[clang] [analyzer][clangsa] Add new option to alpha.security.cert.InvalidPtrChecker (PR #67663)

via cfe-commits Wed, 18 Oct 2023 06:35:54 -0700

Endre =?utf-8?q?Fülöp?= <endre.fu...@sigmatechnology.se>,
Endre =?utf-8?q?Fülöp?= <endre.fu...@sigmatechnology.se>,
Endre =?utf-8?q?Fülöp?= <endre.fu...@sigmatechnology.se>,
Endre =?utf-8?q?Fülöp?= <endre.fu...@sigmatechnology.se>,
Endre =?utf-8?q?Fülöp?= <endre.fu...@sigmatechnology.se>,
Endre =?utf-8?q?Fülöp?= <endre.fu...@sigmatechnology.se>,
Endre =?utf-8?q?Fülöp?= <endre.fu...@sigmatechnology.se>,
Endre =?utf-8?q?Fülöp?= <endre.fu...@sigmatechnology.se>,
Endre =?utf-8?q?Fülöp?= <endre.fu...@sigmatechnology.se>,
Endre =?utf-8?q?Fülöp?= <endre.fu...@sigmatechnology.se>
Message-ID:
In-Reply-To: <llvm/llvm-project/pull/67663/cl...@github.com>



================
@@ -84,33 +104,74 @@ class InvalidPtrChecker
 REGISTER_SET_WITH_PROGRAMSTATE(InvalidMemoryRegions, const MemRegion *)
 
 // Stores the region of the environment pointer of 'main' (if present).
-REGISTER_TRAIT_WITH_PROGRAMSTATE(EnvPtrRegion, const MemRegion *)
+REGISTER_TRAIT_WITH_PROGRAMSTATE(MainEnvPtrRegion, const MemRegion *)
+
+// Stores the regions of environments returned by getenv calls.
+REGISTER_SET_WITH_PROGRAMSTATE(GetenvEnvPtrRegions, const MemRegion *)
 
 // Stores key-value pairs, where key is function declaration and value is
 // pointer to memory region returned by previous call of this function
 REGISTER_MAP_WITH_PROGRAMSTATE(PreviousCallResultMap, const FunctionDecl *,
                                const MemRegion *)
 
+const NoteTag *InvalidPtrChecker::createEnvInvalidationNote(
+    CheckerContext &C, ProgramStateRef State, StringRef FunctionName) const {
+
+  const MemRegion *MainRegion = State->get<MainEnvPtrRegion>();
+  const auto GetenvRegions = State->get<GetenvEnvPtrRegions>();
+
+  return C.getNoteTag([this, MainRegion, GetenvRegions,
+                       FunctionName = std::string{FunctionName}](
+                          PathSensitiveBugReport &BR, llvm::raw_ostream &Out) {
+    // Only handle the BugType of this checker.
+    if (&BR.getBugType() != &InvalidPtrBugType)
+      return;
+
+    // Mark all regions that were interesting before as NOT interesting now
+    // to avoid extra notes coming from invalidation points higher up the
+    // bugpath. This ensures, that only the last invalidation point is marked
----------------
DonatNagyE wrote:

```suggestion
    // bugpath. This ensures that only the last invalidation point is marked
```

https://github.com/llvm/llvm-project/pull/67663
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [analyzer][clangsa] Add new option to alpha.security.cert.InvalidPtrChecker (PR #67663)

Reply via email to