gamesh411 updated this revision to Diff 400464.
gamesh411 marked 7 inline comments as done.
gamesh411 added a comment.
Fixes round two
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D116025/new/
https://reviews.llvm.org/D116025
Files:
clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp
Index: clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp
===================================================================
--- clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp
+++ clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp
@@ -52,7 +52,7 @@
"Untrusted data is passed to a system call "
"(CERT/STR02-C. Sanitize data passed to complex subsystems)";
-/// Check if tainted data is used as a buffer size ins strn.. functions,
+/// Check if tainted data is used as a buffer size in strn.. functions,
/// and allocators.
constexpr llvm::StringLiteral MsgTaintedBufferSize =
"Untrusted data is used to specify the buffer size "
@@ -160,7 +160,8 @@
public:
ArgSet() = default;
ArgSet(ArgVecTy &&DiscreteArgs, Optional<ArgIdxTy> VariadicIndex = None)
- : DiscreteArgs(DiscreteArgs), VariadicIndex(VariadicIndex) {}
+ : DiscreteArgs(std::move(DiscreteArgs)),
+ VariadicIndex(std::move(VariadicIndex)) {}
bool contains(ArgIdxTy ArgIdx) const {
if (llvm::is_contained(DiscreteArgs, ArgIdx))
@@ -308,13 +309,13 @@
TaintConfiguration &&Config) const;
private:
- using NamePartTy = llvm::SmallVector<SmallString<32>, 2>;
+ using NamePartsTy = llvm::SmallVector<SmallString<32>, 2>;
/// Validate part of the configuration, which contains a list of argument
/// indexes.
void validateArgVector(const std::string &Option, const ArgVecTy &Args)
const;
- template <typename Config> static NamePartTy parseNameParts(const Config &C);
+ template <typename Config> static NamePartsTy parseNameParts(const Config
&C);
// Takes the config and creates a CallDescription for it and associates a
Rule
// with that.
@@ -445,9 +446,9 @@
}
template <typename Config>
-GenericTaintRuleParser::NamePartTy
+GenericTaintRuleParser::NamePartsTy
GenericTaintRuleParser::parseNameParts(const Config &C) {
- NamePartTy NameParts;
+ NamePartsTy NameParts;
if (!C.Scope.empty()) {
// If the Scope argument contains multiple "::" parts, those are considered
// namespace identifiers.
@@ -464,7 +465,7 @@
void GenericTaintRuleParser::consumeRulesFromConfig(const Config &C,
GenericTaintRule &&Rule,
RulesContTy &Rules) {
- NamePartTy NameParts = parseNameParts(C);
+ NamePartsTy NameParts = parseNameParts(C);
llvm::SmallVector<const char *, 2> CallDescParts{NameParts.size()};
llvm::transform(NameParts, CallDescParts.begin(),
[](SmallString<32> &S) { return S.c_str(); });
@@ -642,6 +643,7 @@
llvm::Optional<TaintConfiguration> Config =
getConfiguration<TaintConfiguration>(*Mgr, this, Option, ConfigFile);
if (!Config) {
+ // We don't have external taint config, no parsing required.
DynamicTaintRules = RuleLookupTy{};
return;
}
@@ -746,8 +748,8 @@
bool IsMatching = PropSrcArgs.isEmpty();
ForEachCallArg(
[this, &C, &IsMatching, &State](ArgIdxTy I, const Expr *E, SVal) {
- IsMatching |=
- PropSrcArgs.contains(I) && isTaintedOrPointsToTainted(E, State, C);
+ IsMatching = IsMatching || (PropSrcArgs.contains(I) &&
+ isTaintedOrPointsToTainted(E, State, C));
});
if (!IsMatching)
@@ -860,7 +862,7 @@
SourceLocation DomLoc = Call.getArgExpr(0)->getExprLoc();
StringRef DomName = C.getMacroNameOrSpelling(DomLoc);
- // White list the internal communication protocols.
+ // Allow internal communication protocols.
bool SafeProtocol = DomName.equals("AF_SYSTEM") ||
DomName.equals("AF_LOCAL") || DomName.equals("AF_UNIX")
||
DomName.equals("AF_RESERVED_36");
Index: clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp
===================================================================
--- clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp
+++ clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp
@@ -52,7 +52,7 @@
"Untrusted data is passed to a system call "
"(CERT/STR02-C. Sanitize data passed to complex subsystems)";
-/// Check if tainted data is used as a buffer size ins strn.. functions,
+/// Check if tainted data is used as a buffer size in strn.. functions,
/// and allocators.
constexpr llvm::StringLiteral MsgTaintedBufferSize =
"Untrusted data is used to specify the buffer size "
@@ -160,7 +160,8 @@
public:
ArgSet() = default;
ArgSet(ArgVecTy &&DiscreteArgs, Optional<ArgIdxTy> VariadicIndex = None)
- : DiscreteArgs(DiscreteArgs), VariadicIndex(VariadicIndex) {}
+ : DiscreteArgs(std::move(DiscreteArgs)),
+ VariadicIndex(std::move(VariadicIndex)) {}
bool contains(ArgIdxTy ArgIdx) const {
if (llvm::is_contained(DiscreteArgs, ArgIdx))
@@ -308,13 +309,13 @@
TaintConfiguration &&Config) const;
private:
- using NamePartTy = llvm::SmallVector<SmallString<32>, 2>;
+ using NamePartsTy = llvm::SmallVector<SmallString<32>, 2>;
/// Validate part of the configuration, which contains a list of argument
/// indexes.
void validateArgVector(const std::string &Option, const ArgVecTy &Args) const;
- template <typename Config> static NamePartTy parseNameParts(const Config &C);
+ template <typename Config> static NamePartsTy parseNameParts(const Config &C);
// Takes the config and creates a CallDescription for it and associates a Rule
// with that.
@@ -445,9 +446,9 @@
}
template <typename Config>
-GenericTaintRuleParser::NamePartTy
+GenericTaintRuleParser::NamePartsTy
GenericTaintRuleParser::parseNameParts(const Config &C) {
- NamePartTy NameParts;
+ NamePartsTy NameParts;
if (!C.Scope.empty()) {
// If the Scope argument contains multiple "::" parts, those are considered
// namespace identifiers.
@@ -464,7 +465,7 @@
void GenericTaintRuleParser::consumeRulesFromConfig(const Config &C,
GenericTaintRule &&Rule,
RulesContTy &Rules) {
- NamePartTy NameParts = parseNameParts(C);
+ NamePartsTy NameParts = parseNameParts(C);
llvm::SmallVector<const char *, 2> CallDescParts{NameParts.size()};
llvm::transform(NameParts, CallDescParts.begin(),
[](SmallString<32> &S) { return S.c_str(); });
@@ -642,6 +643,7 @@
llvm::Optional<TaintConfiguration> Config =
getConfiguration<TaintConfiguration>(*Mgr, this, Option, ConfigFile);
if (!Config) {
+ // We don't have external taint config, no parsing required.
DynamicTaintRules = RuleLookupTy{};
return;
}
@@ -746,8 +748,8 @@
bool IsMatching = PropSrcArgs.isEmpty();
ForEachCallArg(
[this, &C, &IsMatching, &State](ArgIdxTy I, const Expr *E, SVal) {
- IsMatching |=
- PropSrcArgs.contains(I) && isTaintedOrPointsToTainted(E, State, C);
+ IsMatching = IsMatching || (PropSrcArgs.contains(I) &&
+ isTaintedOrPointsToTainted(E, State, C));
});
if (!IsMatching)
@@ -860,7 +862,7 @@
SourceLocation DomLoc = Call.getArgExpr(0)->getExprLoc();
StringRef DomName = C.getMacroNameOrSpelling(DomLoc);
- // White list the internal communication protocols.
+ // Allow internal communication protocols.
bool SafeProtocol = DomName.equals("AF_SYSTEM") ||
DomName.equals("AF_LOCAL") || DomName.equals("AF_UNIX") ||
DomName.equals("AF_RESERVED_36");
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
