[PATCH] D59812: [analyzer] PR41185: Fix regression where __builtin_* functions weren't recognized
This revision was automatically updated to reflect the committed changes. Closed by commit rL358609: [analyzer] PR41185: Fix regression where __builtin_* functions werent… (authored by Szelethus, committed by ). Herald added a project: LLVM. Herald added a subscriber: llvm-commits. Changed prior to commit: https://reviews.llvm.org/D59812?vs=195619=195622#toc Repository: rL LLVM CHANGES SINCE LAST ACTION https://reviews.llvm.org/D59812/new/ https://reviews.llvm.org/D59812 Files: cfe/trunk/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp cfe/trunk/test/Analysis/security-syntax-checks-no-emit.c cfe/trunk/test/Analysis/security-syntax-checks.c cfe/trunk/test/Analysis/security-syntax-checks.m Index: cfe/trunk/test/Analysis/security-syntax-checks-no-emit.c === --- cfe/trunk/test/Analysis/security-syntax-checks-no-emit.c +++ cfe/trunk/test/Analysis/security-syntax-checks-no-emit.c @@ -1,4 +1,7 @@ -// RUN: %clang_analyze_cc1 -triple i686-pc-linux-gnu -analyzer-checker=security.insecureAPI,security.FloatLoopCounter %s -verify +// RUN: %clang_analyze_cc1 -triple i686-pc-linux-gnu %s -verify \ +// RUN: -analyzer-checker=security.insecureAPI \ +// RUN: -analyzer-checker=security.FloatLoopCounter + // expected-no-diagnostics // This file complements 'security-syntax-checks.m', but tests that we omit Index: cfe/trunk/test/Analysis/security-syntax-checks.m === --- cfe/trunk/test/Analysis/security-syntax-checks.m +++ cfe/trunk/test/Analysis/security-syntax-checks.m @@ -1,11 +1,40 @@ -// RUN: %clang_analyze_cc1 -triple i386-apple-darwin10 -analyzer-checker=security.insecureAPI,security.FloatLoopCounter %s -verify -// RUN: %clang_analyze_cc1 -triple i386-apple-darwin10 -DUSE_BUILTINS -analyzer-checker=security.insecureAPI,security.FloatLoopCounter %s -verify -// RUN: %clang_analyze_cc1 -triple i386-apple-darwin10 -DVARIANT -analyzer-checker=security.insecureAPI,security.FloatLoopCounter %s -verify -// RUN: %clang_analyze_cc1 -triple i386-apple-darwin10 -DUSE_BUILTINS -DVARIANT -analyzer-checker=security.insecureAPI,security.FloatLoopCounter %s -verify -// RUN: %clang_analyze_cc1 -triple x86_64-unknown-cloudabi -analyzer-checker=security.insecureAPI,security.FloatLoopCounter %s -verify -// RUN: %clang_analyze_cc1 -triple x86_64-unknown-cloudabi -DUSE_BUILTINS -analyzer-checker=security.insecureAPI,security.FloatLoopCounter %s -verify -// RUN: %clang_analyze_cc1 -triple x86_64-unknown-cloudabi -DVARIANT -analyzer-checker=security.insecureAPI,security.FloatLoopCounter %s -verify -// RUN: %clang_analyze_cc1 -triple x86_64-unknown-cloudabi -DUSE_BUILTINS -DVARIANT -analyzer-checker=security.insecureAPI,security.FloatLoopCounter %s -verify +// RUN: %clang_analyze_cc1 -triple i386-apple-darwin10 %s -verify \ +// RUN: -analyzer-checker=security.insecureAPI \ +// RUN: -analyzer-checker=security.FloatLoopCounter + +// RUN: %clang_analyze_cc1 -triple i386-apple-darwin10 %s -verify \ +// RUN: -DUSE_BUILTINS \ +// RUN: -analyzer-checker=security.insecureAPI \ +// RUN: -analyzer-checker=security.FloatLoopCounter + +// RUN: %clang_analyze_cc1 -triple i386-apple-darwin10 %s -verify \ +// RUN: -DVARIANT \ +// RUN: -analyzer-checker=security.insecureAPI \ +// RUN: -analyzer-checker=security.FloatLoopCounter + +// RUN: %clang_analyze_cc1 -triple i386-apple-darwin10 %s -verify \ +// RUN: -DUSE_BUILTINS -DVARIANT \ +// RUN: -analyzer-checker=security.insecureAPI \ +// RUN: -analyzer-checker=security.FloatLoopCounter + +// RUN: %clang_analyze_cc1 -triple x86_64-unknown-cloudabi %s -verify \ +// RUN: -analyzer-checker=security.insecureAPI \ +// RUN: -analyzer-checker=security.FloatLoopCounter + +// RUN: %clang_analyze_cc1 -triple x86_64-unknown-cloudabi %s -verify \ +// RUN: -DUSE_BUILTINS \ +// RUN: -analyzer-checker=security.insecureAPI \ +// RUN: -analyzer-checker=security.FloatLoopCounter + +// RUN: %clang_analyze_cc1 -triple x86_64-unknown-cloudabi %s -verify \ +// RUN: -DVARIANT \ +// RUN: -analyzer-checker=security.insecureAPI \ +// RUN: -analyzer-checker=security.FloatLoopCounter + +// RUN: %clang_analyze_cc1 -triple x86_64-unknown-cloudabi %s -verify \ +// RUN: -DUSE_BUILTINS -DVARIANT \ +// RUN: -analyzer-checker=security.insecureAPI \ +// RUN: -analyzer-checker=security.FloatLoopCounter #ifdef USE_BUILTINS # define BUILTIN(f) __builtin_ ## f Index: cfe/trunk/test/Analysis/security-syntax-checks.c === --- cfe/trunk/test/Analysis/security-syntax-checks.c +++ cfe/trunk/test/Analysis/security-syntax-checks.c @@ -0,0 +1,8 @@ +// RUN: %clang_analyze_cc1 %s -verify \ +// RUN: -analyzer-checker=security.insecureAPI + +void builtin_function_call_crash_fixes(char *c) { + __builtin_strncpy(c, "", 6); // expected-warning{{Call to function 'strncpy' is insecure
[PATCH] D59812: [analyzer] PR41185: Fix regression where __builtin_* functions weren't recognized
alexfh accepted this revision. alexfh added a comment. This revision is now accepted and ready to land. Awesome, thanks! LG CHANGES SINCE LAST ACTION https://reviews.llvm.org/D59812/new/ https://reviews.llvm.org/D59812 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D59812: [analyzer] PR41185: Fix regression where __builtin_* functions weren't recognized
Szelethus updated this revision to Diff 195619. Szelethus edited the summary of this revision. Szelethus added a comment. Uhh, sorry for the spam. Realized that these are not path sensitive checkers. Removed the core packages from the invocations. Actual logic of the patch is untouched. CHANGES SINCE LAST ACTION https://reviews.llvm.org/D59812/new/ https://reviews.llvm.org/D59812 Files: lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp test/Analysis/security-syntax-checks-no-emit.c test/Analysis/security-syntax-checks.c test/Analysis/security-syntax-checks.m Index: test/Analysis/security-syntax-checks.m === --- test/Analysis/security-syntax-checks.m +++ test/Analysis/security-syntax-checks.m @@ -1,11 +1,40 @@ -// RUN: %clang_analyze_cc1 -triple i386-apple-darwin10 -analyzer-checker=security.insecureAPI,security.FloatLoopCounter %s -verify -// RUN: %clang_analyze_cc1 -triple i386-apple-darwin10 -DUSE_BUILTINS -analyzer-checker=security.insecureAPI,security.FloatLoopCounter %s -verify -// RUN: %clang_analyze_cc1 -triple i386-apple-darwin10 -DVARIANT -analyzer-checker=security.insecureAPI,security.FloatLoopCounter %s -verify -// RUN: %clang_analyze_cc1 -triple i386-apple-darwin10 -DUSE_BUILTINS -DVARIANT -analyzer-checker=security.insecureAPI,security.FloatLoopCounter %s -verify -// RUN: %clang_analyze_cc1 -triple x86_64-unknown-cloudabi -analyzer-checker=security.insecureAPI,security.FloatLoopCounter %s -verify -// RUN: %clang_analyze_cc1 -triple x86_64-unknown-cloudabi -DUSE_BUILTINS -analyzer-checker=security.insecureAPI,security.FloatLoopCounter %s -verify -// RUN: %clang_analyze_cc1 -triple x86_64-unknown-cloudabi -DVARIANT -analyzer-checker=security.insecureAPI,security.FloatLoopCounter %s -verify -// RUN: %clang_analyze_cc1 -triple x86_64-unknown-cloudabi -DUSE_BUILTINS -DVARIANT -analyzer-checker=security.insecureAPI,security.FloatLoopCounter %s -verify +// RUN: %clang_analyze_cc1 -triple i386-apple-darwin10 %s -verify \ +// RUN: -analyzer-checker=security.insecureAPI \ +// RUN: -analyzer-checker=security.FloatLoopCounter + +// RUN: %clang_analyze_cc1 -triple i386-apple-darwin10 %s -verify \ +// RUN: -DUSE_BUILTINS \ +// RUN: -analyzer-checker=security.insecureAPI \ +// RUN: -analyzer-checker=security.FloatLoopCounter + +// RUN: %clang_analyze_cc1 -triple i386-apple-darwin10 %s -verify \ +// RUN: -DVARIANT \ +// RUN: -analyzer-checker=security.insecureAPI \ +// RUN: -analyzer-checker=security.FloatLoopCounter + +// RUN: %clang_analyze_cc1 -triple i386-apple-darwin10 %s -verify \ +// RUN: -DUSE_BUILTINS -DVARIANT \ +// RUN: -analyzer-checker=security.insecureAPI \ +// RUN: -analyzer-checker=security.FloatLoopCounter + +// RUN: %clang_analyze_cc1 -triple x86_64-unknown-cloudabi %s -verify \ +// RUN: -analyzer-checker=security.insecureAPI \ +// RUN: -analyzer-checker=security.FloatLoopCounter + +// RUN: %clang_analyze_cc1 -triple x86_64-unknown-cloudabi %s -verify \ +// RUN: -DUSE_BUILTINS \ +// RUN: -analyzer-checker=security.insecureAPI \ +// RUN: -analyzer-checker=security.FloatLoopCounter + +// RUN: %clang_analyze_cc1 -triple x86_64-unknown-cloudabi %s -verify \ +// RUN: -DVARIANT \ +// RUN: -analyzer-checker=security.insecureAPI \ +// RUN: -analyzer-checker=security.FloatLoopCounter + +// RUN: %clang_analyze_cc1 -triple x86_64-unknown-cloudabi %s -verify \ +// RUN: -DUSE_BUILTINS -DVARIANT \ +// RUN: -analyzer-checker=security.insecureAPI \ +// RUN: -analyzer-checker=security.FloatLoopCounter #ifdef USE_BUILTINS # define BUILTIN(f) __builtin_ ## f Index: test/Analysis/security-syntax-checks.c === --- /dev/null +++ test/Analysis/security-syntax-checks.c @@ -0,0 +1,8 @@ +// RUN: %clang_analyze_cc1 %s -verify \ +// RUN: -analyzer-checker=security.insecureAPI + +void builtin_function_call_crash_fixes(char *c) { + __builtin_strncpy(c, "", 6); // expected-warning{{Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard.}} + __builtin_memset(c, '\0', (0)); // expected-warning{{Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard.}} + __builtin_memcpy(c, c, 0); // expected-warning{{Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard.}} +} Index: test/Analysis/security-syntax-checks-no-emit.c === --- test/Analysis/security-syntax-checks-no-emit.c +++ test/Analysis/security-syntax-checks-no-emit.c @@ -1,4 +1,7 @@ -// RUN: %clang_analyze_cc1 -triple i686-pc-linux-gnu -analyzer-checker=security.insecureAPI,security.FloatLoopCounter %s -verify +// RUN: %clang_analyze_cc1 -triple i686-pc-linux-gnu %s -verify \ +// RUN: -analyzer-checker=security.insecureAPI \ +// RUN:
[PATCH] D59812: [analyzer] PR41185: Fix regression where __builtin_* functions weren't recognized
Szelethus updated this revision to Diff 195617. Szelethus retitled this revision from "[analyzer] Detect usages of unsafe I/O functions - Bug fixing" to "[analyzer] PR41185: Fix regression where __builtin_* functions weren't recognized". Szelethus edited the summary of this revision. Szelethus edited reviewers, added: baloghadamsoftware, alexfh; removed: zaks.anna. Szelethus set the repository for this revision to rC Clang. Szelethus edited projects, added clang; removed LLVM. Szelethus added a comment. Herald added subscribers: cfe-commits, kristina. Implemented the fix I proposed in my earlier comment. While I was there, I prettified some of the other tests, and also made sure that the core package is enabled in their run lines. Repository: rC Clang CHANGES SINCE LAST ACTION https://reviews.llvm.org/D59812/new/ https://reviews.llvm.org/D59812 Files: lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp test/Analysis/security-syntax-checks-no-emit.c test/Analysis/security-syntax-checks.c test/Analysis/security-syntax-checks.m Index: test/Analysis/security-syntax-checks.m === --- test/Analysis/security-syntax-checks.m +++ test/Analysis/security-syntax-checks.m @@ -1,11 +1,48 @@ -// RUN: %clang_analyze_cc1 -triple i386-apple-darwin10 -analyzer-checker=security.insecureAPI,security.FloatLoopCounter %s -verify -// RUN: %clang_analyze_cc1 -triple i386-apple-darwin10 -DUSE_BUILTINS -analyzer-checker=security.insecureAPI,security.FloatLoopCounter %s -verify -// RUN: %clang_analyze_cc1 -triple i386-apple-darwin10 -DVARIANT -analyzer-checker=security.insecureAPI,security.FloatLoopCounter %s -verify -// RUN: %clang_analyze_cc1 -triple i386-apple-darwin10 -DUSE_BUILTINS -DVARIANT -analyzer-checker=security.insecureAPI,security.FloatLoopCounter %s -verify -// RUN: %clang_analyze_cc1 -triple x86_64-unknown-cloudabi -analyzer-checker=security.insecureAPI,security.FloatLoopCounter %s -verify -// RUN: %clang_analyze_cc1 -triple x86_64-unknown-cloudabi -DUSE_BUILTINS -analyzer-checker=security.insecureAPI,security.FloatLoopCounter %s -verify -// RUN: %clang_analyze_cc1 -triple x86_64-unknown-cloudabi -DVARIANT -analyzer-checker=security.insecureAPI,security.FloatLoopCounter %s -verify -// RUN: %clang_analyze_cc1 -triple x86_64-unknown-cloudabi -DUSE_BUILTINS -DVARIANT -analyzer-checker=security.insecureAPI,security.FloatLoopCounter %s -verify +// RUN: %clang_analyze_cc1 -triple i386-apple-darwin10 %s -verify \ +// RUN: -analyzer-checker=core \ +// RUN: -analyzer-checker=security.insecureAPI \ +// RUN: -analyzer-checker=security.FloatLoopCounter + +// RUN: %clang_analyze_cc1 -triple i386-apple-darwin10 %s -verify \ +// RUN: -DUSE_BUILTINS \ +// RUN: -analyzer-checker=core \ +// RUN: -analyzer-checker=security.insecureAPI \ +// RUN: -analyzer-checker=security.FloatLoopCounter + +// RUN: %clang_analyze_cc1 -triple i386-apple-darwin10 %s -verify \ +// RUN: -DVARIANT \ +// RUN: -analyzer-checker=core \ +// RUN: -analyzer-checker=security.insecureAPI \ +// RUN: -analyzer-checker=security.FloatLoopCounter + +// RUN: %clang_analyze_cc1 -triple i386-apple-darwin10 %s -verify \ +// RUN: -DUSE_BUILTINS -DVARIANT \ +// RUN: -analyzer-checker=core \ +// RUN: -analyzer-checker=security.insecureAPI \ +// RUN: -analyzer-checker=security.FloatLoopCounter + +// RUN: %clang_analyze_cc1 -triple x86_64-unknown-cloudabi %s -verify \ +// RUN: -analyzer-checker=core \ +// RUN: -analyzer-checker=security.insecureAPI \ +// RUN: -analyzer-checker=security.FloatLoopCounter + +// RUN: %clang_analyze_cc1 -triple x86_64-unknown-cloudabi %s -verify \ +// RUN: -DUSE_BUILTINS \ +// RUN: -analyzer-checker=core \ +// RUN: -analyzer-checker=security.insecureAPI \ +// RUN: -analyzer-checker=security.FloatLoopCounter + +// RUN: %clang_analyze_cc1 -triple x86_64-unknown-cloudabi %s -verify \ +// RUN: -DVARIANT \ +// RUN: -analyzer-checker=core \ +// RUN: -analyzer-checker=security.insecureAPI \ +// RUN: -analyzer-checker=security.FloatLoopCounter + +// RUN: %clang_analyze_cc1 -triple x86_64-unknown-cloudabi %s -verify \ +// RUN: -DUSE_BUILTINS -DVARIANT \ +// RUN: -analyzer-checker=core \ +// RUN: -analyzer-checker=security.insecureAPI \ +// RUN: -analyzer-checker=security.FloatLoopCounter #ifdef USE_BUILTINS # define BUILTIN(f) __builtin_ ## f @@ -165,7 +202,7 @@ void test_strcpy() { char x[4]; - char *y; + char *y = 0; strcpy(x, y); //expected-warning{{Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119}} } @@ -204,7 +241,7 @@ void test_strcat() { char x[4]; - char *y; + char *y = 0; strcat(x, y); //expected-warning{{Call to function 'strcat' is insecure as it does not provide bounding of the memory buffer. Replace unbounded