (“what does the 5th parameter mean?”). Consider
15 /// grouping some parameters into a new type.
17 /// **Known problems:** None.
21 /// fn foo(x: u32, y: u32, name: &str, c: Color, w: f32, h: f32, a: f32, b: f32) { .. }
24 pub TOO_MANY_ARGUMENTS,
26 "functions with too many arguments"
29 /// **What it does:** Checks for public functions that dereferences raw pointer
30 /// arguments but are not marked unsafe.
32 /// **Why is this bad?** The function should probably be marked `unsafe`, since
33 /// for an arbitrary raw pointer, there is no way of telling for sure if it is
36 /// **Known problems:**
38 /// * It does not check functions recursively so if the pointer is passed to a
39 /// private non-`unsafe` function which does the dereferencing, the lint won't trigger.
40 /// * It only checks for arguments whose type are raw pointers, not raw pointers
41 /// got from an argument in some other way (`fn foo(bar: &[*const u8])` or
42 /// `some_argument.get_raw_ptr()`).
46 /// pub fn foo(x: *const u8) { println!("{}", unsafe { *x }); }
49 pub NOT_UNSAFE_PTR_ARG_DEREF,
51 "public functions dereferencing raw pointer arguments but not marked `unsafe`"
55 pub struct Functions {
60 pub fn new(threshold: u64) -> Functions {
61 Functions { threshold: threshold }
65 impl LintPass for Functions {
66 fn get_lints(&self) -> LintArray {
67 lint_array!(TOO_MANY_ARGUMENTS, NOT_UNSAFE_PTR_ARG_DEREF)
71 impl<'a, 'tcx> LateLintPass<'a, 'tcx> for Functions {
74 cx: &LateContext<'a, 'tcx>,
75 kind: intravisit::FnKind<'tcx>,
76 decl: &'tcx hir::FnDecl,
77 body: &'tcx hir::Body,
81 use rustc::hir::map::Node::*;
83 let is_impl = if let Some(NodeItem(item)) = cx.tcx.hir.find(cx.tcx.hir.get_parent_node(nodeid)) {
84 matches!(item.node, hir::ItemImpl(_, _, _, _, Some(_), _, _) | hir::ItemDefaultImpl(..))
89 let unsafety = match kind {
90 hir::intravisit::FnKind::ItemFn(_, _, unsafety, _, _, _, _) => unsafety,
91 hir::intravisit::FnKind::Method(_, sig, _, _) => sig.unsafety,
92 hir::intravisit::FnKind::Closure(_) => return,
95 // don't warn for implementations, it's not their fault
97 // don't lint extern functions decls, it's not their fault either
99 hir::intravisit::FnKind::Method(_, &hir::MethodSig { abi: Abi::Rust, .. }, _, _) |
100 hir::intravisit::FnKind::ItemFn(_, _, _, _, Abi::Rust, _, _) => self.check_arg_number(cx, decl, span),
105 self.check_raw_ptr(cx, unsafety, decl, body, nodeid);
108 fn check_trait_item(&mut self, cx: &LateContext<'a, 'tcx>, item: &'tcx hir::TraitItem) {
109 if let hir::TraitItemKind::Method(ref sig, ref eid) = item.node {
110 // don't lint extern functions decls, it's not their fault
111 if sig.abi == Abi::Rust {
112 self.check_arg_number(cx, &sig.decl, item.span);
115 if let hir::TraitMethod::Provided(eid) = *eid {
116 let body = cx.tcx.hir.body(eid);
117 self.check_raw_ptr(cx, sig.unsafety, &sig.decl, body, item.id);
123 impl<'a, 'tcx> Functions {
124 fn check_arg_number(&self, cx: &LateContext, decl: &hir::FnDecl, span: Span) {
125 let args = decl.inputs.len() as u64;
126 if args > self.threshold {
130 &format!("this function has too many arguments ({}/{})", args, self.threshold));
136 cx: &LateContext<'a, 'tcx>,
137 unsafety: hir::Unsafety,
138 decl: &'tcx hir::FnDecl,
139 body: &'tcx hir::Body,
142 let expr = &body.value;
143 if unsafety == hir::Unsafety::Normal && cx.access_levels.is_exported(nodeid) {
144 let raw_ptrs = iter_input_pats(decl, body)
145 .zip(decl.inputs.iter())
146 .filter_map(|(arg, ty)| raw_ptr_arg(arg, ty))
147 .collect::<HashSet<_>>();
149 if !raw_ptrs.is_empty() {
150 let mut v = DerefVisitor {
155 hir::intravisit::walk_expr(&mut v, expr);
161 fn raw_ptr_arg(arg: &hir::Arg, ty: &hir::Ty) -> Option<hir::def_id::DefId> {
162 if let (&hir::PatKind::Binding(_, def_id, _, _), &hir::TyPtr(_)) = (&arg.pat.node, &ty.node) {
169 struct DerefVisitor<'a, 'tcx: 'a> {
170 cx: &'a LateContext<'a, 'tcx>,
171 ptrs: HashSet<hir::def_id::DefId>,
174 impl<'a, 'tcx> hir::intravisit::Visitor<'tcx> for DerefVisitor<'a, 'tcx> {
175 fn visit_expr(&mut self, expr: &'tcx hir::Expr) {
177 hir::ExprCall(ref f, ref args) => {
178 let ty = self.cx.tables.expr_ty(f);
180 if type_is_unsafe_function(ty) {
186 hir::ExprMethodCall(_, _, ref args) => {
187 let method_call = ty::MethodCall::expr(expr.id);
188 let base_type = self.cx.tables.method_map[&method_call].ty;
190 if type_is_unsafe_function(base_type) {
196 hir::ExprUnary(hir::UnDeref, ref ptr) => self.check_arg(ptr),
200 hir::intravisit::walk_expr(self, expr);
202 fn nested_visit_map<'this>(&'this mut self) -> intravisit::NestedVisitorMap<'this, 'tcx> {
203 intravisit::NestedVisitorMap::None
207 impl<'a, 'tcx: 'a> DerefVisitor<'a, 'tcx> {
208 fn check_arg(&self, ptr: &hir::Expr) {
209 if let hir::ExprPath(ref qpath) = ptr.node {
210 let def = self.cx.tables.qpath_def(qpath, ptr.id);
211 if self.ptrs.contains(&def.def_id()) {
213 NOT_UNSAFE_PTR_ARG_DEREF,
215 "this public function dereferences a raw pointer but is not marked `unsafe`");