@@ -938,6 +938,53 @@ optin.portability.UnixAPI
"
Finds implementation-defined behavior in UNIX/Posix functions.
+.. _optin-taint-TaintedAlloc:
+
+optin.taint.TaintedAlloc (C, C++)
+"""
steakhal wrote:
```sug
steakhal wrote:
Checkout the new implementation and the added "weird" fread tests.
FYI unfortunately our store interferes a bit, as you will see in the last test
(`test_unaligned_start_read`) when the store does not purge the previous
binding when we have an overlapping write to the store.
Cons
@@ -937,8 +990,21 @@ void StreamChecker::evalFreadFwrite(const FnDescription
*Desc,
// At read, invalidate the buffer in any case of error or success,
// except if EOF was already present.
- if (IsFread && !E.isStreamEof())
-State = escapeArgs(State, C, Call, {0});
+
@@ -717,18 +717,71 @@ const ExplodedNode
*StreamChecker::getAcquisitionSite(const ExplodedNode *N,
return nullptr;
}
+/// Invalidate only the requested elements instead of the whole buffer.
+/// This is basically a refinement of the more generic 'escapeArgs' or
+/// the pla
https://github.com/steakhal updated
https://github.com/llvm/llvm-project/pull/93408
>From f9e841ddaa865d529c806b2d115d5ddbc7109243 Mon Sep 17 00:00:00 2001
From: Balazs Benics
Date: Sun, 26 May 2024 11:40:01 +0200
Subject: [PATCH 1/8] [analyzer] Refine invalidation caused by `fread`
This chang
steakhal wrote:
Fixed most NFC typos and suggestions.
Let's continue the discussion.
https://github.com/llvm/llvm-project/pull/93408
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/steakhal updated
https://github.com/llvm/llvm-project/pull/93408
>From f9e841ddaa865d529c806b2d115d5ddbc7109243 Mon Sep 17 00:00:00 2001
From: Balazs Benics
Date: Sun, 26 May 2024 11:40:01 +0200
Subject: [PATCH 1/6] [analyzer] Refine invalidation caused by `fread`
This chang
@@ -717,18 +717,71 @@ const ExplodedNode
*StreamChecker::getAcquisitionSite(const ExplodedNode *N,
return nullptr;
}
+/// Invalidate only the requested elements instead of the whole buffer.
+/// This is basically a refinement of the more generic 'escapeArgs' or
+/// the pla
@@ -937,8 +990,21 @@ void StreamChecker::evalFreadFwrite(const FnDescription
*Desc,
// At read, invalidate the buffer in any case of error or success,
// except if EOF was already present.
- if (IsFread && !E.isStreamEof())
-State = escapeArgs(State, C, Call, {0});
+
Endre =?utf-8?q?F=C3=BCl=C3=B6p?=
Message-ID:
In-Reply-To:
https://github.com/steakhal approved this pull request.
https://github.com/llvm/llvm-project/pull/93815
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin
=?utf-8?q?Bal=C3=A1zs_K=C3=A9ri?=
Message-ID:
In-Reply-To:
https://github.com/steakhal approved this pull request.
https://github.com/llvm/llvm-project/pull/93980
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin
=?utf-8?q?Balázs_Kéri?=
Message-ID:
In-Reply-To:
https://github.com/steakhal edited
https://github.com/llvm/llvm-project/pull/93980
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?=
Message-ID:
In-Reply-To:
@@ -0,0 +1,74 @@
+// RUN: %clang_analyze_cc1 -analyzer-checker=alpha.core.PointerSub -verify %s
+
+void f1(void) {
+ int x, y, z[10];
+ int d = &y - &x; // expected-warning{{Subtraction of two pointers
@@ -1179,6 +1179,41 @@ security.insecureAPI.DeprecatedOrUnsafeBufferHandling (C)
strncpy(buf, "a", 1); // warn
}
+.. _security-putenv-stack-array:
+
+security.PutenvStackArray (C)
+"
+Finds calls to the ``putenv`` function which pass a pointer t
https://github.com/steakhal edited
https://github.com/llvm/llvm-project/pull/93980
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
@@ -1179,6 +1179,41 @@ security.insecureAPI.DeprecatedOrUnsafeBufferHandling (C)
strncpy(buf, "a", 1); // warn
}
+.. _security-putenv-stack-array:
+
+security.PutenvStackArray (C)
+"
+Finds calls to the ``putenv`` function which pass a pointer t
https://github.com/steakhal commented:
I have only a handful of remarks. LGTM otherwise.
https://github.com/llvm/llvm-project/pull/93980
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
@@ -1235,6 +1235,49 @@ Check calls to various UNIX/Posix functions: ``open,
pthread_once, calloc, mallo
.. literalinclude:: checkers/unix_api_example.c
:language: c
+.. _unix-BlockInCriticalSection:
+
+unix.BlockInCriticalSection (C)
+"
@@ -1235,6 +1235,49 @@ Check calls to various UNIX/Posix functions: ``open,
pthread_once, calloc, mallo
.. literalinclude:: checkers/unix_api_example.c
:language: c
+.. _unix-BlockInCriticalSection:
+
+unix.BlockInCriticalSection (C)
+"
@@ -1235,6 +1235,49 @@ Check calls to various UNIX/Posix functions: ``open,
pthread_once, calloc, mallo
.. literalinclude:: checkers/unix_api_example.c
:language: c
+.. _unix-BlockInCriticalSection:
+
+unix.BlockInCriticalSection (C)
+"
https://github.com/steakhal approved this pull request.
LGTM. Minor typos/doc suggestions.
https://github.com/llvm/llvm-project/pull/93815
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commi
@@ -1235,6 +1235,49 @@ Check calls to various UNIX/Posix functions: ``open,
pthread_once, calloc, mallo
.. literalinclude:: checkers/unix_api_example.c
:language: c
+.. _unix-BlockInCriticalSection:
+
+unix.BlockInCriticalSection (C)
+"
https://github.com/steakhal edited
https://github.com/llvm/llvm-project/pull/93815
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/steakhal edited
https://github.com/llvm/llvm-project/pull/93815
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/steakhal closed
https://github.com/llvm/llvm-project/pull/94038
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/steakhal edited
https://github.com/llvm/llvm-project/pull/94038
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/steakhal approved this pull request.
I'm not sure if llvm follows PEP8, but the change looks good regardless.
https://github.com/llvm/llvm-project/pull/94038
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.
https://github.com/steakhal approved this pull request.
https://github.com/llvm/llvm-project/pull/93812
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
@@ -938,6 +938,53 @@ optin.portability.UnixAPI
"
Finds implementation-defined behavior in UNIX/Posix functions.
+.. _optin-taint-TaintAlloc:
+
+optin.taint.TaintAlloc (C, C++)
+"""
+
+This checker warns for cases when the ``s
@@ -1695,6 +1707,12 @@ MallocChecker::processNewAllocation(const
CXXAllocatorCall &Call,
// MallocUpdateRefState() instead of MallocMemAux() which breaks the
// existing binding.
SVal Target = Call.getObjectUnderConstruction();
+ if (Call.getOriginExpr()->isArray()) {
+
@@ -938,6 +938,53 @@ optin.portability.UnixAPI
"
Finds implementation-defined behavior in UNIX/Posix functions.
+.. _optin-taint-TaintAlloc:
+
+optin.taint.TaintAlloc (C, C++)
steakhal wrote:
I was thinking of suggesting `TaintedAlloc`
@@ -1730,6 +1721,21 @@ def UnixAPIPortabilityChecker : Checker<"UnixAPI">,
} // end optin.portability
+
+//===--===//
+// Taint checkers.
+//===
https://github.com/steakhal edited
https://github.com/llvm/llvm-project/pull/92420
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/steakhal approved this pull request.
I join Donát, and I agree that this looks good as it is.
I had a handful of final remarks but I have no strong opinion on any of the
raised points.
Merge this, once you considered them and took action if you agreed.
https://github.com/llvm
https://github.com/steakhal commented:
I'd say it looks pretty good. Objectively speaking it improves the TP rate.
I have compared these reports against the constant interpreters of clang and
gcc to see if in constexpr context which of these expression would trigger "UB"
there.
I found I think
@@ -0,0 +1,74 @@
+// RUN: %clang_analyze_cc1 -analyzer-checker=alpha.core.PointerSub -verify %s
+
+void f1(void) {
+ int x, y, z[10];
+ int d = &y - &x; // expected-warning{{Subtraction of two pointers that do
not point into the same array is undefined behavior}}
+ d = z - &y;
@@ -0,0 +1,74 @@
+// RUN: %clang_analyze_cc1 -analyzer-checker=alpha.core.PointerSub -verify %s
+
+void f1(void) {
+ int x, y, z[10];
+ int d = &y - &x; // expected-warning{{Subtraction of two pointers that do
not point into the same array is undefined behavior}}
+ d = z - &y;
https://github.com/steakhal edited
https://github.com/llvm/llvm-project/pull/93676
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
steakhal wrote:
> I'll port this patch downstream to see how this would behave on the Juliet
> C++ benchmark or on some real-world code.
Ah nvm. llvm/main diverged quite a bit since 18.1.6. I can't just pick this
one. Given this, I won't backport and test this PR.
https://github.com/llvm/llvm
https://github.com/steakhal commented:
The patch makes sense to me.
Have you considered applying the same heuristic to C++ array new allocations?
I'll port this patch downstream to see how this would behave on the Juliet C++
benchmark or on some real-world code.
https://github.com/llvm/llvm-pr
https://github.com/steakhal approved this pull request.
LGTM
https://github.com/llvm/llvm-project/pull/93299
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/steakhal edited
https://github.com/llvm/llvm-project/pull/93408
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/steakhal created
https://github.com/llvm/llvm-project/pull/93408
This change enables more accurate modeling of the write effects of `fread`. In
particular, instead of invalidating the whole buffer, in a best-effort basis,
we would try to invalidate the actually accesses elem
https://github.com/steakhal approved this pull request.
LGTM, thanks!
https://github.com/llvm/llvm-project/pull/91879
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/steakhal created
https://github.com/llvm/llvm-project/pull/93203
Fixes #79684
>From ef65ed8c193c43c1914dc39bf1cd48da83872fc5 Mon Sep 17 00:00:00 2001
From: Balazs Benics
Date: Thu, 23 May 2024 10:56:33 +0200
Subject: [PATCH] [analyzer][NFC] Use ArrayRef for input parameters
https://github.com/steakhal closed
https://github.com/llvm/llvm-project/pull/92654
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/steakhal updated
https://github.com/llvm/llvm-project/pull/92654
>From 3f3c98a55a6d89ddb05085c41d1fffad331595ce Mon Sep 17 00:00:00 2001
From: Alejandro _lvarez Ayll_n
Date: Sat, 18 May 2024 16:53:33 +0200
Subject: [PATCH] [clang][AST] Fix end location of DeclarationNameInfo
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?=
Message-ID:
In-Reply-To:
steakhal wrote:
Make sure you adjust/sync the commit title, content and the PR title before
merging.
https://github.com/llvm/llvm-project/pull/92424
___
cfe-commits mailing
steakhal wrote:
> nit: add a note in `clang/docs/ReleaseNotes.rst`
Thanks. Added. Let me know if it's in the right section. @hokein
https://github.com/llvm/llvm-project/pull/92654
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.l
https://github.com/steakhal updated
https://github.com/llvm/llvm-project/pull/92654
>From 58ca4d9be1dbc43ad40b6e26b8a5d79e20be8d93 Mon Sep 17 00:00:00 2001
From: Alejandro _lvarez Ayll_n
Date: Sat, 18 May 2024 16:53:33 +0200
Subject: [PATCH 1/2] [clang][AST] Fix end location of DeclarationNameI
https://github.com/steakhal created
https://github.com/llvm/llvm-project/pull/92654
Fixes #71161
[D64087](https://reviews.llvm.org/D64087) updated some locations of the
instantiated method but forgot `DNLoc`.
`FunctionDecl::getNameInfo()` constructs a `DeclarationNameInfo` using
`Decl::Loc`
=?utf-8?q?Bal=C3=A1zs_K=C3=A9ri?=
Message-ID:
In-Reply-To:
https://github.com/steakhal approved this pull request.
https://github.com/llvm/llvm-project/pull/92424
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin
=?utf-8?q?Balázs_Kéri?=
Message-ID:
In-Reply-To:
https://github.com/steakhal edited
https://github.com/llvm/llvm-project/pull/92424
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
=?utf-8?q?Balázs_Kéri?=
Message-ID:
In-Reply-To:
@@ -2792,6 +2792,31 @@ Warn on mmap() calls that are both writable and
executable.
// code
}
+.. _alpha-security-putenv-stack-array:
+
+alpha.security.PutenvStackArray
+"""
-
=?utf-8?q?Balázs_Kéri?=
Message-ID:
In-Reply-To:
@@ -2792,6 +2792,31 @@ Warn on mmap() calls that are both writable and
executable.
// code
}
+.. _alpha-security-putenv-stack-array:
+
+alpha.security.PutenvStackArray
+"""
+Finds calls
@@ -1179,6 +1179,54 @@ security.insecureAPI.DeprecatedOrUnsafeBufferHandling (C)
strncpy(buf, "a", 1); // warn
}
+.. _security-putenv-with-auto:
+
+security.PutenvWithAuto
+"""
+Finds calls to the ``putenv`` function which pass a pointer to an automatic
steakhal wrote:
> The "cert" package looks not useful and the checker has not a meaningful name
> with the old naming scheme.
> Additionally tests and documentation is updated.
> The checker looks good enough to be moved into non-alpha package.
Personally, I prefer reviewing content changes sep
https://github.com/steakhal edited
https://github.com/llvm/llvm-project/pull/92424
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
@@ -1273,6 +1273,41 @@ Check for memory leaks, double free, and use-after-free
problems. Traces memory
.. literalinclude:: checkers/unix_malloc_example.c
:language: c
+If the ``alpha.security.taint.TaintPropagation`` checker is enabled, the
checker
+warns for cases when
@@ -1779,18 +1790,79 @@ ProgramStateRef
MallocChecker::MallocMemAux(CheckerContext &C,
const CallEvent &Call,
const Expr *SizeEx, SVal Init,
Prog
@@ -48,6 +49,45 @@ void myfoo(int *p);
void myfooint(int p);
char *fooRetPtr(void);
+void t1(void) {
+ size_t size;
+ scanf("%zu", &size);
+ int *p = malloc(size); // expected-warning{{malloc is called with a tainted
(potentially attacker controlled) value}}
+ free(p);
+}
@@ -1779,18 +1790,79 @@ ProgramStateRef
MallocChecker::MallocMemAux(CheckerContext &C,
const CallEvent &Call,
const Expr *SizeEx, SVal Init,
Prog
https://github.com/steakhal edited
https://github.com/llvm/llvm-project/pull/92420
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
@@ -1273,6 +1273,41 @@ Check for memory leaks, double free, and use-after-free
problems. Traces memory
.. literalinclude:: checkers/unix_malloc_example.c
:language: c
+If the ``alpha.security.taint.TaintPropagation`` checker is enabled, the
checker
+warns for cases when
@@ -48,6 +49,45 @@ void myfoo(int *p);
void myfooint(int p);
char *fooRetPtr(void);
+void t1(void) {
+ size_t size;
+ scanf("%zu", &size);
+ int *p = malloc(size); // expected-warning{{malloc is called with a tainted
(potentially attacker controlled) value}}
+ free(p);
+}
https://github.com/steakhal commented:
The patch makes sense to me.
I'll not repeat the existing comments, they raise relevant concerns.
It would be nice to extend some test case with a tainted malloc to see how
those note tags play out from the generic taint checker in this context. For
this,
=?utf-8?q?Don=C3=A1t?= Nagy
Message-ID:
In-Reply-To:
https://github.com/steakhal approved this pull request.
https://github.com/llvm/llvm-project/pull/92454
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailm
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?=
Message-ID:
In-Reply-To:
@@ -0,0 +1,75 @@
+// RUN: %clang_analyze_cc1 -analyzer-checker=core,secur
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?=
Message-ID:
In-Reply-To:
https://github.com/steakhal edited
https://github.com/llvm/llvm-project/pull/91445
__
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?=
Message-ID:
In-Reply-To:
https://github.com/steakhal approved this pull request.
LGTM now, modulo the license conc
https://github.com/steakhal closed
https://github.com/llvm/llvm-project/pull/92266
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?=
Message-ID:
In-Reply-To:
@@ -0,0 +1,197 @@
+//===-- SetgidSetuidOrderChecker.cpp - check privilege revocation calls
---===/
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?=
Message-ID:
In-Reply-To:
@@ -0,0 +1,197 @@
+//===-- SetgidSetuidOrderChecker.cpp - check privilege revocation calls
---===/
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?=
Message-ID:
In-Reply-To:
https://github.com/steakhal requested changes to this pull request.
NoteTags, yeey.
Please add tests for the Notes
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?=
Message-ID:
In-Reply-To:
https://github.com/steakhal edited
https://github.com/llvm/llvm-project/pull/91445
https://github.com/steakhal updated
https://github.com/llvm/llvm-project/pull/92266
>From eeb24ddbf261fd7667dd05feee14637bc379d182 Mon Sep 17 00:00:00 2001
From: Arseniy Zaostrovnykh
Date: Wed, 15 May 2024 16:02:07 +0200
Subject: [PATCH] Fix CXXNewExpr end source location for 'new struct S'
--
https://github.com/steakhal edited
https://github.com/llvm/llvm-project/pull/92266
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
Endre =?utf-8?q?Fülöp?= ,Balazs
Benics
Message-ID:
In-Reply-To:
https://github.com/steakhal closed
https://github.com/llvm/llvm-project/pull/90030
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinf
Endre =?utf-8?q?Fülöp?= ,Balazs
Benics
Message-ID:
In-Reply-To:
https://github.com/steakhal updated
https://github.com/llvm/llvm-project/pull/90030
>From af05be993f4789705cde374dbf7efefd9a18f1c4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Endre=20F=C3=BCl=C3=B6p?=
Date: Tue, 9 Apr 2024 10:44:4
Endre =?utf-8?q?Fülöp?=
Message-ID:
In-Reply-To:
@@ -14,6 +14,7 @@
//
//===--===//
+#include "clang/Analysis/AnalysisDeclContext.h"
steakhal wrote:
```suggestion
```
You can probably drop
Endre =?utf-8?q?F=C3=BCl=C3=B6p?=
Message-ID:
In-Reply-To:
https://github.com/steakhal approved this pull request.
LGTM, thanks!
https://github.com/llvm/llvm-project/pull/90030
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.ll
Endre =?utf-8?q?Fülöp?=
Message-ID:
In-Reply-To:
https://github.com/steakhal edited
https://github.com/llvm/llvm-project/pull/90030
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
@@ -103,9 +104,10 @@ class RAIIMutexDescriptor {
// this function is called instead of early returning it. To avoid this,
a
// bool variable (IdentifierInfoInitialized) is used and the function
will
// be run only once.
- Guard = &Call.getCalleeAnalysis
https://github.com/steakhal edited
https://github.com/llvm/llvm-project/pull/90030
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/steakhal requested changes to this pull request.
Now the change makes sense. I disagree with the fix though, see inline.
https://github.com/llvm/llvm-project/pull/90030
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://
https://github.com/steakhal edited
https://github.com/llvm/llvm-project/pull/90030
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
=?utf-8?q?Don=C3=A1t?= Nagy ,
=?utf-8?q?Don=C3=A1t?= Nagy ,
=?utf-8?q?Don=C3=A1t?= Nagy ,
=?utf-8?q?Don=C3=A1t?= Nagy ,
=?utf-8?q?Don=C3=A1t?= Nagy
Message-ID:
In-Reply-To:
https://github.com/steakhal approved this pull request.
https://github.com/llvm/llvm-project/pull/91531
@@ -572,196 +570,236 @@ void GenericTaintChecker::initTaintRules(CheckerContext
&C) const {
std::vector>;
using TR = GenericTaintRule;
- const Builtin::Context &BI = C.getASTContext().BuiltinInfo;
-
RulesConstructionTy GlobalCRules{
// Sources
- {{{"fd
@@ -400,17 +400,14 @@ class GenericTaintChecker : public
Checker {
void taintUnsafeSocketProtocol(const CallEvent &Call,
CheckerContext &C) const;
- /// Default taint rules are initalized with the help of a CheckerContext to
- /// access t
https://github.com/steakhal approved this pull request.
LGTM.
I haven't checked absolutely everything, rather sampled.
It looked correct, and free of copy-paste mistakes.
https://github.com/llvm/llvm-project/pull/91635
___
cfe-commits mailing list
cfe-
https://github.com/steakhal edited
https://github.com/llvm/llvm-project/pull/91635
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?=
Message-ID:
In-Reply-To:
https://github.com/steakhal edited
https://github.com/llvm/llvm-project/pull/91445
___
cfe-commit
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?=
Message-ID:
In-Reply-To:
@@ -0,0 +1,196 @@
+//===-- SetgidSetuidOrderChecker.cpp - check privilege revocation calls
---===//
+//
+// Part of the LLVM
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?=
Message-ID:
In-Reply-To:
@@ -1179,6 +1179,34 @@ security.insecureAPI.DeprecatedOrUnsafeBufferHandling (C)
strncpy(buf, "a", 1); // warn
}
+sec
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?=
Message-ID:
In-Reply-To:
https://github.com/steakhal approved this pull request.
I think this looks good now.
I think to really reach the full potential of this check
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?=
Message-ID:
In-Reply-To:
@@ -1011,6 +1011,11 @@ def FloatLoopCounter : Checker<"FloatLoopCounter">,
Dependencies<[SecuritySyntaxChecker]>,
Docum
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?=
Message-ID:
In-Reply-To:
@@ -30,23 +30,20 @@ enum SetPrivilegeFunctionKind { Irrelevant, Setuid, Setgid
};
class SetgidSetuidOrderChecker
: p
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?= ,
=?utf-8?q?Balázs_Kéri?=
Message-ID:
In-Reply-To:
https://github.com/steakhal edited
https://github.com/llvm/llvm-project/pull/91445
___
cfe-commit
=?utf-8?q?Donát?= Nagy ,
=?utf-8?q?Donát?= Nagy ,
=?utf-8?q?Donát?= Nagy ,
=?utf-8?q?Donát?= Nagy
Message-ID:
In-Reply-To:
@@ -136,53 +100,49 @@ void ErrnoModeling::checkBeginFunction(CheckerContext &C)
const {
ASTContext &ACtx = C.getASTContext();
ProgramStateRef State
=?utf-8?q?Donát?= Nagy ,
=?utf-8?q?Donát?= Nagy ,
=?utf-8?q?Donát?= Nagy ,
=?utf-8?q?Donát?= Nagy
Message-ID:
In-Reply-To:
@@ -136,53 +100,49 @@ void ErrnoModeling::checkBeginFunction(CheckerContext &C)
const {
ASTContext &ACtx = C.getASTContext();
ProgramStateRef State
401 - 500 of 1454 matches
Mail list logo