.config/coc/extensions/coc-go-data/tools/pkg/mod/golang.org/x/tools@v0.0.0-20201028153306-37f0764111ff/go/analysis/passes/unsafeptr/unsafeptr.go

   1 // Copyright 2014 The Go Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style
   3 // license that can be found in the LICENSE file.
   4
   5 // Package unsafeptr defines an Analyzer that checks for invalid
   6 // conversions of uintptr to unsafe.Pointer.
   7 package unsafeptr
   8
   9 import (
  10         "go/ast"
  11         "go/token"
  12         "go/types"
  13
  14         "golang.org/x/tools/go/analysis"
  15         "golang.org/x/tools/go/analysis/passes/inspect"
  16         "golang.org/x/tools/go/analysis/passes/internal/analysisutil"
  17         "golang.org/x/tools/go/ast/inspector"
  18 )
  19
  20 const Doc = `check for invalid conversions of uintptr to unsafe.Pointer
  21
  22 The unsafeptr analyzer reports likely incorrect uses of unsafe.Pointer
  23 to convert integers to pointers. A conversion from uintptr to
  24 unsafe.Pointer is invalid if it implies that there is a uintptr-typed
  25 word in memory that holds a pointer value, because that word will be
  26 invisible to stack copying and to the garbage collector.`
  27
  28 var Analyzer = &analysis.Analyzer{
  29         Name:     "unsafeptr",
  30         Doc:      Doc,
  31         Requires: []*analysis.Analyzer{inspect.Analyzer},
  32         Run:      run,
  33 }
  34
  35 func run(pass *analysis.Pass) (interface{}, error) {
  36         inspect := pass.ResultOf[inspect.Analyzer].(*inspector.Inspector)
  37
  38         nodeFilter := []ast.Node{
  39                 (*ast.CallExpr)(nil),
  40                 (*ast.StarExpr)(nil),
  41                 (*ast.UnaryExpr)(nil),
  42         }
  43         inspect.Preorder(nodeFilter, func(n ast.Node) {
  44                 switch x := n.(type) {
  45                 case *ast.CallExpr:
  46                         if len(x.Args) == 1 &&
  47                                 hasBasicType(pass.TypesInfo, x.Fun, types.UnsafePointer) &&
  48                                 hasBasicType(pass.TypesInfo, x.Args[0], types.Uintptr) &&
  49                                 !isSafeUintptr(pass.TypesInfo, x.Args[0]) {
  50                                 pass.ReportRangef(x, "possible misuse of unsafe.Pointer")
  51                         }
  52                 case *ast.StarExpr:
  53                         if t := pass.TypesInfo.Types[x].Type; isReflectHeader(t) {
  54                                 pass.ReportRangef(x, "possible misuse of %s", t)
  55                         }
  56                 case *ast.UnaryExpr:
  57                         if x.Op != token.AND {
  58                                 return
  59                         }
  60                         if t := pass.TypesInfo.Types[x.X].Type; isReflectHeader(t) {
  61                                 pass.ReportRangef(x, "possible misuse of %s", t)
  62                         }
  63                 }
  64         })
  65         return nil, nil
  66 }
  67
  68 // isSafeUintptr reports whether x - already known to be a uintptr -
  69 // is safe to convert to unsafe.Pointer.
  70 func isSafeUintptr(info *types.Info, x ast.Expr) bool {
  71         // Check unsafe.Pointer safety rules according to
  72         // https://golang.org/pkg/unsafe/#Pointer.
  73
  74         switch x := analysisutil.Unparen(x).(type) {
  75         case *ast.SelectorExpr:
  76                 // "(6) Conversion of a reflect.SliceHeader or
  77                 // reflect.StringHeader Data field to or from Pointer."
  78                 if x.Sel.Name != "Data" {
  79                         break
  80                 }
  81                 // reflect.SliceHeader and reflect.StringHeader are okay,
  82                 // but only if they are pointing at a real slice or string.
  83                 // It's not okay to do:
  84                 //      var x SliceHeader
  85                 //      x.Data = uintptr(unsafe.Pointer(...))
  86                 //      ... use x ...
  87                 //      p := unsafe.Pointer(x.Data)
  88                 // because in the middle the garbage collector doesn't
  89                 // see x.Data as a pointer and so x.Data may be dangling
  90                 // by the time we get to the conversion at the end.
  91                 // For now approximate by saying that *Header is okay
  92                 // but Header is not.
  93                 pt, ok := info.Types[x.X].Type.(*types.Pointer)
  94                 if ok && isReflectHeader(pt.Elem()) {
  95                         return true
  96                 }
  97
  98         case *ast.CallExpr:
  99                 // "(5) Conversion of the result of reflect.Value.Pointer or
 100                 // reflect.Value.UnsafeAddr from uintptr to Pointer."
 101                 if len(x.Args) != 0 {
 102                         break
 103                 }
 104                 sel, ok := x.Fun.(*ast.SelectorExpr)
 105                 if !ok {
 106                         break
 107                 }
 108                 switch sel.Sel.Name {
 109                 case "Pointer", "UnsafeAddr":
 110                         t, ok := info.Types[sel.X].Type.(*types.Named)
 111                         if ok && t.Obj().Pkg().Path() == "reflect" && t.Obj().Name() == "Value" {
 112                                 return true
 113                         }
 114                 }
 115         }
 116
 117         // "(3) Conversion of a Pointer to a uintptr and back, with arithmetic."
 118         return isSafeArith(info, x)
 119 }
 120
 121 // isSafeArith reports whether x is a pointer arithmetic expression that is safe
 122 // to convert to unsafe.Pointer.
 123 func isSafeArith(info *types.Info, x ast.Expr) bool {
 124         switch x := analysisutil.Unparen(x).(type) {
 125         case *ast.CallExpr:
 126                 // Base case: initial conversion from unsafe.Pointer to uintptr.
 127                 return len(x.Args) == 1 &&
 128                         hasBasicType(info, x.Fun, types.Uintptr) &&
 129                         hasBasicType(info, x.Args[0], types.UnsafePointer)
 130
 131         case *ast.BinaryExpr:
 132                 // "It is valid both to add and to subtract offsets from a
 133                 // pointer in this way. It is also valid to use &^ to round
 134                 // pointers, usually for alignment."
 135                 switch x.Op {
 136                 case token.ADD, token.SUB, token.AND_NOT:
 137                         // TODO(mdempsky): Match compiler
 138                         // semantics. ADD allows a pointer on either
 139                         // side; SUB and AND_NOT don't care about RHS.
 140                         return isSafeArith(info, x.X) && !isSafeArith(info, x.Y)
 141                 }
 142         }
 143
 144         return false
 145 }
 146
 147 // hasBasicType reports whether x's type is a types.Basic with the given kind.
 148 func hasBasicType(info *types.Info, x ast.Expr, kind types.BasicKind) bool {
 149         t := info.Types[x].Type
 150         if t != nil {
 151                 t = t.Underlying()
 152         }
 153         b, ok := t.(*types.Basic)
 154         return ok && b.Kind() == kind
 155 }
 156
 157 // isReflectHeader reports whether t is reflect.SliceHeader or reflect.StringHeader.
 158 func isReflectHeader(t types.Type) bool {
 159         if named, ok := t.(*types.Named); ok {
 160                 if obj := named.Obj(); obj.Pkg() != nil && obj.Pkg().Path() == "reflect" {
 161                         switch obj.Name() {
 162                         case "SliceHeader", "StringHeader":
 163                                 return true
 164                         }
 165                 }
 166         }
 167         return false
 168 }