[analyzer] VforkChecker: allow execve after vfork.
In the path-sensitive vfork() checker that keeps a list of operations allowed after a successful vfork(), unforget to include execve() in the list. Patch by Jan Včelák! Differential Revision: https://reviews.llvm.org/D73629
This commit is contained in:
parent
e999aa38d1
commit
5a11233a2f
|
@ -98,12 +98,13 @@ bool VforkChecker::isCallWhitelisted(const IdentifierInfo *II,
|
|||
if (VforkWhitelist.empty()) {
|
||||
// According to manpage.
|
||||
const char *ids[] = {
|
||||
"_exit",
|
||||
"_Exit",
|
||||
"_exit",
|
||||
"execl",
|
||||
"execlp",
|
||||
"execle",
|
||||
"execlp",
|
||||
"execv",
|
||||
"execve",
|
||||
"execvp",
|
||||
"execvpe",
|
||||
nullptr
|
||||
|
|
|
@ -98,6 +98,12 @@ typedef int pid_t;
|
|||
pid_t fork(void);
|
||||
pid_t vfork(void);
|
||||
int execl(const char *path, const char *arg, ...);
|
||||
int execle(const char *path, const char *arg, ...);
|
||||
int execlp(const char *file, const char *arg, ...);
|
||||
int execv(const char *path, char *const argv[]);
|
||||
int execve(const char *path, char *const argv[], char *const envp[]);
|
||||
int execvp(const char *file, char *const argv[]);
|
||||
int execvpe(const char *file, char *const argv[], char *const envp[]);
|
||||
|
||||
void exit(int status) __attribute__ ((__noreturn__));
|
||||
void _exit(int status) __attribute__ ((__noreturn__));
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
void foo();
|
||||
|
||||
// Ensure that child process is properly checked.
|
||||
int f1(int x) {
|
||||
int f1(int x, int y) {
|
||||
pid_t pid = vfork(); // expected-warning{{Call to function 'vfork' is insecure}}
|
||||
if (pid != 0)
|
||||
return 0;
|
||||
|
@ -16,7 +16,29 @@ int f1(int x) {
|
|||
// Ensure that modifying pid is ok.
|
||||
pid = 1; // no-warning
|
||||
// Ensure that calling whitelisted routines is ok.
|
||||
execl("", "", 0); // no-warning
|
||||
switch (y) {
|
||||
case 0:
|
||||
execl("", "", 0); // no-warning
|
||||
break;
|
||||
case 1:
|
||||
execle("", "", 0); // no-warning
|
||||
break;
|
||||
case 2:
|
||||
execlp("", "", 0); // no-warning
|
||||
break;
|
||||
case 3:
|
||||
execv("", NULL); // no-warning
|
||||
break;
|
||||
case 4:
|
||||
execve("", NULL, NULL); // no-warning
|
||||
break;
|
||||
case 5:
|
||||
execvp("", NULL); // no-warning
|
||||
break;
|
||||
case 6:
|
||||
execvpe("", NULL, NULL); // no-warning
|
||||
break;
|
||||
}
|
||||
_exit(1); // no-warning
|
||||
break;
|
||||
case 1:
|
||||
|
|
Loading…
Reference in New Issue