[infer] Use allow/block list terminology

Reviewed By: ngorogiannis

Differential Revision: D29559956

fbshipit-source-id: cbe008e8b
master
Sungkeun Cho 3 years ago committed by Facebook GitHub Bot
parent 622d981bda
commit eb41f6d8e4

@ -1,7 +1,7 @@
{ {
"force-delete-results-dir": true, "force-delete-results-dir": true,
"siof-safe-methods": ["getGlobalNonPODWhitelisted", "whitelisted::getGlobalNonPOD", "siof-safe-methods": ["getGlobalNonPODAllowListed", "allow_listed::getGlobalNonPOD",
"whitelisted::TemplatedObject::getGlobalNonPOD"], "allow_listed::TemplatedObject::getGlobalNonPOD"],
"skip-translation": [ "skip-translation": [
{ {
"language": "Java", "language": "Java",

@ -25,7 +25,7 @@ BUILD_SYSTEMS_TESTS += \
clang_multiple_files \ clang_multiple_files \
clang_translation \ clang_translation \
clang_unknown_ext \ clang_unknown_ext \
clang_with_blacklisted_flags \ clang_with_block_listed_flags \
clang_with_E_flag \ clang_with_E_flag \
clang_with_M_flag \ clang_with_M_flag \
clang_with_MD_flag \ clang_with_MD_flag \
@ -77,7 +77,7 @@ DIRECT_TESTS += \
ifneq ($(BUCK),no) ifneq ($(BUCK),no)
BUILD_SYSTEMS_TESTS += \ BUILD_SYSTEMS_TESTS += \
buck_blacklist \ buck_block_list \
buck-clang-db \ buck-clang-db \
buck_clang_test_determinator \ buck_clang_test_determinator \
buck_flavors \ buck_flavors \

@ -140,8 +140,8 @@ DEFINE-CHECKER id_of_the_checker = {
SET doc_url = <optional URL to documentation of the issue>; SET doc_url = <optional URL to documentation of the issue>;
SET severity = INFO | LIKE | ADVICE | WARNING | ERROR; SET severity = INFO | LIKE | ADVICE | WARNING | ERROR;
SET mode = ON | OFF SET mode = ON | OFF
SET whitelist_path = {path1, path2, ..., pathn }; SET allow_list_path = {path1, path2, ..., pathn };
SET blacklist_path = {path1, path2, ..., pathn }; SET block_list_path = {path1, path2, ..., pathn };
}; };
``` ```
@ -153,7 +153,7 @@ for CI comments at the moment (in Phabricator).
## Defining Paths ## Defining Paths
`whitelist_path` and `blacklist_path` are optional, by default the rule is `allow_list_path` and `block_list_path` are optional, by default the rule is
enabled everywhere. For specifying paths, one can use either string constants enabled everywhere. For specifying paths, one can use either string constants
(`"File.m"`) or regexes (`REGEXP("path/to/.*")`) or variables. The variables (`"File.m"`) or regexes (`REGEXP("path/to/.*")`) or variables. The variables
stand for a list of paths, and are defined in a separate block: stand for a list of paths, and are defined in a separate block:

@ -125,7 +125,7 @@ BUCK OPTIONS
Additional Buck flavors to append to targets discovered by the Additional Buck flavors to append to targets discovered by the
--buck-compilation-database option. --buck-compilation-database option.
--buck-blacklist +regex --buck-block-list +regex
Skip capture of files matched by the specified regular expression. Skip capture of files matched by the specified regular expression.
Only the clang, non-compilation-database Buck integration is supported, not Java. Only the clang, non-compilation-database Buck integration is supported, not Java.
@ -168,7 +168,7 @@ BUCK OPTIONS
successful capture. Only valid for --buck-clang. (Conversely: successful capture. Only valid for --buck-clang. (Conversely:
--no-buck-merge-all-deps) --no-buck-merge-all-deps)
--buck-targets-blacklist +regex --buck-targets-block-list +regex
Skip capture of buck targets matched by the specified regular Skip capture of buck targets matched by the specified regular
expression. Only valid for --buck-compilation-database. expression. Only valid for --buck-compilation-database.
@ -229,10 +229,10 @@ CLANG OPTIONS
format. Please note you still need to provide a compilation format. Please note you still need to provide a compilation
command. command.
--clang-blacklisted-flags +string --clang-block-listed-flags +string
Clang flags to filter out Clang flags to filter out
--clang-blacklisted-flags-with-arg +string --clang-block-listed-flags-with-arg +string
Clang flags (taking args) to filter out Clang flags (taking args) to filter out
--clang-compound-literal-init-limit int --clang-compound-literal-init-limit int
@ -297,7 +297,7 @@ JAVA OPTIONS
--bootclasspath string --bootclasspath string
Specify the Java bootclasspath Specify the Java bootclasspath
--capture-blacklist regex --capture-block-list regex
Skip capture of files matched by the specified OCaml regular Skip capture of files matched by the specified OCaml regular
expression (only supported by the javac integration for now). expression (only supported by the javac integration for now).

@ -139,7 +139,7 @@ OPTIONS
--bootclasspath string --bootclasspath string
Specify the Java bootclasspath See also infer-capture(1). Specify the Java bootclasspath See also infer-capture(1).
--buck-blacklist +regex --buck-block-list +regex
Skip capture of files matched by the specified regular expression. Skip capture of files matched by the specified regular expression.
Only the clang, non-compilation-database Buck integration is supported, not Java. Only the clang, non-compilation-database Buck integration is supported, not Java.
See also infer-capture(1) and infer-run(1). See also infer-capture(1) and infer-run(1).
@ -186,7 +186,7 @@ OPTIONS
successful capture. Only valid for --buck-clang. (Conversely: successful capture. Only valid for --buck-clang. (Conversely:
--no-buck-merge-all-deps) See also infer-capture(1). --no-buck-merge-all-deps) See also infer-capture(1).
--buck-targets-blacklist +regex --buck-targets-block-list +regex
Skip capture of buck targets matched by the specified regular Skip capture of buck targets matched by the specified regular
expression. Only valid for --buck-compilation-database. expression. Only valid for --buck-compilation-database.
See also infer-capture(1) and infer-run(1). See also infer-capture(1) and infer-run(1).
@ -200,7 +200,7 @@ OPTIONS
Activates: Enable bufferoverrun and disable all other checkers Activates: Enable bufferoverrun and disable all other checkers
(Conversely: --no-bufferoverrun-only) See also infer-analyze(1). (Conversely: --no-bufferoverrun-only) See also infer-analyze(1).
--capture-blacklist regex --capture-block-list regex
Skip capture of files matched by the specified OCaml regular Skip capture of files matched by the specified OCaml regular
expression (only supported by the javac integration for now). expression (only supported by the javac integration for now).
See also infer-capture(1) and infer-run(1). See also infer-capture(1) and infer-run(1).
@ -217,8 +217,8 @@ OPTIONS
`<issue_type_regex>:<filename_regex>:<reason_string>`. The first `<issue_type_regex>:<filename_regex>:<reason_string>`. The first
two components are OCaml Str regular expressions, with an optional two components are OCaml Str regular expressions, with an optional
`!` character prefix. If a regex has a `!` prefix, the polarity is `!` character prefix. If a regex has a `!` prefix, the polarity is
inverted, and the filter becomes a "blacklist" instead of a inverted, and the filter becomes a "block list" instead of a
"whitelist". Each filter is interpreted as an implication: an "allow list". Each filter is interpreted as an implication: an
issue matches if it does not match the `issue_type_regex` or if it issue matches if it does not match the `issue_type_regex` or if it
does match the `filename_regex`. The filenames that are tested by does match the `filename_regex`. The filenames that are tested by
the regex are relative to the `--project-root` directory. The the regex are relative to the `--project-root` directory. The
@ -238,10 +238,10 @@ OPTIONS
format. Please note you still need to provide a compilation format. Please note you still need to provide a compilation
command. See also infer-capture(1). command. See also infer-capture(1).
--clang-blacklisted-flags +string --clang-block-listed-flags +string
Clang flags to filter out See also infer-capture(1). Clang flags to filter out See also infer-capture(1).
--clang-blacklisted-flags-with-arg +string --clang-block-listed-flags-with-arg +string
Clang flags (taking args) to filter out See also infer-capture(1). Clang flags (taking args) to filter out See also infer-capture(1).
--clang-compound-literal-init-limit int --clang-compound-literal-init-limit int
@ -645,7 +645,7 @@ OPTIONS
differential reports See also infer-reportdiff(1). differential reports See also infer-reportdiff(1).
--no-filtering,-F --no-filtering,-F
Deactivates: Do not show the experimental and blacklisted issue Deactivates: Do not show the experimental and block listed issue
types (Conversely: --filtering | -f) See also infer-report(1). types (Conversely: --filtering | -f) See also infer-report(1).
--force-delete-results-dir --force-delete-results-dir
@ -1146,14 +1146,19 @@ OPTIONS
Deactivates: Run the reporting phase once the analysis has Deactivates: Run the reporting phase once the analysis has
completed (Conversely: --report) See also infer-analyze(1) and infer-run(1). completed (Conversely: --report) See also infer-analyze(1) and infer-run(1).
--report-blacklist-files-containing +string --report-allow-list-path-regex +path_regex
Report issues only on files whose relative path matches the
specified OCaml regex (and which do not match
--report-block-list-path-regex) See also infer-report(1) and infer-run(1).
--report-block-list-files-containing +string
Do not report any issues on files containing the specified string Do not report any issues on files containing the specified string
See also infer-report(1) and infer-run(1). See also infer-report(1) and infer-run(1).
--report-blacklist-path-regex +path_regex --report-block-list-path-regex +path_regex
Do not report any issues on files whose relative path matches the Do not report any issues on files whose relative path matches the
specified OCaml regex, even if they match the whitelist specified specified OCaml regex, even if they match the allow list specified
by --report-whitelist-path-regex See also infer-report(1) and infer-run(1). by --report-allow-list-path-regex See also infer-report(1) and infer-run(1).
--report-console-limit int --report-console-limit int
Maximum number of issues to display on standard output. Unset with Maximum number of issues to display on standard output. Unset with
@ -1176,11 +1181,6 @@ OPTIONS
--report-suppress-errors +error_name --report-suppress-errors +error_name
do not report a type of errors See also infer-report(1) and infer-run(1). do not report a type of errors See also infer-report(1) and infer-run(1).
--report-whitelist-path-regex +path_regex
Report issues only on files whose relative path matches the
specified OCaml regex (and which do not match
--report-blacklist-path-regex) See also infer-report(1) and infer-run(1).
--results-dir,-o dir --results-dir,-o dir
Write results and internal files in the specified directory Write results and internal files in the specified directory
See also infer-analyze(1), infer-capture(1), infer-explore(1), See also infer-analyze(1), infer-capture(1), infer-explore(1),
@ -1503,8 +1503,8 @@ INTERNAL OPTIONS
--bootclasspath-reset --bootclasspath-reset
Cancel the effect of --bootclasspath. Cancel the effect of --bootclasspath.
--buck-blacklist-reset --buck-block-list-reset
Set --buck-blacklist to the empty list. Set --buck-block-list to the empty list.
--buck-compilation-database-depth-reset --buck-compilation-database-depth-reset
Cancel the effect of --buck-compilation-database-depth. Cancel the effect of --buck-compilation-database-depth.
@ -1515,15 +1515,15 @@ INTERNAL OPTIONS
--buck-java-heap-size-gb-reset --buck-java-heap-size-gb-reset
Cancel the effect of --buck-java-heap-size-gb. Cancel the effect of --buck-java-heap-size-gb.
--buck-targets-blacklist-reset --buck-targets-block-list-reset
Set --buck-targets-blacklist to the empty list. Set --buck-targets-block-list to the empty list.
--no-capture --no-capture
Deactivates: capture and translate source files into infer's Deactivates: capture and translate source files into infer's
intermediate language for analysis (Conversely: --capture) intermediate language for analysis (Conversely: --capture)
--capture-blacklist-reset --capture-block-list-reset
Cancel the effect of --capture-blacklist. Cancel the effect of --capture-block-list.
--censor-report-reset --censor-report-reset
Set --censor-report to the empty list. Set --censor-report to the empty list.
@ -1543,11 +1543,11 @@ INTERNAL OPTIONS
--clang-biniou-file-reset --clang-biniou-file-reset
Cancel the effect of --clang-biniou-file. Cancel the effect of --clang-biniou-file.
--clang-blacklisted-flags-reset --clang-block-listed-flags-reset
Set --clang-blacklisted-flags to the empty list. Set --clang-block-listed-flags to the empty list.
--clang-blacklisted-flags-with-arg-reset --clang-block-listed-flags-with-arg-reset
Set --clang-blacklisted-flags-with-arg to the empty list. Set --clang-block-listed-flags-with-arg to the empty list.
--clang-idirafter-to-override-regex dir_OCaml_regex --clang-idirafter-to-override-regex dir_OCaml_regex
Use this option in the uncommon case where the normal compilation Use this option in the uncommon case where the normal compilation
@ -2053,11 +2053,14 @@ INTERNAL OPTIONS
--remodel-class-reset --remodel-class-reset
Cancel the effect of --remodel-class. Cancel the effect of --remodel-class.
--report-blacklist-files-containing-reset --report-allow-list-path-regex-reset
Set --report-blacklist-files-containing to the empty list. Set --report-allow-list-path-regex to the empty list.
--report-blacklist-path-regex-reset --report-block-list-files-containing-reset
Set --report-blacklist-path-regex to the empty list. Set --report-block-list-files-containing to the empty list.
--report-block-list-path-regex-reset
Set --report-block-list-path-regex to the empty list.
--report-console-limit-reset --report-console-limit-reset
Cancel the effect of --report-console-limit. Cancel the effect of --report-console-limit.
@ -2071,9 +2074,6 @@ INTERNAL OPTIONS
--report-suppress-errors-reset --report-suppress-errors-reset
Set --report-suppress-errors to the empty list. Set --report-suppress-errors to the empty list.
--report-whitelist-path-regex-reset
Set --report-whitelist-path-regex to the empty list.
--reports-include-ml-loc --reports-include-ml-loc
Activates: Include the location in the Infer source code from Activates: Include the location in the Infer source code from
where reports are generated (Conversely: where reports are generated (Conversely:
@ -2227,12 +2227,12 @@ INTERNAL OPTIONS
--workspace-reset --workspace-reset
Cancel the effect of --workspace. Cancel the effect of --workspace.
--write-html-whitelist-regex +string --write-html-allow-list-regex +string
Whitelist files that will have their html debug output printed Allow list files that will have their html debug output printed
when --html is true. when --html is true.
--write-html-whitelist-regex-reset --write-html-allow-list-regex-reset
Set --write-html-whitelist-regex to the empty list. Set --write-html-allow-list-regex to the empty list.
--write-website-reset --write-website-reset
Cancel the effect of --write-website. Cancel the effect of --write-website.
@ -2290,7 +2290,7 @@ FILES
{ {
"cxx": false, "cxx": false,
"infer-blacklist-files-containing": ["@gen","/* no infer */"] "infer-block-list-files-containing": ["@gen","/* no infer */"]
} }

@ -27,8 +27,8 @@ OPTIONS
`<issue_type_regex>:<filename_regex>:<reason_string>`. The first `<issue_type_regex>:<filename_regex>:<reason_string>`. The first
two components are OCaml Str regular expressions, with an optional two components are OCaml Str regular expressions, with an optional
`!` character prefix. If a regex has a `!` prefix, the polarity is `!` character prefix. If a regex has a `!` prefix, the polarity is
inverted, and the filter becomes a "blacklist" instead of a inverted, and the filter becomes a "block list" instead of a
"whitelist". Each filter is interpreted as an implication: an "allow list". Each filter is interpreted as an implication: an
issue matches if it does not match the `issue_type_regex` or if it issue matches if it does not match the `issue_type_regex` or if it
does match the `filename_regex`. The filenames that are tested by does match the `filename_regex`. The filenames that are tested by
the regex are relative to the `--project-root` directory. The the regex are relative to the `--project-root` directory. The
@ -279,7 +279,7 @@ OPTIONS
off. off.
--no-filtering,-F --no-filtering,-F
Deactivates: Do not show the experimental and blacklisted issue Deactivates: Do not show the experimental and block listed issue
types (Conversely: --filtering | -f) types (Conversely: --filtering | -f)
--from-json-config-impact-report config-impact-report.json --from-json-config-impact-report config-impact-report.json
@ -324,13 +324,18 @@ OPTIONS
Activates: Do not print anything on standard output. (Conversely: Activates: Do not print anything on standard output. (Conversely:
--no-quiet | -Q) --no-quiet | -Q)
--report-blacklist-files-containing +string --report-allow-list-path-regex +path_regex
Report issues only on files whose relative path matches the
specified OCaml regex (and which do not match
--report-block-list-path-regex)
--report-block-list-files-containing +string
Do not report any issues on files containing the specified string Do not report any issues on files containing the specified string
--report-blacklist-path-regex +path_regex --report-block-list-path-regex +path_regex
Do not report any issues on files whose relative path matches the Do not report any issues on files whose relative path matches the
specified OCaml regex, even if they match the whitelist specified specified OCaml regex, even if they match the allow list specified
by --report-whitelist-path-regex by --report-allow-list-path-regex
--report-console-limit int --report-console-limit int
Maximum number of issues to display on standard output. Unset with Maximum number of issues to display on standard output. Unset with
@ -342,11 +347,6 @@ OPTIONS
--report-suppress-errors +error_name --report-suppress-errors +error_name
do not report a type of errors do not report a type of errors
--report-whitelist-path-regex +path_regex
Report issues only on files whose relative path matches the
specified OCaml regex (and which do not match
--report-blacklist-path-regex)
--results-dir,-o dir --results-dir,-o dir
Write results and internal files in the specified directory Write results and internal files in the specified directory

@ -28,8 +28,8 @@ OPTIONS
`<issue_type_regex>:<filename_regex>:<reason_string>`. The first `<issue_type_regex>:<filename_regex>:<reason_string>`. The first
two components are OCaml Str regular expressions, with an optional two components are OCaml Str regular expressions, with an optional
`!` character prefix. If a regex has a `!` prefix, the polarity is `!` character prefix. If a regex has a `!` prefix, the polarity is
inverted, and the filter becomes a "blacklist" instead of a inverted, and the filter becomes a "block list" instead of a
"whitelist". Each filter is interpreted as an implication: an "allow list". Each filter is interpreted as an implication: an
issue matches if it does not match the `issue_type_regex` or if it issue matches if it does not match the `issue_type_regex` or if it
does match the `filename_regex`. The filenames that are tested by does match the `filename_regex`. The filenames that are tested by
the regex are relative to the `--project-root` directory. The the regex are relative to the `--project-root` directory. The
@ -106,13 +106,18 @@ OPTIONS
Deactivates: Run the reporting phase once the analysis has Deactivates: Run the reporting phase once the analysis has
completed (Conversely: --report) completed (Conversely: --report)
--report-blacklist-files-containing +string --report-allow-list-path-regex +path_regex
Report issues only on files whose relative path matches the
specified OCaml regex (and which do not match
--report-block-list-path-regex)
--report-block-list-files-containing +string
Do not report any issues on files containing the specified string Do not report any issues on files containing the specified string
--report-blacklist-path-regex +path_regex --report-block-list-path-regex +path_regex
Do not report any issues on files whose relative path matches the Do not report any issues on files whose relative path matches the
specified OCaml regex, even if they match the whitelist specified specified OCaml regex, even if they match the allow list specified
by --report-whitelist-path-regex by --report-allow-list-path-regex
--report-force-relative-path --report-force-relative-path
Activates: Force converting an absolute path to a relative path to Activates: Force converting an absolute path to a relative path to
@ -121,11 +126,6 @@ OPTIONS
--report-suppress-errors +error_name --report-suppress-errors +error_name
do not report a type of errors do not report a type of errors
--report-whitelist-path-regex +path_regex
Report issues only on files whose relative path matches the
specified OCaml regex (and which do not match
--report-blacklist-path-regex)
--results-dir,-o dir --results-dir,-o dir
Write results and internal files in the specified directory Write results and internal files in the specified directory
@ -153,15 +153,15 @@ OPTIONS
-- Stop argument processing, use remaining arguments as a build -- Stop argument processing, use remaining arguments as a build
command command
BUCK OPTIONS BUCK OPTIONS
--buck-blacklist +regex --buck-block-list +regex
Skip capture of files matched by the specified regular expression. Skip capture of files matched by the specified regular expression.
Only the clang, non-compilation-database Buck integration is supported, not Java. Only the clang, non-compilation-database Buck integration is supported, not Java.
--buck-targets-blacklist +regex --buck-targets-block-list +regex
Skip capture of buck targets matched by the specified regular Skip capture of buck targets matched by the specified regular
expression. Only valid for --buck-compilation-database. expression. Only valid for --buck-compilation-database.
JAVA OPTIONS JAVA OPTIONS
--capture-blacklist regex --capture-block-list regex
Skip capture of files matched by the specified OCaml regular Skip capture of files matched by the specified OCaml regular
expression (only supported by the javac integration for now). expression (only supported by the javac integration for now).

@ -139,7 +139,7 @@ OPTIONS
--bootclasspath string --bootclasspath string
Specify the Java bootclasspath See also infer-capture(1). Specify the Java bootclasspath See also infer-capture(1).
--buck-blacklist +regex --buck-block-list +regex
Skip capture of files matched by the specified regular expression. Skip capture of files matched by the specified regular expression.
Only the clang, non-compilation-database Buck integration is supported, not Java. Only the clang, non-compilation-database Buck integration is supported, not Java.
See also infer-capture(1) and infer-run(1). See also infer-capture(1) and infer-run(1).
@ -186,7 +186,7 @@ OPTIONS
successful capture. Only valid for --buck-clang. (Conversely: successful capture. Only valid for --buck-clang. (Conversely:
--no-buck-merge-all-deps) See also infer-capture(1). --no-buck-merge-all-deps) See also infer-capture(1).
--buck-targets-blacklist +regex --buck-targets-block-list +regex
Skip capture of buck targets matched by the specified regular Skip capture of buck targets matched by the specified regular
expression. Only valid for --buck-compilation-database. expression. Only valid for --buck-compilation-database.
See also infer-capture(1) and infer-run(1). See also infer-capture(1) and infer-run(1).
@ -200,7 +200,7 @@ OPTIONS
Activates: Enable bufferoverrun and disable all other checkers Activates: Enable bufferoverrun and disable all other checkers
(Conversely: --no-bufferoverrun-only) See also infer-analyze(1). (Conversely: --no-bufferoverrun-only) See also infer-analyze(1).
--capture-blacklist regex --capture-block-list regex
Skip capture of files matched by the specified OCaml regular Skip capture of files matched by the specified OCaml regular
expression (only supported by the javac integration for now). expression (only supported by the javac integration for now).
See also infer-capture(1) and infer-run(1). See also infer-capture(1) and infer-run(1).
@ -217,8 +217,8 @@ OPTIONS
`<issue_type_regex>:<filename_regex>:<reason_string>`. The first `<issue_type_regex>:<filename_regex>:<reason_string>`. The first
two components are OCaml Str regular expressions, with an optional two components are OCaml Str regular expressions, with an optional
`!` character prefix. If a regex has a `!` prefix, the polarity is `!` character prefix. If a regex has a `!` prefix, the polarity is
inverted, and the filter becomes a "blacklist" instead of a inverted, and the filter becomes a "block list" instead of a
"whitelist". Each filter is interpreted as an implication: an "allow list". Each filter is interpreted as an implication: an
issue matches if it does not match the `issue_type_regex` or if it issue matches if it does not match the `issue_type_regex` or if it
does match the `filename_regex`. The filenames that are tested by does match the `filename_regex`. The filenames that are tested by
the regex are relative to the `--project-root` directory. The the regex are relative to the `--project-root` directory. The
@ -238,10 +238,10 @@ OPTIONS
format. Please note you still need to provide a compilation format. Please note you still need to provide a compilation
command. See also infer-capture(1). command. See also infer-capture(1).
--clang-blacklisted-flags +string --clang-block-listed-flags +string
Clang flags to filter out See also infer-capture(1). Clang flags to filter out See also infer-capture(1).
--clang-blacklisted-flags-with-arg +string --clang-block-listed-flags-with-arg +string
Clang flags (taking args) to filter out See also infer-capture(1). Clang flags (taking args) to filter out See also infer-capture(1).
--clang-compound-literal-init-limit int --clang-compound-literal-init-limit int
@ -645,7 +645,7 @@ OPTIONS
differential reports See also infer-reportdiff(1). differential reports See also infer-reportdiff(1).
--no-filtering,-F --no-filtering,-F
Deactivates: Do not show the experimental and blacklisted issue Deactivates: Do not show the experimental and block listed issue
types (Conversely: --filtering | -f) See also infer-report(1). types (Conversely: --filtering | -f) See also infer-report(1).
--force-delete-results-dir --force-delete-results-dir
@ -1146,14 +1146,19 @@ OPTIONS
Deactivates: Run the reporting phase once the analysis has Deactivates: Run the reporting phase once the analysis has
completed (Conversely: --report) See also infer-analyze(1) and infer-run(1). completed (Conversely: --report) See also infer-analyze(1) and infer-run(1).
--report-blacklist-files-containing +string --report-allow-list-path-regex +path_regex
Report issues only on files whose relative path matches the
specified OCaml regex (and which do not match
--report-block-list-path-regex) See also infer-report(1) and infer-run(1).
--report-block-list-files-containing +string
Do not report any issues on files containing the specified string Do not report any issues on files containing the specified string
See also infer-report(1) and infer-run(1). See also infer-report(1) and infer-run(1).
--report-blacklist-path-regex +path_regex --report-block-list-path-regex +path_regex
Do not report any issues on files whose relative path matches the Do not report any issues on files whose relative path matches the
specified OCaml regex, even if they match the whitelist specified specified OCaml regex, even if they match the allow list specified
by --report-whitelist-path-regex See also infer-report(1) and infer-run(1). by --report-allow-list-path-regex See also infer-report(1) and infer-run(1).
--report-console-limit int --report-console-limit int
Maximum number of issues to display on standard output. Unset with Maximum number of issues to display on standard output. Unset with
@ -1176,11 +1181,6 @@ OPTIONS
--report-suppress-errors +error_name --report-suppress-errors +error_name
do not report a type of errors See also infer-report(1) and infer-run(1). do not report a type of errors See also infer-report(1) and infer-run(1).
--report-whitelist-path-regex +path_regex
Report issues only on files whose relative path matches the
specified OCaml regex (and which do not match
--report-blacklist-path-regex) See also infer-report(1) and infer-run(1).
--results-dir,-o dir --results-dir,-o dir
Write results and internal files in the specified directory Write results and internal files in the specified directory
See also infer-analyze(1), infer-capture(1), infer-explore(1), See also infer-analyze(1), infer-capture(1), infer-explore(1),
@ -1432,7 +1432,7 @@ FILES
{ {
"cxx": false, "cxx": false,
"infer-blacklist-files-containing": ["@gen","/* no infer */"] "infer-block-list-files-containing": ["@gen","/* no infer */"]
} }

@ -115,7 +115,7 @@ module Match = struct
let match_qualifiers matcher quals = let match_qualifiers matcher quals =
(* qual_name may have qualifiers with template parameters - drop them to whitelist all (* qual_name may have qualifiers with template parameters - drop them to allow all
instantiations *) instantiations *)
let normalized_qualifiers = strip_template_args quals in let normalized_qualifiers = strip_template_args quals in
Str.string_match matcher (to_separated_string ~sep:matching_separator normalized_qualifiers) 0 Str.string_match matcher (to_separated_string ~sep:matching_separator normalized_qualifiers) 0

@ -30,9 +30,9 @@ let do_not_filter : filters =
type filter_config = type filter_config =
{ whitelist: string list { allow_list: string list
; blacklist: string list ; block_list: string list
; blacklist_files_containing: string list ; block_list_files_containing: string list
; suppress_errors: string list } ; suppress_errors: string list }
let is_matching patterns source_file = let is_matching patterns source_file =
@ -318,31 +318,31 @@ let skip_translation_matcher =
let load_filters () = let load_filters () =
{ whitelist= Config.report_path_regex_whitelist { allow_list= Config.report_path_regex_allow_list
; blacklist= Config.report_path_regex_blacklist ; block_list= Config.report_path_regex_block_list
; blacklist_files_containing= Config.report_blacklist_files_containing ; block_list_files_containing= Config.report_block_list_files_containing
; suppress_errors= Config.report_suppress_errors } ; suppress_errors= Config.report_suppress_errors }
let filters_from_inferconfig inferconfig : filters = let filters_from_inferconfig inferconfig : filters =
let path_filter = let path_filter =
let whitelist_filter : path_filter = let allow_list_filter : path_filter =
is_matching (List.map ~f:Str.regexp inferconfig.whitelist) is_matching (List.map ~f:Str.regexp inferconfig.allow_list)
in in
let blacklist_filter : path_filter = let block_list_filter : path_filter =
is_matching (List.map ~f:Str.regexp inferconfig.blacklist) is_matching (List.map ~f:Str.regexp inferconfig.block_list)
in in
let blacklist_files_containing_filter : path_filter = let block_list_files_containing_filter : path_filter =
FileContainsStringMatcher.create_matcher FileContainsStringMatcher.create_matcher
(List.map (List.map
~f:(fun s -> {contains= s; not_contains= None}) ~f:(fun s -> {contains= s; not_contains= None})
inferconfig.blacklist_files_containing) inferconfig.block_list_files_containing)
in in
function function
| source_file -> | source_file ->
whitelist_filter source_file allow_list_filter source_file
|| (not (blacklist_filter source_file)) || (not (block_list_filter source_file))
&& not (blacklist_files_containing_filter source_file) && not (block_list_files_containing_filter source_file)
in in
let error_filter = function let error_filter = function
| error_name -> | error_name ->

@ -348,7 +348,7 @@ let is_android_lifecycle_method tenv pname =
PatternMatch.override_exists package_starts_with_android tenv pname PatternMatch.override_exists package_starts_with_android tenv pname
in in
let method_starts_with_on pname = Procname.get_method pname |> String.is_prefix ~prefix:"on" in let method_starts_with_on pname = Procname.get_method pname |> String.is_prefix ~prefix:"on" in
let is_whitelisted pname = let is_allow_listed pname =
match Procname.get_method pname with match Procname.get_method pname with
(* [IntentService.onHandleIntent] is an exception *) (* [IntentService.onHandleIntent] is an exception *)
| "onHandleIntent" -> | "onHandleIntent" ->
@ -362,7 +362,7 @@ let is_android_lifecycle_method tenv pname =
false false
| Java _ -> | Java _ ->
method_starts_with_on pname method_starts_with_on pname
&& (not (is_whitelisted pname)) && (not (is_allow_listed pname))
&& overrides_android_method tenv pname && overrides_android_method tenv pname

@ -13,8 +13,8 @@ module MF = MarkupFormatter
type linter = type linter =
{ condition: CTLTypes.t { condition: CTLTypes.t
; issue_desc: CIssue.t ; issue_desc: CIssue.t
; whitelist_paths: ALVar.t list ; allow_list_paths: ALVar.t list
; blacklist_paths: ALVar.t list } ; block_list_paths: ALVar.t list }
(* If in linter developer mode and if current linter was passed, filter it out *) (* If in linter developer mode and if current linter was passed, filter it out *)
let filter_parsed_linters_developer parsed_linters = let filter_parsed_linters_developer parsed_linters =
@ -40,11 +40,13 @@ let filter_parsed_linters_by_path parsed_linters source_file =
~f:(fun path -> ALVar.compare_str_with_alexp (SourceFile.to_rel_path source_file) path) ~f:(fun path -> ALVar.compare_str_with_alexp (SourceFile.to_rel_path source_file) path)
paths paths
in in
let whitelist_ok = List.is_empty linter.whitelist_paths || should_lint linter.whitelist_paths in let allow_list_ok =
let blacklist_ok = List.is_empty linter.allow_list_paths || should_lint linter.allow_list_paths
List.is_empty linter.blacklist_paths || not (should_lint linter.blacklist_paths)
in in
whitelist_ok && blacklist_ok let block_list_ok =
List.is_empty linter.block_list_paths || not (should_lint linter.block_list_paths)
in
allow_list_ok && block_list_ok
in in
List.filter ~f:filter_parsed_linter_by_path parsed_linters List.filter ~f:filter_parsed_linter_by_path parsed_linters
@ -206,7 +208,7 @@ let create_parsed_linters linters_def_file checkers : linter list =
; severity= Warning ; severity= Warning
; mode= On } ; mode= On }
in in
let issue_desc, condition, whitelist_paths, blacklist_paths = let issue_desc, condition, allow_list_paths, block_list_paths =
let process_linter_definitions (issue, cond, wl_paths, bl_paths) description = let process_linter_definitions (issue, cond, wl_paths, bl_paths) description =
match description with match description with
| CSet (av, phi) when ALVar.is_report_when_keyword av -> | CSet (av, phi) when ALVar.is_report_when_keyword av ->
@ -223,9 +225,9 @@ let create_parsed_linters linters_def_file checkers : linter list =
({issue with issue_type_doc_url= Some doc}, cond, wl_paths, bl_paths) ({issue with issue_type_doc_url= Some doc}, cond, wl_paths, bl_paths)
| CDesc (av, name) when ALVar.is_name_keyword av -> | CDesc (av, name) when ALVar.is_name_keyword av ->
({issue with issue_type_name= Some name}, cond, wl_paths, bl_paths) ({issue with issue_type_name= Some name}, cond, wl_paths, bl_paths)
| CPath (`WhitelistPath, paths) -> | CPath (`AllowListPath, paths) ->
(issue, cond, paths, bl_paths) (issue, cond, paths, bl_paths)
| CPath (`BlacklistPath, paths) -> | CPath (`BlockListPath, paths) ->
(issue, cond, wl_paths, paths) (issue, cond, wl_paths, paths)
| _ -> | _ ->
(issue, cond, wl_paths, bl_paths) (issue, cond, wl_paths, bl_paths)
@ -254,7 +256,7 @@ let create_parsed_linters linters_def_file checkers : linter list =
; suggestion= issue_desc.suggestion } ; suggestion= issue_desc.suggestion }
in in
L.debug Linters Medium "@\nIssue_desc = %a@\n" CIssue.pp issue_desc ; L.debug Linters Medium "@\nIssue_desc = %a@\n" CIssue.pp issue_desc ;
{condition; issue_desc; whitelist_paths; blacklist_paths} {condition; issue_desc; allow_list_paths; block_list_paths}
in in
List.map ~f:do_one_checker checkers List.map ~f:do_one_checker checkers
@ -445,9 +447,9 @@ let expand_checkers macro_map path_map checkers =
| CSet (report_when_const, phi) -> | CSet (report_when_const, phi) ->
L.(debug Linters Medium) " -Expanding report_when@\n" ; L.(debug Linters Medium) " -Expanding report_when@\n" ;
CSet (report_when_const, expand_formula phi map "") :: defs CSet (report_when_const, expand_formula phi map "") :: defs
| CPath (black_or_white_list, paths) -> | CPath (block_or_allow_list, paths) ->
L.(debug Linters Medium) " -Expanding path@\n" ; L.(debug Linters Medium) " -Expanding path@\n" ;
CPath (black_or_white_list, expand_path paths path_map) :: defs CPath (block_or_allow_list, expand_path paths path_map) :: defs
| cl -> | cl ->
cl :: defs ) cl :: defs )
~init:[] c.definitions ~init:[] c.definitions

@ -12,8 +12,8 @@ val issue_log : IssueLog.t ref
type linter = type linter =
{ condition: CTLTypes.t { condition: CTLTypes.t
; issue_desc: CIssue.t ; issue_desc: CIssue.t
; whitelist_paths: ALVar.t list ; allow_list_paths: ALVar.t list
; blacklist_paths: ALVar.t list } ; block_list_paths: ALVar.t list }
val filter_parsed_linters : linter list -> SourceFile.t -> linter list val filter_parsed_linters : linter list -> SourceFile.t -> linter list

@ -38,7 +38,7 @@ type clause =
(* Set clause: set id = definition *) (* Set clause: set id = definition *)
| CDesc of ALVar.keyword * string | CDesc of ALVar.keyword * string
(* Description clause eg: set message = "..." *) (* Description clause eg: set message = "..." *)
| CPath of [`WhitelistPath | `BlacklistPath] * ALVar.t list | CPath of [`AllowListPath | `BlockListPath] * ALVar.t list
type ctl_checker = type ctl_checker =
{id: string; (* Checker's id *) definitions: clause list (* A list of let/set definitions *)} {id: string; (* Checker's id *) definitions: clause list (* A list of let/set definitions *)}
@ -66,7 +66,11 @@ let print_checker c =
L.(debug Linters Medium) " %s= @\n %s@\n@\n" cn_str s L.(debug Linters Medium) " %s= @\n %s@\n@\n" cn_str s
| CPath (paths_keyword, paths) -> | CPath (paths_keyword, paths) ->
let keyword = let keyword =
match paths_keyword with `WhitelistPath -> "whitelist_path" | _ -> "blacklist_path" match paths_keyword with
| `AllowListPath ->
"allow_list_path"
| `BlockListPath ->
"block_list_path"
in in
let paths_str = String.concat ~sep:"," (List.map ~f:ALVar.alexp_to_string paths) in let paths_str = String.concat ~sep:"," (List.map ~f:ALVar.alexp_to_string paths) in
L.(debug Linters Medium) " %s= @\n %s@\n@\n" keyword paths_str ) L.(debug Linters Medium) " %s= @\n %s@\n@\n" keyword paths_str )

@ -30,7 +30,7 @@ type clause =
| CLet of ALVar.formula_id * ALVar.t list * CTLTypes.t (** Let clause: let id = definifion; *) | CLet of ALVar.formula_id * ALVar.t list * CTLTypes.t (** Let clause: let id = definifion; *)
| CSet of ALVar.keyword * CTLTypes.t (** Set clause: set id = definition *) | CSet of ALVar.keyword * CTLTypes.t (** Set clause: set id = definition *)
| CDesc of ALVar.keyword * string (** Description clause eg: set message = "..." *) | CDesc of ALVar.keyword * string (** Description clause eg: set message = "..." *)
| CPath of [`WhitelistPath | `BlacklistPath] * ALVar.t list | CPath of [`AllowListPath | `BlockListPath] * ALVar.t list
type ctl_checker = type ctl_checker =
{id: string (** Checker's id *); definitions: clause list (** A list of let/set definitions *)} {id: string (** Checker's id *); definitions: clause list (** A list of let/set definitions *)}

@ -98,8 +98,8 @@ let mutable_local_vars_advice context an =
| _ -> | _ ->
None None
in in
let is_of_whitelisted_type qual_type = let is_of_allow_listed_type qual_type =
let cpp_whitelist = let cpp_allow_list =
[ "CKComponentScope" [ "CKComponentScope"
; "FBTrackingNodeScope" ; "FBTrackingNodeScope"
; "FBTrackingCodeScope" ; "FBTrackingCodeScope"
@ -107,12 +107,12 @@ let mutable_local_vars_advice context an =
; "CKComponentKey" ; "CKComponentKey"
; "UIContext" ] ; "UIContext" ]
in in
let objc_whitelist = ["NSError"] in let objc_allow_list = ["NSError"] in
match get_referenced_type qual_type with match get_referenced_type qual_type with
| Some (CXXRecordDecl (_, ndi, _, _, _, _, _, _)) -> | Some (CXXRecordDecl (_, ndi, _, _, _, _, _, _)) ->
List.mem ~equal:String.equal cpp_whitelist ndi.ni_name List.mem ~equal:String.equal cpp_allow_list ndi.ni_name
| Some (ObjCInterfaceDecl (_, ndi, _, _, _)) -> | Some (ObjCInterfaceDecl (_, ndi, _, _, _)) ->
List.mem ~equal:String.equal objc_whitelist ndi.ni_name List.mem ~equal:String.equal objc_allow_list ndi.ni_name
| _ -> | _ ->
false false
in in
@ -138,7 +138,7 @@ let mutable_local_vars_advice context an =
let should_not_report_mutable_local = let should_not_report_mutable_local =
CAst_utils.is_syntactically_global_var decl CAst_utils.is_syntactically_global_var decl
|| CAst_utils.is_static_local_var decl || CAst_utils.is_static_local_var decl
|| is_const || is_of_whitelisted_type qual_type || decl_info.di_is_implicit || is_const || is_of_allow_listed_type qual_type || decl_info.di_is_implicit
|| context.CLintersContext.in_for_loop_declaration || context.CLintersContext.in_for_loop_declaration
|| CAst_utils.is_std_vector qual_type || CAst_utils.is_std_vector qual_type
|| CAst_utils.has_block_attribute decl || CAst_utils.has_block_attribute decl

@ -55,8 +55,10 @@ rule token = parse
| "LET" { LET } | "LET" { LET }
| "TRUE" { TRUE } | "TRUE" { TRUE }
| "FALSE" { FALSE } | "FALSE" { FALSE }
| "whitelist_path" { WHITELIST_PATH } | "allow_list_path" { ALLOW_LIST_PATH }
| "blacklist_path" { BLACKLIST_PATH } | "block_list_path" { BLOCK_LIST_PATH }
| "whitelist_path" { ALLOW_LIST_PATH }
| "blacklist_path" { BLOCK_LIST_PATH }
| "{" { LEFT_BRACE } | "{" { LEFT_BRACE }
| "}" { RIGHT_BRACE } | "}" { RIGHT_BRACE }
| "(" { LEFT_PAREN } | "(" { LEFT_PAREN }

@ -75,8 +75,8 @@
%token REGEXP %token REGEXP
%token <string> IDENTIFIER %token <string> IDENTIFIER
%token <string> STRING %token <string> STRING
%token WHITELIST_PATH %token ALLOW_LIST_PATH
%token BLACKLIST_PATH %token BLOCK_LIST_PATH
%token ACCESSOR_FOR_PROPERTY %token ACCESSOR_FOR_PROPERTY
%token ANY %token ANY
%token BODY %token BODY
@ -187,10 +187,10 @@ clause:
| _ -> L.(die ExternalError) "string '%s' cannot be set to a variable. \ | _ -> L.(die ExternalError) "string '%s' cannot be set to a variable. \
Use the reserved variable 'report_when'" $2 in Use the reserved variable 'report_when'" $2 in
CTL.CSet (alvar, $4) } CTL.CSet (alvar, $4) }
| SET WHITELIST_PATH ASSIGNMENT LEFT_BRACE path_list RIGHT_BRACE | SET ALLOW_LIST_PATH ASSIGNMENT LEFT_BRACE path_list RIGHT_BRACE
{ CTL.CPath (`WhitelistPath, $5) } { CTL.CPath (`AllowListPath, $5) }
| SET BLACKLIST_PATH ASSIGNMENT LEFT_BRACE path_list RIGHT_BRACE | SET BLOCK_LIST_PATH ASSIGNMENT LEFT_BRACE path_list RIGHT_BRACE
{ CTL.CPath (`BlacklistPath, $5) } { CTL.CPath (`BlockListPath, $5) }
| SET identifier ASSIGNMENT STRING | SET identifier ASSIGNMENT STRING
{ L.(debug Linters Verbose) "\tParsed SET clause@\n"; { L.(debug Linters Verbose) "\tParsed SET clause@\n";
let alvar = match $2 with let alvar = match $2 with

@ -230,8 +230,8 @@ end = struct
Io_infer.Html.close (fd, fmt) Io_infer.Html.close (fd, fmt)
let is_whitelisted = let is_allow_listed =
match Config.write_html_whitelist_regex with match Config.write_html_allow_list_regex with
| [] -> | [] ->
fun _ -> true fun _ -> true
| _ as reg_list -> | _ as reg_list ->
@ -256,7 +256,7 @@ end = struct
| Some proc_desc -> | Some proc_desc ->
if Procdesc.is_defined proc_desc then if Procdesc.is_defined proc_desc then
let file = (Procdesc.get_loc proc_desc).Location.file in let file = (Procdesc.get_loc proc_desc).Location.file in
if is_whitelisted file then ( if is_allow_listed file then (
let pdescs_in_file = let pdescs_in_file =
try Hashtbl.find pdescs_in_source file try Hashtbl.find pdescs_in_source file
with Caml.Not_found -> Procname.Map.empty with Caml.Not_found -> Procname.Map.empty

@ -293,7 +293,7 @@ $(b,infer) $(i,[options])|}
; `Pre ; `Pre
{| { {| {
"cxx": false, "cxx": false,
"infer-blacklist-files-containing": ["@gen","/* no infer */"] "infer-block-list-files-containing": ["@gen","/* no infer */"]
}|} }|}
] ]
~see_also:InferCommand.all_commands "infer" ~see_also:InferCommand.all_commands "infer"

@ -206,9 +206,9 @@ let unsafe_unret = "<\"Unsafe_unretained\">"
let weak = "<\"Weak\">" let weak = "<\"Weak\">"
(* Whitelists for C++ library functions *) (* Allow lists for C++ library functions *)
let std_whitelisted_cpp_methods = let std_allow_listed_cpp_methods =
[ "std::back_inserter" [ "std::back_inserter"
; "std::forward" ; "std::forward"
; "std::front_inserter" ; "std::front_inserter"
@ -228,7 +228,7 @@ let std_whitelisted_cpp_methods =
; "std::swap" ] ; "std::swap" ]
let libstdcxx_whitelisted_cpp_methods = let libstdcxx_allow_listed_cpp_methods =
[ "__gnu_cxx::operator!=" [ "__gnu_cxx::operator!="
; "__gnu_cxx::operator<" ; "__gnu_cxx::operator<"
; "__gnu_cxx::operator<=" ; "__gnu_cxx::operator<="
@ -239,21 +239,21 @@ let libstdcxx_whitelisted_cpp_methods =
; "__gnu_cxx::operator-" ] ; "__gnu_cxx::operator-" ]
let libcxx_whitelisted_cpp_methods = [] let libcxx_allow_listed_cpp_methods = []
let other_whitelisted_cpp_methods = ["google::CheckNotNull"] let other_allow_listed_cpp_methods = ["google::CheckNotNull"]
let whitelisted_cpp_methods = let allow_listed_cpp_methods =
List.concat List.concat
[ std_whitelisted_cpp_methods [ std_allow_listed_cpp_methods
; libstdcxx_whitelisted_cpp_methods ; libstdcxx_allow_listed_cpp_methods
; libcxx_whitelisted_cpp_methods ; libcxx_allow_listed_cpp_methods
; other_whitelisted_cpp_methods ] ; other_allow_listed_cpp_methods ]
(* Whitelists for C++ library classes *) (* Allow lists for C++ library classes *)
let std_whitelisted_cpp_classes = let std_allow_listed_cpp_classes =
[ "std::back_insert_iterator" [ "std::back_insert_iterator"
; "std::equal_to" ; "std::equal_to"
; "std::front_insert_iterator" ; "std::front_insert_iterator"
@ -271,27 +271,27 @@ let std_whitelisted_cpp_classes =
; "std::__shared_ptr_access" ] ; "std::__shared_ptr_access" ]
let libstdcxx_whitelisted_cpp_classes = let libstdcxx_allow_listed_cpp_classes =
(* libstdc++ internal support class for std::get<std::pair> *) (* libstdc++ internal support class for std::get<std::pair> *)
[ "__gnu_cxx::__normal_iterator" (* libstdc++ internal name of vector iterator *) [ "__gnu_cxx::__normal_iterator" (* libstdc++ internal name of vector iterator *)
; "std::__pair_get" ] ; "std::__pair_get" ]
let libcxx_whitelisted_cpp_classes = let libcxx_allow_listed_cpp_classes =
(* libc++ internal support class for std::get<std::pair> *) (* libc++ internal support class for std::get<std::pair> *)
[ "std::__less" [ "std::__less"
; "std::__wrap_iter" (* libc++ internal name of vector iterator *) ; "std::__wrap_iter" (* libc++ internal name of vector iterator *)
; "std::__get_pair" ] ; "std::__get_pair" ]
let other_whitelisted_cpp_classes = [] let other_allow_listed_cpp_classes = []
let whitelisted_cpp_classes = let allow_listed_cpp_classes =
List.concat List.concat
[ std_whitelisted_cpp_classes [ std_allow_listed_cpp_classes
; libstdcxx_whitelisted_cpp_classes ; libstdcxx_allow_listed_cpp_classes
; libcxx_whitelisted_cpp_classes ; libcxx_allow_listed_cpp_classes
; other_whitelisted_cpp_classes ] ; other_allow_listed_cpp_classes ]
let pp_version fmt () = let pp_version fmt () =
@ -766,10 +766,10 @@ and bootclasspath =
(** Automatically set when running from within Buck *) (** Automatically set when running from within Buck *)
and buck = CLOpt.mk_bool ~long:"buck" "" and buck = CLOpt.mk_bool ~long:"buck" ""
and buck_blacklist = and buck_block_list =
CLOpt.mk_string_list CLOpt.mk_string_list
~deprecated:["-blacklist-regex"; "-blacklist"] ~deprecated:["-blacklist-regex"; "-blacklist"; "-buck-blacklist"]
~long:"buck-blacklist" ~long:"buck-block-list"
~in_help:InferCommand.[(Run, manual_buck); (Capture, manual_buck)] ~in_help:InferCommand.[(Run, manual_buck); (Capture, manual_buck)]
~meta:"regex" ~meta:"regex"
"Skip capture of files matched by the specified regular expression. Only the clang, \ "Skip capture of files matched by the specified regular expression. Only the clang, \
@ -860,8 +860,8 @@ and _buck_out =
"[DOES NOTHING] Specify the root directory of buck-out. Only valid for $(b,--buck-java)." "[DOES NOTHING] Specify the root directory of buck-out. Only valid for $(b,--buck-java)."
and buck_targets_blacklist = and buck_targets_block_list =
CLOpt.mk_string_list ~long:"buck-targets-blacklist" CLOpt.mk_string_list ~long:"buck-targets-block-list" ~deprecated:["-buck-targets-blacklist"]
~in_help:InferCommand.[(Run, manual_buck); (Capture, manual_buck)] ~in_help:InferCommand.[(Run, manual_buck); (Capture, manual_buck)]
~meta:"regex" ~meta:"regex"
"Skip capture of buck targets matched by the specified regular expression. Only valid for \ "Skip capture of buck targets matched by the specified regular expression. Only valid for \
@ -873,8 +873,8 @@ and capture =
"capture and translate source files into infer's intermediate language for analysis" "capture and translate source files into infer's intermediate language for analysis"
and capture_blacklist = and capture_block_list =
CLOpt.mk_string_opt ~long:"capture-blacklist" CLOpt.mk_string_opt ~long:"capture-block-list" ~deprecated:["-capture-blacklist"]
~in_help:InferCommand.[(Run, manual_java); (Capture, manual_java)] ~in_help:InferCommand.[(Run, manual_java); (Capture, manual_java)]
~meta:"regex" ~meta:"regex"
"Skip capture of files matched by the specified OCaml regular expression (only supported by \ "Skip capture of files matched by the specified OCaml regular expression (only supported by \
@ -897,9 +897,9 @@ and censor_report =
to each issue detected, and only issues which are accepted by all filters are reported. Each \ to each issue detected, and only issues which are accepted by all filters are reported. Each \
filter is of the form: `<issue_type_regex>:<filename_regex>:<reason_string>`. The first two \ filter is of the form: `<issue_type_regex>:<filename_regex>:<reason_string>`. The first two \
components are OCaml Str regular expressions, with an optional `!` character prefix. If a \ components are OCaml Str regular expressions, with an optional `!` character prefix. If a \
regex has a `!` prefix, the polarity is inverted, and the filter becomes a \"blacklist\" \ regex has a `!` prefix, the polarity is inverted, and the filter becomes a \"block list\" \
instead of a \"whitelist\". Each filter is interpreted as an implication: an issue matches if \ instead of a \"allow list\". Each filter is interpreted as an implication: an issue matches \
it does not match the `issue_type_regex` or if it does match the `filename_regex`. The \ if it does not match the `issue_type_regex` or if it does match the `filename_regex`. The \
filenames that are tested by the regex are relative to the `--project-root` directory. The \ filenames that are tested by the regex are relative to the `--project-root` directory. The \
`<reason_string>` is a non-empty string used to explain why the issue was filtered." `<reason_string>` is a non-empty string used to explain why the issue was filtered."
@ -938,8 +938,8 @@ and clang_extra_flags =
"Pass values as command-line arguments to invocations of clang" "Pass values as command-line arguments to invocations of clang"
and clang_blacklisted_flags = and clang_block_listed_flags =
CLOpt.mk_string_list ~long:"clang-blacklisted-flags" CLOpt.mk_string_list ~long:"clang-block-listed-flags" ~deprecated:["-clang-blacklisted-flags"]
~default: ~default:
[ "--expt-relaxed-constexpr" [ "--expt-relaxed-constexpr"
; "-fembed-bitcode-marker" ; "-fembed-bitcode-marker"
@ -949,8 +949,9 @@ and clang_blacklisted_flags =
"Clang flags to filter out" "Clang flags to filter out"
and clang_blacklisted_flags_with_arg = and clang_block_listed_flags_with_arg =
CLOpt.mk_string_list ~long:"clang-blacklisted-flags-with-arg" CLOpt.mk_string_list ~long:"clang-block-listed-flags-with-arg"
~deprecated:["-clang-blacklisted-flags-with-arg"]
~default:["-index-store-path"; "-mllvm"] ~default:["-index-store-path"; "-mllvm"]
~in_help:InferCommand.[(Capture, manual_clang)] ~in_help:InferCommand.[(Capture, manual_clang)]
"Clang flags (taking args) to filter out" "Clang flags (taking args) to filter out"
@ -1180,7 +1181,7 @@ and ( biabduction_write_dotty
and filtering = and filtering =
CLOpt.mk_bool ~deprecated_no:["nf"] ~long:"filtering" ~short:'f' ~default:true CLOpt.mk_bool ~deprecated_no:["nf"] ~long:"filtering" ~short:'f' ~default:true
~in_help:InferCommand.[(Report, manual_generic)] ~in_help:InferCommand.[(Report, manual_generic)]
"Do not show the experimental and blacklisted issue types" "Do not show the experimental and block listed issue types"
and only_cheap_debug = and only_cheap_debug =
CLOpt.mk_bool ~long:"only-cheap-debug" ~default:true "Disable expensive debugging output" CLOpt.mk_bool ~long:"only-cheap-debug" ~default:true "Disable expensive debugging output"
and print_buckets = and print_buckets =
@ -2228,33 +2229,35 @@ and report =
"Run the reporting phase once the analysis has completed" "Run the reporting phase once the analysis has completed"
and ( report_blacklist_files_containing and ( report_block_list_files_containing
, report_path_regex_blacklist , report_path_regex_block_list
, report_path_regex_whitelist , report_path_regex_allow_list
, report_suppress_errors ) = , report_suppress_errors ) =
let mk_filtering_option ~suffix ~help ~meta = let mk_filtering_option ~suffix ?(deprecated = []) ~help ~meta () =
let deprecated = let deprecated =
List.map ["checkers"; "infer"] ~f:(fun name -> Printf.sprintf "%s-%s" name suffix) List.map ["checkers"; "infer"] ~f:(fun name -> Printf.sprintf "%s-%s" name suffix)
@ List.map deprecated ~f:(fun deprecated -> Printf.sprintf "-report-%s" deprecated)
in in
let long = Printf.sprintf "report-%s" suffix in let long = Printf.sprintf "report-%s" suffix in
CLOpt.mk_string_list ~deprecated ~long ~meta CLOpt.mk_string_list ~deprecated ~long ~meta
~in_help:InferCommand.[(Report, manual_generic); (Run, manual_generic)] ~in_help:InferCommand.[(Report, manual_generic); (Run, manual_generic)]
help help
in in
( mk_filtering_option ~suffix:"blacklist-files-containing" ( mk_filtering_option ~suffix:"block-list-files-containing"
~help:"Do not report any issues on files containing the specified string" ~meta:"string" ~deprecated:["blacklist-files-containing"]
, mk_filtering_option ~suffix:"blacklist-path-regex" ~help:"Do not report any issues on files containing the specified string" ~meta:"string" ()
, mk_filtering_option ~suffix:"block-list-path-regex" ~deprecated:["blacklist-path-regex"]
~help: ~help:
"Do not report any issues on files whose relative path matches the specified OCaml regex, \ "Do not report any issues on files whose relative path matches the specified OCaml regex, \
even if they match the whitelist specified by $(b,--report-whitelist-path-regex)" even if they match the allow list specified by $(b,--report-allow-list-path-regex)"
~meta:"path_regex" ~meta:"path_regex" ()
, mk_filtering_option ~suffix:"whitelist-path-regex" , mk_filtering_option ~suffix:"allow-list-path-regex" ~deprecated:["whitelist-path-regex"]
~help: ~help:
"Report issues only on files whose relative path matches the specified OCaml regex (and \ "Report issues only on files whose relative path matches the specified OCaml regex (and \
which do not match $(b,--report-blacklist-path-regex))" which do not match $(b,--report-block-list-path-regex))"
~meta:"path_regex" ~meta:"path_regex" ()
, mk_filtering_option ~suffix:"suppress-errors" ~help:"do not report a type of errors" , mk_filtering_option ~suffix:"suppress-errors" ~help:"do not report a type of errors"
~meta:"error_name" ) ~meta:"error_name" () )
and report_console_limit = and report_console_limit =
@ -2628,9 +2631,10 @@ and workspace =
roots, all relative to a common workspace. Usually a single project root is enough, though." roots, all relative to a common workspace. Usually a single project root is enough, though."
and write_html_whitelist_regex = and write_html_allow_list_regex =
CLOpt.mk_string_list ~long:"write-html-whitelist-regex" CLOpt.mk_string_list ~long:"write-html-allow-list-regex"
"Whitelist files that will have their html debug output printed when $(b,--html) is true." ~deprecated:["-write-html-whitelist-regex"]
"Allow list files that will have their html debug output printed when $(b,--html) is true."
and write_website = and write_website =
@ -2927,7 +2931,7 @@ and bo_field_depth_limit = !bo_field_depth_limit
and buck = !buck and buck = !buck
and buck_blacklist = RevList.to_list !buck_blacklist and buck_block_list = RevList.to_list !buck_block_list
and buck_build_args = RevList.to_list !buck_build_args and buck_build_args = RevList.to_list !buck_build_args
@ -2959,11 +2963,11 @@ and buck_mode : BuckMode.t option =
Some JavaFlavor Some JavaFlavor
and buck_targets_blacklist = RevList.to_list !buck_targets_blacklist and buck_targets_block_list = RevList.to_list !buck_targets_block_list
and capture = !capture and capture = !capture
and capture_blacklist = !capture_blacklist and capture_block_list = !capture_block_list
and cfg_json = !cfg_json and cfg_json = !cfg_json
@ -3006,9 +3010,9 @@ and clang_compound_literal_init_limit = !clang_compound_literal_init_limit
and clang_extra_flags = RevList.to_list !clang_extra_flags and clang_extra_flags = RevList.to_list !clang_extra_flags
and clang_blacklisted_flags = RevList.to_list !clang_blacklisted_flags and clang_block_listed_flags = RevList.to_list !clang_block_listed_flags
and clang_blacklisted_flags_with_arg = RevList.to_list !clang_blacklisted_flags_with_arg and clang_block_listed_flags_with_arg = RevList.to_list !clang_block_listed_flags_with_arg
and clang_ignore_regex = !clang_ignore_regex and clang_ignore_regex = !clang_ignore_regex
@ -3409,7 +3413,7 @@ and remodel_class = !remodel_class
and report = !report and report = !report
and report_blacklist_files_containing = RevList.to_list !report_blacklist_files_containing and report_block_list_files_containing = RevList.to_list !report_block_list_files_containing
and report_console_limit = !report_console_limit and report_console_limit = !report_console_limit
@ -3421,9 +3425,9 @@ and report_force_relative_path = !report_force_relative_path
and report_formatter = !report_formatter and report_formatter = !report_formatter
and report_path_regex_blacklist = RevList.to_list !report_path_regex_blacklist and report_path_regex_block_list = RevList.to_list !report_path_regex_block_list
and report_path_regex_whitelist = RevList.to_list !report_path_regex_whitelist and report_path_regex_allow_list = RevList.to_list !report_path_regex_allow_list
and report_previous = !report_previous and report_previous = !report_previous
@ -3560,7 +3564,7 @@ and workspace = !workspace
and write_html = !write_html and write_html = !write_html
and write_html_whitelist_regex = RevList.to_list !write_html_whitelist_regex and write_html_allow_list_regex = RevList.to_list !write_html_allow_list_regex
and write_website = !write_website and write_website = !write_website

@ -108,9 +108,9 @@ val unsafe_unret : string
val weak : string val weak : string
val whitelisted_cpp_classes : string list val allow_listed_cpp_classes : string list
val whitelisted_cpp_methods : string list val allow_listed_cpp_methods : string list
val wrappers_dir : string val wrappers_dir : string
@ -171,7 +171,7 @@ val bootclasspath : string option
val buck : bool val buck : bool
val buck_blacklist : string list val buck_block_list : string list
val buck_build_args : string list val buck_build_args : string list
@ -191,11 +191,11 @@ val buck_mode : BuckMode.t option
val buck_out_gen : string val buck_out_gen : string
val buck_targets_blacklist : string list val buck_targets_block_list : string list
val capture : bool val capture : bool
val capture_blacklist : string option val capture_block_list : string option
val censor_report : ((bool * Str.regexp) * (bool * Str.regexp) * string) list val censor_report : ((bool * Str.regexp) * (bool * Str.regexp) * string) list
@ -211,9 +211,9 @@ val clang_compound_literal_init_limit : int
val clang_extra_flags : string list val clang_extra_flags : string list
val clang_blacklisted_flags : string list val clang_block_listed_flags : string list
val clang_blacklisted_flags_with_arg : string list val clang_block_listed_flags_with_arg : string list
val clang_frontend_action_string : string val clang_frontend_action_string : string
@ -562,7 +562,7 @@ val remodel_class : string option
val report : bool val report : bool
val report_blacklist_files_containing : string list val report_block_list_files_containing : string list
val report_console_limit : int option val report_console_limit : int option
@ -574,9 +574,9 @@ val report_force_relative_path : bool
val report_formatter : [`No_formatter | `Phabricator_formatter] val report_formatter : [`No_formatter | `Phabricator_formatter]
val report_path_regex_blacklist : string list val report_path_regex_block_list : string list
val report_path_regex_whitelist : string list val report_path_regex_allow_list : string list
val report_previous : string option val report_previous : string option
@ -690,7 +690,7 @@ val workspace : string option
val write_html : bool val write_html : bool
val write_html_whitelist_regex : string list val write_html_allow_list_regex : string list
val write_website : string option val write_website : string option

@ -491,10 +491,10 @@ module BinaryOperationCondition = struct
let is_deliberate_integer_overflow = let is_deliberate_integer_overflow =
let whitelist = ["hash"; "lfsr"; "prng"; "rand"; "seed"] in let allow_list = ["hash"; "lfsr"; "prng"; "rand"; "seed"] in
let f x = let f x =
let x = String.lowercase x in let x = String.lowercase x in
List.exists whitelist ~f:(fun whitelist -> String.is_substring x ~substring:whitelist) List.exists allow_list ~f:(fun allow_list -> String.is_substring x ~substring:allow_list)
in in
fun {typ; lhs; rhs; pname} ct -> fun {typ; lhs; rhs; pname} ct ->
Typ.ikind_is_unsigned typ Typ.ikind_is_unsigned typ

@ -12,10 +12,10 @@ module L = Logging
module GlobalVar = SiofTrace.GlobalVar module GlobalVar = SiofTrace.GlobalVar
module GlobalVarSet = SiofTrace.GlobalVarSet module GlobalVarSet = SiofTrace.GlobalVarSet
let methods_whitelist = QualifiedCppName.Match.of_fuzzy_qual_names Config.siof_safe_methods let methods_allow_list = QualifiedCppName.Match.of_fuzzy_qual_names Config.siof_safe_methods
let is_whitelisted (pname : Procname.t) = let is_allow_listed (pname : Procname.t) =
Procname.get_qualifiers pname |> QualifiedCppName.Match.match_qualifiers methods_whitelist Procname.get_qualifiers pname |> QualifiedCppName.Match.match_qualifiers methods_allow_list
type siof_model = type siof_model =
@ -148,7 +148,7 @@ module TransferFunctions (CFG : ProcCfg.S) = struct
| Store {e2= exp; loc} (* except in the case above, consider all reads as dangerous *) | Store {e2= exp; loc} (* except in the case above, consider all reads as dangerous *)
| Prune (exp, loc, _, _) -> | Prune (exp, loc, _, _) ->
get_globals analysis_data exp |> add_globals astate loc get_globals analysis_data exp |> add_globals astate loc
| Call (_, Const (Cfun callee_pname), _, _, _) when is_whitelisted callee_pname -> | Call (_, Const (Cfun callee_pname), _, _, _) when is_allow_listed callee_pname ->
at_least_nonbottom astate at_least_nonbottom astate
| Call (_, Const (Cfun callee_pname), _, _, _) when is_modelled callee_pname -> | Call (_, Const (Cfun callee_pname), _, _, _) when is_modelled callee_pname ->
let init = let init =

@ -169,13 +169,13 @@ let cc1_capture clang_cmd =
if if
InferCommand.equal Config.command Compile InferCommand.equal Config.command Compile
|| (not Config.skip_analysis_in_path_skips_compilation) || (not Config.skip_analysis_in_path_skips_compilation)
&& CLocation.is_file_blacklisted source_path && CLocation.is_file_block_listed source_path
then ( then (
L.(debug Capture Quiet) "@\n Skip the analysis of source file %s@\n@\n" source_path ; L.(debug Capture Quiet) "@\n Skip the analysis of source file %s@\n@\n" source_path ;
(* We still need to run clang, but we don't have to attach the plugin. *) (* We still need to run clang, but we don't have to attach the plugin. *)
run_clang clang_cmd Utils.consume_in ) run_clang clang_cmd Utils.consume_in )
else if else if
Config.skip_analysis_in_path_skips_compilation && CLocation.is_file_blacklisted source_path Config.skip_analysis_in_path_skips_compilation && CLocation.is_file_block_listed source_path
then ( then (
L.(debug Capture Quiet) "@\n Skip compilation and analysis of source file %s@\n@\n" source_path ; L.(debug Capture Quiet) "@\n Skip compilation and analysis of source file %s@\n@\n" source_path ;
() ) () )

@ -79,12 +79,12 @@ let filter_and_replace_unsupported_args ?(replace_options_arg = fun _ s -> s) ?(
?(pre_args = []) args = ?(pre_args = []) args =
(* [prev] is the previously seen argument, [res_rev] is the reversed result, [changed] is true if (* [prev] is the previously seen argument, [res_rev] is the reversed result, [changed] is true if
some change has been performed *) some change has been performed *)
let rec aux in_argfiles (prev_is_blacklisted_with_arg, res_rev, changed) args = let rec aux in_argfiles (prev_is_block_listed_with_arg, res_rev, changed) args =
match args with match args with
| [] -> | [] ->
(prev_is_blacklisted_with_arg, res_rev, changed) (prev_is_block_listed_with_arg, res_rev, changed)
| _ :: tl when prev_is_blacklisted_with_arg -> | _ :: tl when prev_is_block_listed_with_arg ->
(* in the unlikely event that a blacklisted flag with arg sits as the last option in some (* in the unlikely event that a block listed flag with arg sits as the last option in some
arg file, we need to remove its argument now *) arg file, we need to remove its argument now *)
aux in_argfiles (false, res_rev, true) tl aux in_argfiles (false, res_rev, true) tl
| at_argfile :: tl | at_argfile :: tl
@ -100,29 +100,29 @@ let filter_and_replace_unsupported_args ?(replace_options_arg = fun _ s -> s) ?(
String.strip s String.strip s
|> Utils.strip_balanced_once ~drop:(function '"' | '\'' -> true | _ -> false) |> Utils.strip_balanced_once ~drop:(function '"' | '\'' -> true | _ -> false)
in in
let last_in_file_is_blacklisted, rev_res_with_file_args, changed_file = let last_in_file_is_block_listed, rev_res_with_file_args, changed_file =
List.map ~f:strip lines List.map ~f:strip lines
|> aux in_argfiles' (prev_is_blacklisted_with_arg, res_rev, false) |> aux in_argfiles' (prev_is_block_listed_with_arg, res_rev, false)
in in
if changed_file then if changed_file then
aux in_argfiles' (last_in_file_is_blacklisted, rev_res_with_file_args, true) tl aux in_argfiles' (last_in_file_is_block_listed, rev_res_with_file_args, true) tl
else else
(* keep the same argfile if we haven't needed to change anything in it *) (* keep the same argfile if we haven't needed to change anything in it *)
aux in_argfiles' (last_in_file_is_blacklisted, at_argfile :: res_rev, changed) tl aux in_argfiles' (last_in_file_is_block_listed, at_argfile :: res_rev, changed) tl
| exception e -> | exception e ->
L.external_warning "Error reading argument file '%s': %s@\n" at_argfile L.external_warning "Error reading argument file '%s': %s@\n" at_argfile
(Exn.to_string e) ; (Exn.to_string e) ;
aux in_argfiles' (false, at_argfile :: res_rev, changed) tl ) aux in_argfiles' (false, at_argfile :: res_rev, changed) tl )
| flag :: tl | flag :: tl
when List.mem ~equal:String.equal Config.clang_blacklisted_flags flag when List.mem ~equal:String.equal Config.clang_block_listed_flags flag
|| String.lsplit2 ~on:'=' flag || String.lsplit2 ~on:'=' flag
|> function |> function
| Some (flag, _arg) -> | Some (flag, _arg) ->
List.mem ~equal:String.equal Config.clang_blacklisted_flags_with_arg flag List.mem ~equal:String.equal Config.clang_block_listed_flags_with_arg flag
| None -> | None ->
false -> false ->
aux in_argfiles (false, res_rev, true) tl aux in_argfiles (false, res_rev, true) tl
| flag :: tl when List.mem ~equal:String.equal Config.clang_blacklisted_flags_with_arg flag -> | flag :: tl when List.mem ~equal:String.equal Config.clang_block_listed_flags_with_arg flag ->
(* remove the flag and its arg separately in case we are at the end of an argfile *) (* remove the flag and its arg separately in case we are at the end of an argfile *)
aux in_argfiles (true, res_rev, true) tl aux in_argfiles (true, res_rev, true) tl
| arg :: tl -> | arg :: tl ->

@ -379,19 +379,19 @@ let get_impl_decl_info dec =
match dec with Clang_ast_t.ObjCImplementationDecl (_, _, _, _, idi) -> Some idi | _ -> None match dec with Clang_ast_t.ObjCImplementationDecl (_, _, _, _, idi) -> Some idi | _ -> None
let default_blacklist = CFrontend_config.[nsobject_cl; nsproxy_cl] let default_block_list = CFrontend_config.[nsobject_cl; nsproxy_cl]
let rec is_objc_if_descendant ?(blacklist = default_blacklist) if_decl ancestors = let rec is_objc_if_descendant ?(block_list = default_block_list) if_decl ancestors =
(* List of ancestors to check for and list of classes to short-circuit to (* List of ancestors to check for and list of classes to short-circuit to
false can't intersect *) false can't intersect *)
if not String.Set.(is_empty (inter (of_list blacklist) (of_list ancestors))) then if not String.Set.(is_empty (inter (of_list block_list) (of_list ancestors))) then
L.(die InternalError) "Blacklist and ancestors must be mutually exclusive." L.(die InternalError) "Block list and ancestors must be mutually exclusive."
else else
match if_decl with match if_decl with
| Some (Clang_ast_t.ObjCInterfaceDecl (_, ndi, _, _, _)) -> | Some (Clang_ast_t.ObjCInterfaceDecl (_, ndi, _, _, _)) ->
let in_list some_list = List.mem ~equal:String.equal some_list ndi.Clang_ast_t.ni_name in let in_list some_list = List.mem ~equal:String.equal some_list ndi.Clang_ast_t.ni_name in
(not (in_list blacklist)) (not (in_list block_list))
&& (in_list ancestors || is_objc_if_descendant ~blacklist (get_super_if if_decl) ancestors) && (in_list ancestors || is_objc_if_descendant ~block_list (get_super_if if_decl) ancestors)
| _ -> | _ ->
false false

@ -111,12 +111,13 @@ val get_super_ObjCImplementationDecl :
Clang_ast_t.obj_c_implementation_decl_info -> Clang_ast_t.decl option Clang_ast_t.obj_c_implementation_decl_info -> Clang_ast_t.decl option
(** Given an objc impl decl info, return its super class implementation decl *) (** Given an objc impl decl info, return its super class implementation decl *)
val is_objc_if_descendant : ?blacklist:string list -> Clang_ast_t.decl option -> string list -> bool val is_objc_if_descendant :
?block_list:string list -> Clang_ast_t.decl option -> string list -> bool
(** Recursively go up the inheritance hierarchy of a given ObjCInterfaceDecl. Returns true if the (** Recursively go up the inheritance hierarchy of a given ObjCInterfaceDecl. Returns true if the
passed in decl is an objc interface decl that's an eventual descendant of one of the classes passed in decl is an objc interface decl that's an eventual descendant of one of the classes
passed in. Ancestors param is a list of strings that represent the class names. Will passed in. Ancestors param is a list of strings that represent the class names. Will
short-circuit on NSObject and NSProxy since those are known to be common base classes. The list short-circuit on NSObject and NSProxy since those are known to be common base classes. The list
of classes to short-circuit on can be overridden via specifying the named `blacklist` argument. *) of classes to short-circuit on can be overridden via specifying the named `block_list` argument. *)
val qual_type_to_objc_interface : Clang_ast_t.qual_type -> Clang_ast_t.decl option val qual_type_to_objc_interface : Clang_ast_t.qual_type -> Clang_ast_t.decl option

@ -297,14 +297,16 @@ module CFrontend_decl_funct (T : CModule_type.CTranslation) : CModule_type.CFron
(** Given REVERSED list of method qualifiers (method_name::class_name::rest_quals), return whether (** Given REVERSED list of method qualifiers (method_name::class_name::rest_quals), return whether
method should be translated based on method and class whitelists *) method should be translated based on method and class allow lists *)
let is_whitelisted_cpp_method = let is_allow_listed_cpp_method =
let method_matcher = let method_matcher =
QualifiedCppName.Match.of_fuzzy_qual_names Config.whitelisted_cpp_methods QualifiedCppName.Match.of_fuzzy_qual_names Config.allow_listed_cpp_methods
in
let class_matcher =
QualifiedCppName.Match.of_fuzzy_qual_names Config.allow_listed_cpp_classes
in in
let class_matcher = QualifiedCppName.Match.of_fuzzy_qual_names Config.whitelisted_cpp_classes in
fun qual_name -> fun qual_name ->
(* either the method is explictely whitelisted, or the whole class is whitelisted *) (* either the method is explictely allow listed, or the whole class is allow listed *)
QualifiedCppName.Match.match_qualifiers method_matcher qual_name QualifiedCppName.Match.match_qualifiers method_matcher qual_name
|| ||
match QualifiedCppName.extract_last qual_name with match QualifiedCppName.extract_last qual_name with
@ -325,7 +327,7 @@ module CFrontend_decl_funct (T : CModule_type.CTranslation) : CModule_type.CFron
| CXXConstructorDecl (_, name_info, _, _, _) | CXXConstructorDecl (_, name_info, _, _, _)
| CXXConversionDecl (_, name_info, _, _, _) | CXXConversionDecl (_, name_info, _, _, _)
| CXXDestructorDecl (_, name_info, _, _, _) -> | CXXDestructorDecl (_, name_info, _, _, _) ->
is_whitelisted_cpp_method (CAst_utils.get_qualified_name name_info) is_allow_listed_cpp_method (CAst_utils.get_qualified_name name_info)
| _ -> | _ ->
false false
in in

@ -85,12 +85,12 @@ let should_translate_lib translation_unit source_range decl_trans_context ~trans
|| should_translate translation_unit source_range decl_trans_context ~translate_when_used || should_translate translation_unit source_range decl_trans_context ~translate_when_used
let is_file_blacklisted file = let is_file_block_listed file =
let paths = Config.skip_analysis_in_path in let paths = Config.skip_analysis_in_path in
let is_file_blacklisted = let is_file_block_listed =
List.exists ~f:(fun path -> Str.string_match (Str.regexp ("^.*/" ^ path)) file 0) paths List.exists ~f:(fun path -> Str.string_match (Str.regexp ("^.*/" ^ path)) file 0) paths
in in
is_file_blacklisted is_file_block_listed
let location_of_source_range ?(pick_location = `Start) default_source_file source_range = let location_of_source_range ?(pick_location = `Start) default_source_file source_range =

@ -18,7 +18,7 @@ val should_translate_lib :
val should_do_frontend_check : SourceFile.t -> Clang_ast_t.source_range -> bool val should_do_frontend_check : SourceFile.t -> Clang_ast_t.source_range -> bool
val is_file_blacklisted : string -> bool val is_file_block_listed : string -> bool
val location_of_source_range : val location_of_source_range :
?pick_location:[`Start | `End] -> SourceFile.t -> Clang_ast_t.source_range -> Location.t ?pick_location:[`Start | `End] -> SourceFile.t -> Clang_ast_t.source_range -> Location.t

@ -250,7 +250,7 @@ let is_functional pname =
match (Procname.Java.get_class_name java_pname, Procname.Java.get_method java_pname) with match (Procname.Java.get_class_name java_pname, Procname.Java.get_method java_pname) with
| "android.content.res.Resources", method_name -> | "android.content.res.Resources", method_name ->
(* all methods of Resources are considered @Functional except for the ones in this (* all methods of Resources are considered @Functional except for the ones in this
blacklist *) block list *)
let non_functional_resource_methods = let non_functional_resource_methods =
[ "getAssets" [ "getAssets"
; "getConfiguration" ; "getConfiguration"

@ -186,7 +186,7 @@ detect_dead_code: dune
.PHONY: detect_dead_src_file .PHONY: detect_dead_src_file
detect_dead_src_file: detect_dead_src_file:
function is_in_blacklist { \ function is_in_block_list { \
if [ $$1 = infertop.ml ] \ if [ $$1 = infertop.ml ] \
|| [ $$1 = infertop.mli ] \ || [ $$1 = infertop.mli ] \
|| [ $$1 = deadcode/all_infer_in_one_file.ml ] \ || [ $$1 = deadcode/all_infer_in_one_file.ml ] \
@ -204,28 +204,28 @@ detect_dead_src_file:
\ \
tmp_file=$$(mktemp -t all_ml_files_XXXXX); \ tmp_file=$$(mktemp -t all_ml_files_XXXXX); \
for i in $(ml_src_files) $(ml_src_files_without_mli); do \ for i in $(ml_src_files) $(ml_src_files_without_mli); do \
(is_in_blacklist "$$i") || (echo "$$i" >> "$$tmp_file"); \ (is_in_block_list "$$i") || (echo "$$i" >> "$$tmp_file"); \
done; \ done; \
sort -u "$$tmp_file" > $(ALL_ML_FILES); \ sort -u "$$tmp_file" > $(ALL_ML_FILES); \
rm "$$tmp_file"; \ rm "$$tmp_file"; \
\ \
tmp_file=$$(mktemp -t all_mli_files_XXXXX); \ tmp_file=$$(mktemp -t all_mli_files_XXXXX); \
for i in $(mli_src_files); do \ for i in $(mli_src_files); do \
(is_in_blacklist "$$i") || (echo "$$i" >> "$$tmp_file"); \ (is_in_block_list "$$i") || (echo "$$i" >> "$$tmp_file"); \
done; \ done; \
sort -u "$$tmp_file" > $(ALL_MLI_FILES); \ sort -u "$$tmp_file" > $(ALL_MLI_FILES); \
rm "$$tmp_file"; \ rm "$$tmp_file"; \
\ \
tmp_file=$$(mktemp -t all_ml_files_copied_XXXXX); \ tmp_file=$$(mktemp -t all_ml_files_copied_XXXXX); \
for i in $$(cat $(ALL_ML_FILES_COPIED)); do \ for i in $$(cat $(ALL_ML_FILES_COPIED)); do \
(is_in_blacklist "$$i") || (echo "$$i" >> "$$tmp_file"); \ (is_in_block_list "$$i") || (echo "$$i" >> "$$tmp_file"); \
done; \ done; \
sort -u "$$tmp_file" > $(ALL_ML_FILES_COPIED); \ sort -u "$$tmp_file" > $(ALL_ML_FILES_COPIED); \
rm "$$tmp_file"; \ rm "$$tmp_file"; \
\ \
tmp_file=$$(mktemp -t all_mli_files_copied_XXXXX); \ tmp_file=$$(mktemp -t all_mli_files_copied_XXXXX); \
for i in $$(cat $(ALL_MLI_FILES_COPIED)); do \ for i in $$(cat $(ALL_MLI_FILES_COPIED)); do \
(is_in_blacklist "$$i") || (echo "$$i" >> "$$tmp_file"); \ (is_in_block_list "$$i") || (echo "$$i" >> "$$tmp_file"); \
done; \ done; \
sort -u "$$tmp_file" > $(ALL_MLI_FILES_COPIED); \ sort -u "$$tmp_file" > $(ALL_MLI_FILES_COPIED); \
rm "$$tmp_file" rm "$$tmp_file"

@ -148,10 +148,12 @@ let config =
| None -> | None ->
[] ) [] )
@ @
if List.is_empty Config.buck_blacklist then [] if List.is_empty Config.buck_block_list then []
else else
[ Printf.sprintf "*//infer.blacklist_regex=(%s)" let regex = Printf.sprintf "(%s)" (String.concat ~sep:")|(" Config.buck_block_list) in
(String.concat ~sep:")|(" Config.buck_blacklist) ] (* TODO: The latter option will be removed after buck handles the new option. *)
[ Printf.sprintf "*//infer.block_list_regex=%s" regex
; Printf.sprintf "*//infer.blacklist_regex=%s" regex ]
in in
fun buck_mode -> fun buck_mode ->
let args = let args =
@ -389,11 +391,11 @@ let inline_argument_files buck_args =
let parse_command_and_targets (buck_mode : BuckMode.t) original_buck_args = let parse_command_and_targets (buck_mode : BuckMode.t) original_buck_args =
let expanded_buck_args = inline_argument_files original_buck_args in let expanded_buck_args = inline_argument_files original_buck_args in
let command, args = split_buck_command expanded_buck_args in let command, args = split_buck_command expanded_buck_args in
let buck_targets_blacklist_regexp = let buck_targets_block_list_regexp =
if List.is_empty Config.buck_targets_blacklist then None if List.is_empty Config.buck_targets_block_list then None
else else
Some Some
(Str.regexp ("\\(" ^ String.concat ~sep:"\\)\\|\\(" Config.buck_targets_blacklist ^ "\\)")) (Str.regexp ("\\(" ^ String.concat ~sep:"\\)\\|\\(" Config.buck_targets_block_list ^ "\\)"))
in in
let rec parse_cmd_args parsed_args = function let rec parse_cmd_args parsed_args = function
| [] -> | [] ->
@ -429,7 +431,7 @@ let parse_command_and_targets (buck_mode : BuckMode.t) original_buck_args =
let targets = let targets =
Option.value_map ~default:targets Option.value_map ~default:targets
~f:(fun re -> List.filter ~f:(fun tgt -> not (Str.string_match re tgt 0)) targets) ~f:(fun re -> List.filter ~f:(fun tgt -> not (Str.string_match re tgt 0)) targets)
buck_targets_blacklist_regexp buck_targets_block_list_regexp
in in
ScubaLogging.log_count ~label:"buck_targets" ~value:(List.length targets) ; ScubaLogging.log_count ~label:"buck_targets" ~value:(List.length targets) ;
(command, parsed_args.rev_not_targets', targets) (command, parsed_args.rev_not_targets', targets)
@ -438,7 +440,7 @@ let parse_command_and_targets (buck_mode : BuckMode.t) original_buck_args =
let filter_compatible subcommand args = let filter_compatible subcommand args =
match subcommand with match subcommand with
| `Targets -> | `Targets ->
let blacklist = "--keep-going" in let block_list = "--keep-going" in
List.filter args ~f:(fun arg -> not (String.equal blacklist arg)) List.filter args ~f:(fun arg -> not (String.equal block_list arg))
| _ -> | _ ->
args args

@ -113,12 +113,12 @@ let call_infer_javac_capture ~javac_args =
let capture compiler ~prog ~args = let capture compiler ~prog ~args =
match (compiler, Config.capture_blacklist) with match (compiler, Config.capture_block_list) with
(* Simulates Buck support for compilation commands with no source file *) (* Simulates Buck support for compilation commands with no source file *)
| _ when Config.buck_cache_mode && no_source_file args -> | _ when Config.buck_cache_mode && no_source_file args ->
() ()
| Javac, Some blacklist | Javac, Some block_list
when let re = Str.regexp blacklist in when let re = Str.regexp block_list in
List.exists ~f:(fun arg -> Str.string_match re arg 0) args -> List.exists ~f:(fun arg -> Str.string_match re arg 0) args ->
() ()
| _ -> | _ ->

@ -134,7 +134,7 @@ module ReportableViolation = struct
| Nullability.Nullable -> | Nullability.Nullable ->
Logging.die Logging.InternalError "Passing anything to a nullable param should be allowed" Logging.die Logging.InternalError "Passing anything to a nullable param should be allowed"
| Nullability.ThirdPartyNonnull -> | Nullability.ThirdPartyNonnull ->
(* This is a special case. While for FB codebase we can assume "not annotated hence not nullable" rule for all_whitelisted signatures, (* This is a special case. While for FB codebase we can assume "not annotated hence not nullable" rule for all_allow_listed signatures,
This is not the case for third party functions, which can have different conventions, This is not the case for third party functions, which can have different conventions,
So we can not just say "param is declared as non-nullable" like we say for FB-internal or modelled case: So we can not just say "param is declared as non-nullable" like we say for FB-internal or modelled case:
param can be nullable according to API but it was just not annotated. param can be nullable according to API but it was just not annotated.
@ -243,7 +243,7 @@ module ReportableViolation = struct
let return_description = let return_description =
match explicit_rhs_nullable_kind with match explicit_rhs_nullable_kind with
| ErrorRenderingUtils.UserFriendlyNullable.Null -> | ErrorRenderingUtils.UserFriendlyNullable.Null ->
(* Return `null` in all_whitelisted branches *) (* Return `null` in all_allow_listed branches *)
"`null`" "`null`"
| ErrorRenderingUtils.UserFriendlyNullable.Nullable -> | ErrorRenderingUtils.UserFriendlyNullable.Nullable ->
"a nullable value" "a nullable value"

@ -255,7 +255,7 @@ let call_aux tenv path caller_proc_desc call_loc callee_pname ret actuals callee
Str.string_match regex (Procname.to_string callee_pname) 0 ) Str.string_match regex (Procname.to_string callee_pname) 0 )
in in
if should_keep_at_most_one_disjunct then if should_keep_at_most_one_disjunct then
L.d_printfln "Will keep at most one disjunct because %a is in blacklist" Procname.pp L.d_printfln "Will keep at most one disjunct because %a is in block list" Procname.pp
callee_pname ; callee_pname ;
(* call {!AbductiveDomain.PrePost.apply} on each pre/post pair in the summary. *) (* call {!AbductiveDomain.PrePost.apply} on each pre/post pair in the summary. *)
List.fold ~init:[] exec_states ~f:(fun posts callee_exec_state -> List.fold ~init:[] exec_states ~f:(fun posts callee_exec_state ->

@ -24,6 +24,6 @@ infer-out/report.json: $(CLANG_DEPS) $(SOURCES) $(MAKEFILE_LIST)
$(QUIET)$(BUCK) clean $(QUIET)$(BUCK) clean
$(call silent_on_success,Testing Buck flavors integration,\ $(call silent_on_success,Testing Buck flavors integration,\
$(INFER_BIN) $(INFER_OPTIONS) capture --buck-clang --results-dir $(CURDIR)/infer-out \ $(INFER_BIN) $(INFER_OPTIONS) capture --buck-clang --results-dir $(CURDIR)/infer-out \
@blacklist.txt --buck-blacklist '.*src/hello2\.c' \ @block_list.txt --buck-block-list '.*src/hello2\.c' \
-- $(BUCK) build --no-cache $(BUCK_TARGET) &&\ -- $(BUCK) build --no-cache $(BUCK_TARGET) &&\
$(INFER_BIN) $(INFER_OPTIONS) --merge analyze) $(INFER_BIN) $(INFER_OPTIONS) --merge analyze)

@ -1,2 +1,2 @@
--buck-blacklist --buck-block-list
(.*subhello2.*)|(.*subhello2.*) (.*subhello2.*)|(.*subhello2.*)

@ -11,7 +11,7 @@ TESTS_DIR = ../..
# leads to an error. This weird case can be observed when -index-store-path is # leads to an error. This weird case can be observed when -index-store-path is
# passed in a sequence like the one in CLANG_OPTIONS. # passed in a sequence like the one in CLANG_OPTIONS.
CLANG_OPTIONS = -x c -index-store-path . -c -fsanitize=builtin -fsanitize=address,builtin -bogus=arg CLANG_OPTIONS = -x c -index-store-path . -c -fsanitize=builtin -fsanitize=address,builtin -bogus=arg
INFER_OPTIONS = --report-custom-error --developer-mode --project-root ../codetoanalyze --clang-blacklisted-flags-with-arg -bogus INFER_OPTIONS = --report-custom-error --developer-mode --project-root ../codetoanalyze --clang-block-listed-flags-with-arg -bogus
INFERPRINT_OPTIONS = --issues-tests INFERPRINT_OPTIONS = --issues-tests
SOURCES = ../codetoanalyze/hello.c SOURCES = ../codetoanalyze/hello.c

@ -118,7 +118,7 @@ uint32_t integer_overflow_param_2(uint32_t x) { return x - 1; }
void call_integer_overflow_param_2_Bad() { integer_overflow_param_2(0); } void call_integer_overflow_param_2_Bad() { integer_overflow_param_2(0); }
// "HaSh" (not "hash") is fot checking case-insensitive comparison. // "HaSh" (not "hash") is fot checking case-insensitive comparison.
void whitelisted_HaSh_Good() { void allow_listed_HaSh_Good() {
uint32_t x = -1; uint32_t x = -1;
uint32_t y = x * 8; uint32_t y = x * 8;
} }

@ -18,7 +18,7 @@ DEFINE-CHECKER EXTRA_COPY = {
SET message = "Potentially unnecessary to copy var %name%"; SET message = "Potentially unnecessary to copy var %name%";
SET severity = "WARNING"; SET severity = "WARNING";
SET mode = "ON"; SET mode = "ON";
//SET whitelist_path = { //SET allow_list_path = {
// REGEXP("admarket/.*"), // REGEXP("admarket/.*"),
// REGEXP("multifeed/.*") // REGEXP("multifeed/.*")
//}; //};

@ -1,7 +1,7 @@
{ {
"liveness-ignored-constant" : ["44"], "liveness-ignored-constant" : ["44"],
"liveness-dangerous-classes": [ "liveness-dangerous-classes": [
"dead_stores::BlacklistedStruct" "dead_stores::BlockListedStruct"
], ],
"cxx-scope-guards": [ "cxx-scope-guards": [
"infer::ScopeGuard" "infer::ScopeGuard"

@ -635,25 +635,25 @@ int decltype_read_ok(int x) {
return x + i; return x + i;
} }
// destructor blacklisted for liveness in .inferconfig // destructor block listed for liveness in .inferconfig
struct BlacklistedStruct { struct BlockListedStruct {
~BlacklistedStruct(){}; ~BlockListedStruct(){};
BlacklistedStruct cloneAsValue() const { return BlacklistedStruct(); } BlockListedStruct cloneAsValue() const { return BlockListedStruct(); }
std::unique_ptr<BlacklistedStruct> clone() const { std::unique_ptr<BlockListedStruct> clone() const {
return std::make_unique<BlacklistedStruct>(cloneAsValue()); return std::make_unique<BlockListedStruct>(cloneAsValue());
} }
}; };
void unused_blacklisted_constructed_bad() { auto x = BlacklistedStruct(); } void unused_block_listed_constructed_bad() { auto x = BlockListedStruct(); }
void unused_blacklisted_clone_bad(BlacklistedStruct* something) { void unused_block_listed_clone_bad(BlockListedStruct* something) {
auto x = something->clone(); auto x = something->clone();
} }
void unused_blacklisted_unique_ptr_bad(BlacklistedStruct* something) { void unused_block_listed_unique_ptr_bad(BlockListedStruct* something) {
auto x = std::make_unique<BlacklistedStruct>(*something); auto x = std::make_unique<BlockListedStruct>(*something);
} }
void unused_unique_ptr_good(A* something) { void unused_unique_ptr_good(A* something) {

@ -22,9 +22,9 @@ codetoanalyze/cpp/liveness/dead_stores.cpp, dead_stores::plus_plus2_bad, 2, DEAD
codetoanalyze/cpp/liveness/dead_stores.cpp, dead_stores::plus_plus3_bad, 2, DEAD_STORE, no_bucket, ERROR, [Write of unused value] codetoanalyze/cpp/liveness/dead_stores.cpp, dead_stores::plus_plus3_bad, 2, DEAD_STORE, no_bucket, ERROR, [Write of unused value]
codetoanalyze/cpp/liveness/dead_stores.cpp, dead_stores::reassign_param_bad, 0, DEAD_STORE, no_bucket, ERROR, [Write of unused value] codetoanalyze/cpp/liveness/dead_stores.cpp, dead_stores::reassign_param_bad, 0, DEAD_STORE, no_bucket, ERROR, [Write of unused value]
codetoanalyze/cpp/liveness/dead_stores.cpp, dead_stores::throw_bad, 1, DEAD_STORE, no_bucket, ERROR, [Write of unused value] codetoanalyze/cpp/liveness/dead_stores.cpp, dead_stores::throw_bad, 1, DEAD_STORE, no_bucket, ERROR, [Write of unused value]
codetoanalyze/cpp/liveness/dead_stores.cpp, dead_stores::unused_blacklisted_clone_bad, 1, DEAD_STORE, no_bucket, ERROR, [Write of unused value] codetoanalyze/cpp/liveness/dead_stores.cpp, dead_stores::unused_block_listed_clone_bad, 1, DEAD_STORE, no_bucket, ERROR, [Write of unused value]
codetoanalyze/cpp/liveness/dead_stores.cpp, dead_stores::unused_blacklisted_constructed_bad, 0, DEAD_STORE, no_bucket, ERROR, [Write of unused value] codetoanalyze/cpp/liveness/dead_stores.cpp, dead_stores::unused_block_listed_constructed_bad, 0, DEAD_STORE, no_bucket, ERROR, [Write of unused value]
codetoanalyze/cpp/liveness/dead_stores.cpp, dead_stores::unused_blacklisted_unique_ptr_bad, 1, DEAD_STORE, no_bucket, ERROR, [Write of unused value] codetoanalyze/cpp/liveness/dead_stores.cpp, dead_stores::unused_block_listed_unique_ptr_bad, 1, DEAD_STORE, no_bucket, ERROR, [Write of unused value]
codetoanalyze/cpp/liveness/dead_stores.cpp, dead_stores::unused_tmp_bad, 0, DEAD_STORE, no_bucket, ERROR, [Write of unused value] codetoanalyze/cpp/liveness/dead_stores.cpp, dead_stores::unused_tmp_bad, 0, DEAD_STORE, no_bucket, ERROR, [Write of unused value]
codetoanalyze/cpp/liveness/dead_stores.cpp, dead_stores::use_then_dead_bad, 3, DEAD_STORE, no_bucket, ERROR, [Write of unused value] codetoanalyze/cpp/liveness/dead_stores.cpp, dead_stores::use_then_dead_bad, 3, DEAD_STORE, no_bucket, ERROR, [Write of unused value]
codetoanalyze/cpp/liveness/dead_stores_constexpr.cpp, capture_const_bad, 1, DEAD_STORE, no_bucket, ERROR, [Write of unused value] codetoanalyze/cpp/liveness/dead_stores_constexpr.cpp, capture_const_bad, 1, DEAD_STORE, no_bucket, ERROR, [Write of unused value]

@ -40,13 +40,13 @@ int X::static_pod_accesses_non_pod_bad = access_to_non_pod();
SomeNonPODObject initWithStatic_good = getFunctionStaticNonPOD(); SomeNonPODObject initWithStatic_good = getFunctionStaticNonPOD();
SomeNonPODObject initWithGlobal_bad = getGlobalNonPOD(); SomeNonPODObject initWithGlobal_bad = getGlobalNonPOD();
SomeNonPODObject initWithGlobalWhitelisted_good = getGlobalNonPODWhitelisted(); SomeNonPODObject initWithGlobalAllowListed_good = getGlobalNonPODAllowListed();
SomeNonPODObject initWithGlobalWhitelistedNamespaced_good = SomeNonPODObject initWithGlobalAllowListedNamespaced_good =
whitelisted::getGlobalNonPOD(); allow_listed::getGlobalNonPOD();
SomeNonPODObject initWithGlobalWhitelistedTemplated_good = SomeNonPODObject initWithGlobalAllowListedTemplated_good =
whitelisted::TemplatedObject<int>::getGlobalNonPOD(); allow_listed::TemplatedObject<int>::getGlobalNonPOD();
// not declared constexpr but actually constexpr // not declared constexpr but actually constexpr
extern SomeConstexprObject& getGlobalConstexpr(); extern SomeConstexprObject& getGlobalConstexpr();

@ -43,7 +43,7 @@ SomeConstexprObject& getGlobalConstexpr() {
return SomeConstexprObject::singletonMethod(); return SomeConstexprObject::singletonMethod();
} }
namespace whitelisted { namespace allow_listed {
SomeNonPODObject& getGlobalNonPOD() { SomeNonPODObject& getGlobalNonPOD() {
some_other_global_object2.some_method(); some_other_global_object2.some_method();
@ -58,7 +58,7 @@ SomeNonPODObject& TemplatedObject<T>::getGlobalNonPOD() {
// instantiate template so that infer analyses it // instantiate template so that infer analyses it
template struct TemplatedObject<int>; template struct TemplatedObject<int>;
} // namespace whitelisted } // namespace allow_listed
// initialize static class field // initialize static class field
template <typename T> template <typename T>

@ -60,13 +60,13 @@ int access_to_templated_non_pod();
int access_to_non_pod(); int access_to_non_pod();
SomeNonPODObject& getFunctionStaticNonPOD(); SomeNonPODObject& getFunctionStaticNonPOD();
SomeNonPODObject& getGlobalNonPOD(); SomeNonPODObject& getGlobalNonPOD();
SomeNonPODObject& getGlobalNonPODWhitelisted(); SomeNonPODObject& getGlobalNonPODAllowListed();
namespace whitelisted { namespace allow_listed {
SomeNonPODObject& getGlobalNonPOD(); SomeNonPODObject& getGlobalNonPOD();
template <typename T> template <typename T>
struct TemplatedObject { struct TemplatedObject {
static SomeNonPODObject& getGlobalNonPOD(); static SomeNonPODObject& getGlobalNonPOD();
}; };
} // namespace whitelisted } // namespace allow_listed

@ -11,7 +11,7 @@
"method": "get" "method": "get"
} }
], ],
"report-blacklist-files-containing": [ "report-block-list-files-containing": [
"@generated" "@generated"
], ],
"enable-issue-type": [ "enable-issue-type": [

@ -11,7 +11,7 @@
"method": "get" "method": "get"
} }
], ],
"report-blacklist-files-containing": [ "report-block-list-files-containing": [
"@generated" "@generated"
], ],
"skip-translation": [ "skip-translation": [

@ -229,8 +229,8 @@ public class FieldNotInitialized {
/** /**
* There is a predefined list of classes which have known methods that act like initializers. If a * There is a predefined list of classes which have known methods that act like initializers. If a
* class extends such special class and initializes a field in such whitelisted method, we don't * class extends such special class and initializes a field in such allow listed method, we don't
* require initializing this field in constructor. (NOTE: To do the same in non whitelisted class * require initializing this field in constructor. (NOTE: To do the same in non allow listed class
* one can use @Initializer annotation instead). * one can use @Initializer annotation instead).
*/ */
class TestKnownInitializers { class TestKnownInitializers {

@ -14,7 +14,7 @@ import some.test.pckg.ThirdPartyTestClass;
/** /**
* In this test, we test how Strict mode works for calls of 3rd party libraries, and how detection * In this test, we test how Strict mode works for calls of 3rd party libraries, and how detection
* differs based on if the function is whitelisted or not in 3rd party signatures repository. * differs based on if the function is allow listed or not in 3rd party signatures repository.
*/ */
@NullsafeStrict @NullsafeStrict
public class StrictModeForThirdParty { public class StrictModeForThirdParty {
@ -36,7 +36,7 @@ public class StrictModeForThirdParty {
// Return values. // Return values.
// In strict mode, return values should be pessimistically treated as nullable // In strict mode, return values should be pessimistically treated as nullable
// if the function is unspecified, and treated according to their return annotation if // if the function is unspecified, and treated according to their return annotation if
// the function is whitelisted in the 3rd party repo. // the function is allow listed in the 3rd party repo.
public void dereferenceUnspecifiedIsBAD() { public void dereferenceUnspecifiedIsBAD() {
obj.returnUnspecified().toString(); obj.returnUnspecified().toString();
@ -57,7 +57,7 @@ public class StrictModeForThirdParty {
// Params. // Params.
// In strict mode, params should be pessimistically treated as non-nullable if the function is // In strict mode, params should be pessimistically treated as non-nullable if the function is
// unspecified, // unspecified,
// and treated based on their annotation if the function is whitelisted in the 3rd party repo. // and treated based on their annotation if the function is allow listed in the 3rd party repo.
public void passingNullableParamToUnspecifiedIsBAD() { public void passingNullableParamToUnspecifiedIsBAD() {
obj.paramUnspecified(getNullable()); obj.paramUnspecified(getNullable());
@ -72,7 +72,7 @@ public class StrictModeForThirdParty {
} }
public void passingNullableToParamSpecifiedAsNullableIsOK() { public void passingNullableToParamSpecifiedAsNullableIsOK() {
// first param is explicitly whitelisted as specified as nullable, so everything is OK // first param is explicitly allow listed as specified as nullable, so everything is OK
obj.secondParamSpecifiedAsNonnull(getNullable(), getNonnull()); obj.secondParamSpecifiedAsNonnull(getNullable(), getNonnull());
} }

@ -58,12 +58,12 @@ public class ThirdPartyTestClass {
return ""; return "";
} }
// 3rd party repo whitelists this function as returning non-nullable // 3rd party repo allow lists this function as returning non-nullable
public String returnSpecifiedAsNonnull() { public String returnSpecifiedAsNonnull() {
return ""; return "";
} }
// 3rd party repo whitelists this function as returning nullable // 3rd party repo allow lists this function as returning nullable
public String returnSpecifiedAsNullable() { public String returnSpecifiedAsNullable() {
return ""; return "";
} }

@ -14,7 +14,7 @@ class DoNotReport {
int mFld; int mFld;
// normally we would report this, but we won't because com.racerd.donotreport is blacklisted in // normally we would report this, but we won't because com.racerd.donotreport is block listed in
// .inferconfig // .inferconfig
void obviousRaceBad(int i) { void obviousRaceBad(int i) {
mFld = i; mFld = i;

@ -318,7 +318,7 @@ DEFINE-CHECKER FILTER_BY_PATH_EXAMPLE = {
WHEN declaration_has_name("main") WHEN declaration_has_name("main")
HOLDS-IN-NODE FunctionDecl; HOLDS-IN-NODE FunctionDecl;
SET message = "Found main method"; SET message = "Found main method";
SET whitelist_path = { filtered_files, "A.m" }; SET allow_list_path = { filtered_files, "A.m" };
}; };
DEFINE-CHECKER ALL_PATH_NO_FILTER_EXAMPLE = { DEFINE-CHECKER ALL_PATH_NO_FILTER_EXAMPLE = {
@ -333,24 +333,24 @@ DEFINE-CHECKER FILTER_BY_ALL_PATH_EXAMPLE = {
WHEN declaration_has_name("main") WHEN declaration_has_name("main")
HOLDS-IN-NODE FunctionDecl; HOLDS-IN-NODE FunctionDecl;
SET message = "Found main method"; SET message = "Found main method";
SET whitelist_path = { REGEXP(".*") }; SET allow_list_path = { REGEXP(".*") };
}; };
DEFINE-CHECKER BLACKLIST_PATH_EXAMPLE = { DEFINE-CHECKER BLOCK_LIST_PATH_EXAMPLE = {
SET report_when = SET report_when =
WHEN declaration_has_name("main") WHEN declaration_has_name("main")
HOLDS-IN-NODE FunctionDecl; HOLDS-IN-NODE FunctionDecl;
SET message = "Found main method"; SET message = "Found main method";
SET blacklist_path = { REGEXP("codetoanalyze/objc/linters-for-test-only/filter_by_path/.*") }; SET block_list_path = { REGEXP("codetoanalyze/objc/linters-for-test-only/filter_by_path/.*") };
}; };
DEFINE-CHECKER WHITE_BLACKLIST_PATH_EXAMPLE = { DEFINE-CHECKER ALLOW_BLOCK_LIST_PATH_EXAMPLE = {
SET report_when = SET report_when =
WHEN declaration_has_name("main") WHEN declaration_has_name("main")
HOLDS-IN-NODE FunctionDecl; HOLDS-IN-NODE FunctionDecl;
SET message = "Found main method"; SET message = "Found main method";
SET whitelist_path = { all_files }; SET allow_list_path = { all_files };
SET blacklist_path = { filtered_files }; SET block_list_path = { filtered_files };
SET doc_url = "www.example.com"; SET doc_url = "www.example.com";
}; };

@ -1,7 +1,7 @@
codetoanalyze/objc/linters-for-test-only/CFStringExample.m, main, 22, ALLOW_BLOCK_LIST_PATH_EXAMPLE, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/CFStringExample.m, main, 22, ALL_PATH_NO_FILTER_EXAMPLE, no_bucket, WARNING, [] codetoanalyze/objc/linters-for-test-only/CFStringExample.m, main, 22, ALL_PATH_NO_FILTER_EXAMPLE, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/CFStringExample.m, main, 22, BLACKLIST_PATH_EXAMPLE, no_bucket, WARNING, [] codetoanalyze/objc/linters-for-test-only/CFStringExample.m, main, 22, BLOCK_LIST_PATH_EXAMPLE, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/CFStringExample.m, main, 22, FILTER_BY_ALL_PATH_EXAMPLE, no_bucket, WARNING, [] codetoanalyze/objc/linters-for-test-only/CFStringExample.m, main, 22, FILTER_BY_ALL_PATH_EXAMPLE, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/CFStringExample.m, main, 22, WHITE_BLACKLIST_PATH_EXAMPLE, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/CFStringExample.m, main, 23, CALLS_TO_FUNCTIONS_WITH_CREATE_FUNCTION_PARAMETERS, no_bucket, WARNING, [] codetoanalyze/objc/linters-for-test-only/CFStringExample.m, main, 23, CALLS_TO_FUNCTIONS_WITH_CREATE_FUNCTION_PARAMETERS, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/CFStringExample.m, main, 24, CALLS_TO_FUNCTIONS_WITH_CREATE_FUNCTION_PARAMETERS, no_bucket, WARNING, [] codetoanalyze/objc/linters-for-test-only/CFStringExample.m, main, 24, CALLS_TO_FUNCTIONS_WITH_CREATE_FUNCTION_PARAMETERS, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/CallingAMethodWithSelf.m, CallingAMethodWithSelf.methodThatShallBeOkaySuper, 35, TEST_IS_RECEIVER_SUPER, no_bucket, WARNING, [] codetoanalyze/objc/linters-for-test-only/CallingAMethodWithSelf.m, CallingAMethodWithSelf.methodThatShallBeOkaySuper, 35, TEST_IS_RECEIVER_SUPER, no_bucket, WARNING, []
@ -243,10 +243,10 @@ codetoanalyze/objc/linters-for-test-only/const.m, Linters_dummy_method, 7, CONST
codetoanalyze/objc/linters-for-test-only/const.m, Linters_dummy_method, 7, TEST_VAR_TYPE_CHECK, no_bucket, WARNING, [] codetoanalyze/objc/linters-for-test-only/const.m, Linters_dummy_method, 7, TEST_VAR_TYPE_CHECK, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/const.m, Linters_dummy_method, 8, CONST_NAMING, no_bucket, WARNING, [] codetoanalyze/objc/linters-for-test-only/const.m, Linters_dummy_method, 8, CONST_NAMING, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/const.m, Linters_dummy_method, 9, TEST_VAR_TYPE_CHECK, no_bucket, WARNING, [] codetoanalyze/objc/linters-for-test-only/const.m, Linters_dummy_method, 9, TEST_VAR_TYPE_CHECK, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/const.m, main, 11, ALLOW_BLOCK_LIST_PATH_EXAMPLE, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/const.m, main, 11, ALL_PATH_NO_FILTER_EXAMPLE, no_bucket, WARNING, [] codetoanalyze/objc/linters-for-test-only/const.m, main, 11, ALL_PATH_NO_FILTER_EXAMPLE, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/const.m, main, 11, BLACKLIST_PATH_EXAMPLE, no_bucket, WARNING, [] codetoanalyze/objc/linters-for-test-only/const.m, main, 11, BLOCK_LIST_PATH_EXAMPLE, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/const.m, main, 11, FILTER_BY_ALL_PATH_EXAMPLE, no_bucket, WARNING, [] codetoanalyze/objc/linters-for-test-only/const.m, main, 11, FILTER_BY_ALL_PATH_EXAMPLE, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/const.m, main, 11, WHITE_BLACKLIST_PATH_EXAMPLE, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/enums.m, test, 15, ENUM_CONSTANTS, no_bucket, WARNING, [] codetoanalyze/objc/linters-for-test-only/enums.m, test, 15, ENUM_CONSTANTS, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/enums.m, test, 15, ENUM_CONSTANTS_OF_ENUM, no_bucket, WARNING, [] codetoanalyze/objc/linters-for-test-only/enums.m, test, 15, ENUM_CONSTANTS_OF_ENUM, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/enums.m, test_c_style_enum, 21, ENUM_CONSTANTS, no_bucket, WARNING, [] codetoanalyze/objc/linters-for-test-only/enums.m, test_c_style_enum, 21, ENUM_CONSTANTS, no_bucket, WARNING, []
@ -255,10 +255,10 @@ codetoanalyze/objc/linters-for-test-only/enums.m, test_enum_constant_of_enum, 17
codetoanalyze/objc/linters-for-test-only/filter_by_path/include_file.m, main, 7, ALL_PATH_NO_FILTER_EXAMPLE, no_bucket, WARNING, [] codetoanalyze/objc/linters-for-test-only/filter_by_path/include_file.m, main, 7, ALL_PATH_NO_FILTER_EXAMPLE, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/filter_by_path/include_file.m, main, 7, FILTER_BY_ALL_PATH_EXAMPLE, no_bucket, WARNING, [] codetoanalyze/objc/linters-for-test-only/filter_by_path/include_file.m, main, 7, FILTER_BY_ALL_PATH_EXAMPLE, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/filter_by_path/include_file.m, main, 7, FILTER_BY_PATH_EXAMPLE, no_bucket, WARNING, [] codetoanalyze/objc/linters-for-test-only/filter_by_path/include_file.m, main, 7, FILTER_BY_PATH_EXAMPLE, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/implicit_cast.c, main, 7, ALLOW_BLOCK_LIST_PATH_EXAMPLE, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/implicit_cast.c, main, 7, ALL_PATH_NO_FILTER_EXAMPLE, no_bucket, WARNING, [] codetoanalyze/objc/linters-for-test-only/implicit_cast.c, main, 7, ALL_PATH_NO_FILTER_EXAMPLE, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/implicit_cast.c, main, 7, BLACKLIST_PATH_EXAMPLE, no_bucket, WARNING, [] codetoanalyze/objc/linters-for-test-only/implicit_cast.c, main, 7, BLOCK_LIST_PATH_EXAMPLE, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/implicit_cast.c, main, 7, FILTER_BY_ALL_PATH_EXAMPLE, no_bucket, WARNING, [] codetoanalyze/objc/linters-for-test-only/implicit_cast.c, main, 7, FILTER_BY_ALL_PATH_EXAMPLE, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/implicit_cast.c, main, 7, WHITE_BLACKLIST_PATH_EXAMPLE, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/implicit_cast.c, main, 8, TEST_VAR_TYPE_CHECK, no_bucket, WARNING, [] codetoanalyze/objc/linters-for-test-only/implicit_cast.c, main, 8, TEST_VAR_TYPE_CHECK, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/implicit_cast.c, main, 9, TEST_IMPLICIT_CAST_CHECK, no_bucket, WARNING, [] codetoanalyze/objc/linters-for-test-only/implicit_cast.c, main, 9, TEST_IMPLICIT_CAST_CHECK, no_bucket, WARNING, []
codetoanalyze/objc/linters-for-test-only/implicit_cast.c, main, 9, TEST_VAR_TYPE_CHECK, no_bucket, WARNING, [] codetoanalyze/objc/linters-for-test-only/implicit_cast.c, main, 9, TEST_VAR_TYPE_CHECK, no_bucket, WARNING, []

Loading…
Cancel
Save