diff --git a/assets/semgrep_rules/c/chromium-raw-ptr.yaml b/assets/semgrep_rules/c/chromium-raw-ptr.yaml new file mode 100644 index 00000000..69c9c440 --- /dev/null +++ b/assets/semgrep_rules/c/chromium-raw-ptr.yaml @@ -0,0 +1,27 @@ +rules: + - id: chromium-raw-ptr + metadata: + author: Andrea Brancaleoni + source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/c/chromium-raw-ptr.yaml + assignees: | + thypon + fmarier + patterns: + - pattern-either: + - pattern: $T * $V; + - pattern: $T * $V = ...; + - pattern-either: + - pattern-inside: class $CLASS { }; + - pattern-inside: struct $STRUCT { }; + fix-regex: + regex: ([a-zA-Z_][a-zA-Z0-9]+)\s*\*\s* + replacement: "raw_ptr<\\1> " + message: | + raw_ptr should be used instead of T* in classes and structs (but not in local variables and function parameters). + + References: + - https://groups.google.com/a/chromium.org/g/chromium-dev/c/vAEeVifyf78/m/SkBUc6PhBAAJ + - https://chromium.googlesource.com/chromium/src/+/refs/heads/main/base/memory/raw_ptr.md + languages: + - cpp + severity: WARNING \ No newline at end of file diff --git a/t3sts/semgrep_rules/chromium-raw-ptr.cpp b/t3sts/semgrep_rules/chromium-raw-ptr.cpp new file mode 100644 index 00000000..b251fad4 --- /dev/null +++ b/t3sts/semgrep_rules/chromium-raw-ptr.cpp @@ -0,0 +1,5 @@ +class Foo { + // ruleid: chromium-raw-ptr + Bar* bar_; // This should be rewritten to 'raw_ptr bar_'. + +}; \ No newline at end of file