================ @@ -0,0 +1,197 @@ +//===-- SetgidSetuidOrderChecker.cpp - check privilege revocation calls ---===// +// +// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. +// See https://llvm.org/LICENSE.txt for license information. +// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception +// +//===----------------------------------------------------------------------===// +// +// This file defines a checker to detect possible reversed order of privilege +// revocations when 'setgid' and 'setuid' is used. +// +//===----------------------------------------------------------------------===// + +#include "clang/StaticAnalyzer/Checkers/BuiltinCheckerRegistration.h" +#include "clang/StaticAnalyzer/Core/BugReporter/BugType.h" +#include "clang/StaticAnalyzer/Core/Checker.h" +#include "clang/StaticAnalyzer/Core/CheckerManager.h" +#include "clang/StaticAnalyzer/Core/PathSensitive/CallDescription.h" +#include "clang/StaticAnalyzer/Core/PathSensitive/CallEvent.h" +#include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h" +#include "clang/StaticAnalyzer/Core/PathSensitive/ProgramState.h" +#include "clang/StaticAnalyzer/Core/PathSensitive/ProgramStateTrait.h" + +using namespace clang; +using namespace ento; + +namespace { + +class SetgidSetuidOrderChecker + : public Checker<check::PostCall, check::DeadSymbols, eval::Assume> { + const BugType BT_WrongRevocationOrder{ + this, "Possible wrong order of privilege revocation"}; + + const CallDescription SetuidDesc{{"setuid"}, 1}; + const CallDescription SetgidDesc{{"setgid"}, 1}; + const CallDescription SeteuidDesc{{"seteuid"}, 1}; + const CallDescription SetegidDesc{{"setegid"}, 1}; + const CallDescription SetreuidDesc{{"setreuid"}, 2}; + const CallDescription SetregidDesc{{"setregid"}, 2}; + const CallDescription SetresuidDesc{{"setresuid"}, 3}; + const CallDescription SetresgidDesc{{"setresgid"}, 3}; ---------------- NagyDonat wrote:
Please use the `MatchAs` argument of the `CallDescription` constructor, which was recently introduced by my changes. In this case you'd probably use the matching mode `CDM::CLibrary`. Without this these call descriptions would match even a C++ method if it has the right name and number of arguments. https://github.com/llvm/llvm-project/pull/91445 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
