[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

vabridgers wrote: Thanks @steakhal ! https://github.com/llvm/llvm-project/pull/117791 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

https://github.com/steakhal closed https://github.com/llvm/llvm-project/pull/117791 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

https://github.com/steakhal approved this pull request. https://github.com/llvm/llvm-project/pull/117791 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

https://github.com/steakhal updated https://github.com/llvm/llvm-project/pull/117791 >From ed174c8b52880d4f89415eb3a72da13f355438d7 Mon Sep 17 00:00:00 2001 From: einvbri Date: Mon, 25 Nov 2024 10:31:57 +0100 Subject: [PATCH 01/20] [analyzer] Modernize, improve and promote chroot checker This

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

vabridgers wrote: Hi @steakhal , no problem. Thanks for the proactive help! https://github.com/llvm/llvm-project/pull/117791 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

steakhal wrote: Hi Vince, I figured it's easier if I just push to your branch with my recommendations. Let me know if you like it. Challenge it if not. https://github.com/llvm/llvm-project/pull/117791 ___ cfe-commits mailing list cfe-commits@lists.llv

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

https://github.com/steakhal updated https://github.com/llvm/llvm-project/pull/117791 >From ed174c8b52880d4f89415eb3a72da13f355438d7 Mon Sep 17 00:00:00 2001 From: einvbri Date: Mon, 25 Nov 2024 10:31:57 +0100 Subject: [PATCH 01/16] [analyzer] Modernize, improve and promote chroot checker This

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

vabridgers wrote: @steakhal , I believe all comments are now resolved. Thank you for the thoughtful and detailed comments, look forward to concluding this in the best way possible. Thank you! https://github.com/llvm/llvm-project/pull/117791 ___ cfe-c

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -104,15 +146,35 @@ void ChrootChecker::evalChdir(const CallEvent &Call, CheckerContext &C) const { R = R->StripCasts(); if (const StringRegion* StrRegion= dyn_cast(R)) { const StringLiteral* Str = StrRegion->getStringLiteral(); - if (Str->getString() == "

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -104,15 +146,35 @@ void ChrootChecker::evalChdir(const CallEvent &Call, CheckerContext &C) const { R = R->StripCasts(); if (const StringRegion* StrRegion= dyn_cast(R)) { const StringLiteral* Str = StrRegion->getStringLiteral(); - if (Str->getString() == "

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

https://github.com/vabridgers updated https://github.com/llvm/llvm-project/pull/117791 >From ed174c8b52880d4f89415eb3a72da13f355438d7 Mon Sep 17 00:00:00 2001 From: einvbri Date: Mon, 25 Nov 2024 10:31:57 +0100 Subject: [PATCH 1/5] [analyzer] Modernize, improve and promote chroot checker This

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

https://github.com/vabridgers updated https://github.com/llvm/llvm-project/pull/117791 >From ed174c8b52880d4f89415eb3a72da13f355438d7 Mon Sep 17 00:00:00 2001 From: einvbri Date: Mon, 25 Nov 2024 10:31:57 +0100 Subject: [PATCH 1/4] [analyzer] Modernize, improve and promote chroot checker This

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -121,17 +183,40 @@ void ChrootChecker::checkPreCall(const CallEvent &Call, return; // If jail state is ROOT_CHANGED, generate BugReport. - void *const* k = C.getState()->FindGDM(ChrootChecker::getTag()); - if (k) -if (isRootChanged((intptr_t) *k)) - if (Exp

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -98,9 +98,9 @@ void ChrootChecker::evalChroot(const CallEvent &Call, CheckerContext &C) const { const auto *CE = cast(Call.getOriginExpr()); const LocationContext *LCtx = C.getLocationContext(); - NonLoc RetVal = - SVB.conjureSymbolVal(/*SymbolTag=*/nullptr,

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -80,19 +88,53 @@ bool ChrootChecker::evalCall(const CallEvent &Call, CheckerContext &C) const { void ChrootChecker::evalChroot(const CallEvent &Call, CheckerContext &C) const { ProgramStateRef state = C.getState(); ProgramStateManager &Mgr = state->getStateManager(); +

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -98,9 +98,9 @@ void ChrootChecker::evalChroot(const CallEvent &Call, CheckerContext &C) const { const auto *CE = cast(Call.getOriginExpr()); const LocationContext *LCtx = C.getLocationContext(); - NonLoc RetVal = - SVB.conjureSymbolVal(/*SymbolTag=*/nullptr,

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

https://github.com/vabridgers updated https://github.com/llvm/llvm-project/pull/117791 >From ed174c8b52880d4f89415eb3a72da13f355438d7 Mon Sep 17 00:00:00 2001 From: einvbri Date: Mon, 25 Nov 2024 10:31:57 +0100 Subject: [PATCH 1/2] [analyzer] Modernize, improve and promote chroot checker This

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -104,15 +146,35 @@ void ChrootChecker::evalChdir(const CallEvent &Call, CheckerContext &C) const { R = R->StripCasts(); if (const StringRegion* StrRegion= dyn_cast(R)) { const StringLiteral* Str = StrRegion->getStringLiteral(); - if (Str->getString() == "

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -24,21 +26,30 @@ using namespace clang; using namespace ento; -namespace { - // enum value that represent the jail state -enum Kind { NO_CHROOT, ROOT_CHANGED, JAIL_ENTERED }; +enum ChrootKind { NO_CHROOT, ROOT_CHANGED, ROOT_CHANGE_FAILED, JAIL_ENTERED }; -bool isRootChan

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -121,17 +183,40 @@ void ChrootChecker::checkPreCall(const CallEvent &Call, return; // If jail state is ROOT_CHANGED, generate BugReport. - void *const* k = C.getState()->FindGDM(ChrootChecker::getTag()); - if (k) -if (isRootChanged((intptr_t) *k)) - if (Exp

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -121,17 +183,40 @@ void ChrootChecker::checkPreCall(const CallEvent &Call, return; // If jail state is ROOT_CHANGED, generate BugReport. - void *const* k = C.getState()->FindGDM(ChrootChecker::getTag()); - if (k) -if (isRootChanged((intptr_t) *k)) - if (Exp

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -104,15 +146,35 @@ void ChrootChecker::evalChdir(const CallEvent &Call, CheckerContext &C) const { R = R->StripCasts(); if (const StringRegion* StrRegion= dyn_cast(R)) { const StringLiteral* Str = StrRegion->getStringLiteral(); - if (Str->getString() == "

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -121,17 +183,40 @@ void ChrootChecker::checkPreCall(const CallEvent &Call, return; // If jail state is ROOT_CHANGED, generate BugReport. - void *const* k = C.getState()->FindGDM(ChrootChecker::getTag()); - if (k) -if (isRootChanged((intptr_t) *k)) - if (Exp

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -80,19 +88,53 @@ bool ChrootChecker::evalCall(const CallEvent &Call, CheckerContext &C) const { void ChrootChecker::evalChroot(const CallEvent &Call, CheckerContext &C) const { ProgramStateRef state = C.getState(); ProgramStateManager &Mgr = state->getStateManager(); +

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

https://github.com/vabridgers updated https://github.com/llvm/llvm-project/pull/117791 >From ed174c8b52880d4f89415eb3a72da13f355438d7 Mon Sep 17 00:00:00 2001 From: einvbri Date: Mon, 25 Nov 2024 10:31:57 +0100 Subject: [PATCH 1/3] [analyzer] Modernize, improve and promote chroot checker This

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -104,15 +146,35 @@ void ChrootChecker::evalChdir(const CallEvent &Call, CheckerContext &C) const { R = R->StripCasts(); if (const StringRegion* StrRegion= dyn_cast(R)) { const StringLiteral* Str = StrRegion->getStringLiteral(); - if (Str->getString() == "

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

vabridgers wrote: > @vabridgers Please avoid force pushes. I understand and will abide by this request. I had tried rebasing and pushing at one time and found I needed to force a push upload my newest changes and thought that was the default flow. https://github.com/llvm/llvm-project/pull/1

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

steakhal wrote: > @steakhal and @NagyDonat , thanks for the comments. I'll address and update > the patch. Best @vabridgers Please avoid force pushed. Prefer `merge` over `rebase` while doing the reviews. It's okay to have a sequence of commits fixing up certain behavior. Once the review is d

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

vabridgers wrote: @steakhal and @NagyDonat , thanks for the comments. I'll address and update the patch. Best https://github.com/llvm/llvm-project/pull/117791 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailm

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -121,17 +183,40 @@ void ChrootChecker::checkPreCall(const CallEvent &Call, return; // If jail state is ROOT_CHANGED, generate BugReport. - void *const* k = C.getState()->FindGDM(ChrootChecker::getTag()); - if (k) -if (isRootChanged((intptr_t) *k)) - if (Exp

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -1750,6 +1750,21 @@ Critical section handling functions modeled by this checker: } } +.. _unix-Chroot: + +unix.Chroot (C) +" +Check improper use of chroot. steakhal wrote: This documentation should explain how is `chroot` used inco

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -80,19 +88,53 @@ bool ChrootChecker::evalCall(const CallEvent &Call, CheckerContext &C) const { void ChrootChecker::evalChroot(const CallEvent &Call, CheckerContext &C) const { ProgramStateRef state = C.getState(); ProgramStateManager &Mgr = state->getStateManager(); +

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -104,15 +146,35 @@ void ChrootChecker::evalChdir(const CallEvent &Call, CheckerContext &C) const { R = R->StripCasts(); if (const StringRegion* StrRegion= dyn_cast(R)) { const StringLiteral* Str = StrRegion->getStringLiteral(); - if (Str->getString() == "

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -121,17 +183,40 @@ void ChrootChecker::checkPreCall(const CallEvent &Call, return; // If jail state is ROOT_CHANGED, generate BugReport. - void *const* k = C.getState()->FindGDM(ChrootChecker::getTag()); - if (k) -if (isRootChanged((intptr_t) *k)) - if (Exp

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -104,15 +146,35 @@ void ChrootChecker::evalChdir(const CallEvent &Call, CheckerContext &C) const { R = R->StripCasts(); if (const StringRegion* StrRegion= dyn_cast(R)) { const StringLiteral* Str = StrRegion->getStringLiteral(); - if (Str->getString() == "

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -121,17 +183,40 @@ void ChrootChecker::checkPreCall(const CallEvent &Call, return; // If jail state is ROOT_CHANGED, generate BugReport. - void *const* k = C.getState()->FindGDM(ChrootChecker::getTag()); - if (k) -if (isRootChanged((intptr_t) *k)) - if (Exp

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -1750,6 +1750,21 @@ Critical section handling functions modeled by this checker: } } +.. _unix-Chroot: + +unix.Chroot (C) +" steakhal wrote: ```suggestion unix.Chroot (C) """ ``` https://github.com/llvm/llvm-project/pu

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -80,19 +88,53 @@ bool ChrootChecker::evalCall(const CallEvent &Call, CheckerContext &C) const { void ChrootChecker::evalChroot(const CallEvent &Call, CheckerContext &C) const { ProgramStateRef state = C.getState(); ProgramStateManager &Mgr = state->getStateManager(); +

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -121,17 +183,40 @@ void ChrootChecker::checkPreCall(const CallEvent &Call, return; // If jail state is ROOT_CHANGED, generate BugReport. - void *const* k = C.getState()->FindGDM(ChrootChecker::getTag()); - if (k) -if (isRootChanged((intptr_t) *k)) - if (Exp

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -80,19 +88,53 @@ bool ChrootChecker::evalCall(const CallEvent &Call, CheckerContext &C) const { void ChrootChecker::evalChroot(const CallEvent &Call, CheckerContext &C) const { ProgramStateRef state = C.getState(); ProgramStateManager &Mgr = state->getStateManager(); +

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -104,15 +146,35 @@ void ChrootChecker::evalChdir(const CallEvent &Call, CheckerContext &C) const { R = R->StripCasts(); if (const StringRegion* StrRegion= dyn_cast(R)) { const StringLiteral* Str = StrRegion->getStringLiteral(); - if (Str->getString() == "

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -80,19 +88,53 @@ bool ChrootChecker::evalCall(const CallEvent &Call, CheckerContext &C) const { void ChrootChecker::evalChroot(const CallEvent &Call, CheckerContext &C) const { ProgramStateRef state = C.getState(); ProgramStateManager &Mgr = state->getStateManager(); +

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -24,21 +26,30 @@ using namespace clang; using namespace ento; -namespace { - // enum value that represent the jail state -enum Kind { NO_CHROOT, ROOT_CHANGED, JAIL_ENTERED }; +enum ChrootKind { NO_CHROOT, ROOT_CHANGED, ROOT_CHANGE_FAILED, JAIL_ENTERED }; -bool isRootChan

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

@@ -121,17 +183,40 @@ void ChrootChecker::checkPreCall(const CallEvent &Call, return; // If jail state is ROOT_CHANGED, generate BugReport. - void *const* k = C.getState()->FindGDM(ChrootChecker::getTag()); - if (k) -if (isRootChanged((intptr_t) *k)) - if (Exp

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

https://github.com/steakhal edited https://github.com/llvm/llvm-project/pull/117791 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

https://github.com/steakhal requested changes to this pull request. This checker deserved some love for sure. Thank you for pushing for this. I left quite a few comments, touching style and also direction of this patch. Thanks Vince! https://github.com/llvm/llvm-project/pull/117791 _

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

https://github.com/vabridgers updated https://github.com/llvm/llvm-project/pull/117791 >From ed174c8b52880d4f89415eb3a72da13f355438d7 Mon Sep 17 00:00:00 2001 From: einvbri Date: Mon, 25 Nov 2024 10:31:57 +0100 Subject: [PATCH] [analyzer] Modernize, improve and promote chroot checker This chan

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

https://github.com/vabridgers updated https://github.com/llvm/llvm-project/pull/117791 >From 1b073f9a06f4a0844d703923c3edd97085b47918 Mon Sep 17 00:00:00 2001 From: einvbri Date: Mon, 25 Nov 2024 10:31:57 +0100 Subject: [PATCH] [analyzer] Modernize, improve and promote chroot checker This chan

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

https://github.com/vabridgers updated https://github.com/llvm/llvm-project/pull/117791 >From 660eb9b7864ac3976c3c69c65d17dfcbcc8c5b87 Mon Sep 17 00:00:00 2001 From: einvbri Date: Mon, 25 Nov 2024 10:31:57 +0100 Subject: [PATCH] [analyzer] Modernize, improve and promote chroot checker This chan

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

github-actions[bot] wrote: :warning: C/C++ code formatter, clang-format found issues in your code. :warning: You can test this locally with the following command: ``bash git-clang-format --diff cefc1b0c211fcc3f5528b72d5883f0c390d63e71 2fd9955af8fb56c83e399bb181f290165337dd3a --e

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

llvmbot wrote: @llvm/pr-subscribers-clang-static-analyzer-1 Author: None (vabridgers) Changes This change modernizes, improves and promotes the chroot checker from alpha to the Unix family of checkers. This checker covers the POS05 recommendations for use of chroot. The improvements inc

[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)

https://github.com/vabridgers created https://github.com/llvm/llvm-project/pull/117791 This change modernizes, improves and promotes the chroot checker from alpha to the Unix family of checkers. This checker covers the POS05 recommendations for use of chroot. The improvements included modelin