NoQ added a comment.
Hmm, maybe it'd also be a good idea to disable the check completely when a
likely-correct value for the macro cannot be determined.
================
Comment at: lib/StaticAnalyzer/Checkers/MmapWriteExecChecker.cpp:74-75
+ mgr.registerChecker<MmapWriteExecChecker>();
+ Mwec->ProtExecOv =
+ mgr.getAnalyzerOptions().getOptionAsInteger("MmapProtExec", 0x04, Mwec);
+}
----------------
You'd probably want to be able to set both `PROT_READ` and `PROT_EXEC`, to be
fully flexible.
================
Comment at: test/Analysis/mmap-writeexec.c:1
+// RUN: %clang_analyze_cc1 -triple i686-unknown-linux
-analyzer-checker=security.MmapWriteExec -analyzer-config
security.MmapWriteExec:MmapProtExec=1 -DPROT_EXEC=1 -verify %s
+// RUN: %clang_analyze_cc1 -triple x86_64-unknown-apple-darwin10
-analyzer-checker=security.MmapWriteExec -verify %s
----------------
I think you should use an unrelated macro, eg. `-analyzer-config
security.MmapWriteExec:MmapProtExec=1 -DUSE_ALTERNATIVE_PROT_EXEC_DEFINITION`,
to trigger different definitions in the tests, i.e.
```
#ifndef USE_ALTERNATIVE_PROT_EXEC_DEFINITION
#define PROT_READ 0x01
#define PROT_EXEC 0x04
#else
#define PROT_READ 0x04
#define PROT_EXEC 0x01
#endif
```
Repository:
rC Clang
https://reviews.llvm.org/D42645
_______________________________________________
cfe-commits mailing list
[email protected]
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
