Skip to content

Commit

Permalink
[analyzer] Harden security.cert.env.InvalidPtr checker fn matching
Browse files Browse the repository at this point in the history 
Relates to llvm#88181
  • Loading branch information
@steakhal
steakhal committed Apr 17, 2024
1 parent e096c14 commit 024281d
Showing 1 changed file with 15 additions and 10 deletions.
25 changes: 15 additions & 10 deletions clang/lib/StaticAnalyzer/Checkers/cert/InvalidPtrChecker.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,28 +48,33 @@ class InvalidPtrChecker
bool InvalidatingGetEnv = false;

// GetEnv can be treated invalidating and non-invalidating as well.
const CallDescription GetEnvCall{{"getenv"}, 1};
const CallDescription GetEnvCall{CDM::CLibrary, {"getenv"}, 1};

const CallDescriptionMap<HandlerFn> EnvpInvalidatingFunctions = {
{{{"setenv"}, 3}, &InvalidPtrChecker::EnvpInvalidatingCall},
{{{"unsetenv"}, 1}, &InvalidPtrChecker::EnvpInvalidatingCall},
{{{"putenv"}, 1}, &InvalidPtrChecker::EnvpInvalidatingCall},
{{{"_putenv_s"}, 2}, &InvalidPtrChecker::EnvpInvalidatingCall},
{{{"_wputenv_s"}, 2}, &InvalidPtrChecker::EnvpInvalidatingCall},
{{CDM::CLibrary, {"setenv"}, 3},
&InvalidPtrChecker::EnvpInvalidatingCall},
{{CDM::CLibrary, {"unsetenv"}, 1},
&InvalidPtrChecker::EnvpInvalidatingCall},
{{CDM::CLibrary, {"putenv"}, 1},
&InvalidPtrChecker::EnvpInvalidatingCall},
{{CDM::CLibrary, {"_putenv_s"}, 2},
&InvalidPtrChecker::EnvpInvalidatingCall},
{{CDM::CLibrary, {"_wputenv_s"}, 2},
&InvalidPtrChecker::EnvpInvalidatingCall},
};

void postPreviousReturnInvalidatingCall(const CallEvent &Call,
CheckerContext &C) const;

// SEI CERT ENV34-C
const CallDescriptionMap<HandlerFn> PreviousCallInvalidatingFunctions = {
{{{"setlocale"}, 2},
{{CDM::CLibrary, {"setlocale"}, 2},
&InvalidPtrChecker::postPreviousReturnInvalidatingCall},
{{{"strerror"}, 1},
{{CDM::CLibrary, {"strerror"}, 1},
&InvalidPtrChecker::postPreviousReturnInvalidatingCall},
{{{"localeconv"}, 0},
{{CDM::CLibrary, {"localeconv"}, 0},
&InvalidPtrChecker::postPreviousReturnInvalidatingCall},
{{{"asctime"}, 1},
{{CDM::CLibrary, {"asctime"}, 1},
&InvalidPtrChecker::postPreviousReturnInvalidatingCall},
};

Expand Down

0 comments on commit 024281d

Please sign in to comment.