Add refcounted-usage rule #714
Conversation
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
| }; | ||
|
|
||
| // ruleid: refcounted-usage | ||
| base::RefCountedData<int> shared_integer(42); |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Reference counting is occasionally useful but is more often a sign that someone isn't thinking carefully about ownership. Use it when ownership is truly shared (for example, multiple tabs sharing the same renderer process), not for when lifetime management is difficult to reason about.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/client/refcounted-usage.yaml
Cc @stoletheminerals @thypon @cdesouza-chromium @bridiver
| }; | ||
|
|
||
| // ruleid: refcounted-usage | ||
| using MyRefCountedType = base::RefCounted<SomeType>; |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Reference counting is occasionally useful but is more often a sign that someone isn't thinking carefully about ownership. Use it when ownership is truly shared (for example, multiple tabs sharing the same renderer process), not for when lifetime management is difficult to reason about.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/client/refcounted-usage.yaml
Cc @stoletheminerals @thypon @cdesouza-chromium @bridiver
| @@ -0,0 +1,26 @@ | |||
| // ruleid: refcounted-usage | |||
| class MyClass : public base::RefCounted<MyClass> { | |||
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Reference counting is occasionally useful but is more often a sign that someone isn't thinking carefully about ownership. Use it when ownership is truly shared (for example, multiple tabs sharing the same renderer process), not for when lifetime management is difficult to reason about.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/client/refcounted-usage.yaml
Cc @stoletheminerals @thypon @cdesouza-chromium @bridiver
| std::shared_ptr<MyClass> better_alternative; | ||
|
|
||
| // ruleid: refcounted-usage | ||
| class NestedRefCounted : public base::RefCountedThreadSafe<NestedRefCounted> { |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Reference counting is occasionally useful but is more often a sign that someone isn't thinking carefully about ownership. Use it when ownership is truly shared (for example, multiple tabs sharing the same renderer process), not for when lifetime management is difficult to reason about.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/client/refcounted-usage.yaml
Cc @stoletheminerals @thypon @cdesouza-chromium @bridiver
| // ruleid: refcounted-usage | ||
| class NestedRefCounted : public base::RefCountedThreadSafe<NestedRefCounted> { | ||
| // ruleid: refcounted-usage | ||
| base::RefCountedData<std::string> nested_data_; |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Reference counting is occasionally useful but is more often a sign that someone isn't thinking carefully about ownership. Use it when ownership is truly shared (for example, multiple tabs sharing the same renderer process), not for when lifetime management is difficult to reason about.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/client/refcounted-usage.yaml
Cc @stoletheminerals @thypon @cdesouza-chromium @bridiver
| }; | ||
|
|
||
| // ruleid: refcounted-usage | ||
| class ThreadSafeClass : public base::RefCountedThreadSafe<ThreadSafeClass> { |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Reference counting is occasionally useful but is more often a sign that someone isn't thinking carefully about ownership. Use it when ownership is truly shared (for example, multiple tabs sharing the same renderer process), not for when lifetime management is difficult to reason about.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/client/refcounted-usage.yaml
Cc @stoletheminerals @thypon @cdesouza-chromium @bridiver
| using MyRefCountedType = base::RefCounted<SomeType>; | ||
|
|
||
| // ruleid: refcounted-usage | ||
| class NestedRefCounted : public base::RefCountedThreadSafe<NestedRefCounted> { |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Reference counting is occasionally useful but is more often a sign that someone isn't thinking carefully about ownership. Use it when ownership is truly shared (for example, multiple tabs sharing the same renderer process), not for when lifetime management is difficult to reason about.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/client/refcounted-usage.yaml
Cc @stoletheminerals @thypon @cdesouza-chromium @bridiver
| // ruleid: refcounted-usage | ||
| class NestedRefCounted : public base::RefCountedThreadSafe<NestedRefCounted> { | ||
| // ruleid: refcounted-usage | ||
| base::RefCountedData<std::string> nested_data_; |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Reference counting is occasionally useful but is more often a sign that someone isn't thinking carefully about ownership. Use it when ownership is truly shared (for example, multiple tabs sharing the same renderer process), not for when lifetime management is difficult to reason about.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/client/refcounted-usage.yaml
Cc @stoletheminerals @thypon @cdesouza-chromium @bridiver
Adds a rule that catches base::RefCounted* usage. Also this PR modifies other C++ rules to include .mm files