=?utf-8?q?Balázs_Kéri?= <balazs.k...@ericsson.com>,
=?utf-8?q?Balázs_Kéri?= <balazs.k...@ericsson.com>,
=?utf-8?q?Balázs_Kéri?= <balazs.k...@ericsson.com>,
=?utf-8?q?Balázs_Kéri?= <balazs.k...@ericsson.com>,
=?utf-8?q?Balázs_Kéri?= <balazs.k...@ericsson.com>,
=?utf-8?q?Balázs_Kéri?= <balazs.k...@ericsson.com>,
=?utf-8?q?Balázs_Kéri?= <balazs.k...@ericsson.com>
Message-ID:
In-Reply-To: <llvm.org/llvm/llvm-project/pull/91...@github.com>
================
@@ -0,0 +1,75 @@
+// RUN: %clang_analyze_cc1 -analyzer-checker=core,security.SetgidSetuidOrder
-analyzer-output=text -verify %s
+
+typedef int uid_t;
+typedef int gid_t;
+
+int setuid(uid_t);
+int setgid(gid_t);
+
+uid_t getuid();
+gid_t getgid();
+
+
+
+void test_note_1() {
+ if (setuid(getuid()) == -1) // expected-note{{Assuming the condition is
false}} \
+ // expected-note{{Taking false branch}}
+ return;
+ if (setuid(getuid()) == -1) // expected-note{{Call to 'setuid' found here
that removes superuser privileges}} \
+ // expected-note{{Assuming the condition is
false}} \
+ // expected-note{{Taking false branch}}
+ return;
+ if (setgid(getgid()) == -1) // expected-warning{{A 'setgid(getgid())' call
following a 'setuid(getuid())' call is likely to fail}} \
+ // expected-note{{A 'setgid(getgid())' call
following a 'setuid(getuid())' call is likely to fail}}
+ return;
+}
+
+void test_note_2() {
+ if (setuid(getuid()) == -1) // expected-note{{Call to 'setuid' found here
that removes superuser privileges}} \
+ // expected-note{{Assuming the condition is
false}} \
+ // expected-note{{Taking false branch}} \
+ // expected-note{{Assuming the condition is
false}} \
+ // expected-note{{Taking false branch}}
----------------
steakhal wrote:
```suggestion
// expected-note 2 {{Assuming the condition is
false}} \
// expected-note 2 {{Taking false branch}}
```
https://github.com/llvm/llvm-project/pull/91445
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
