| // RUN: %clang_analyze_cc1 -analyzer-checker=core,security.SetgidSetuidOrder -analyzer-output=text -verify %s |
| |
| typedef int uid_t; |
| typedef int gid_t; |
| |
| int setuid(uid_t); |
| int setgid(gid_t); |
| |
| uid_t getuid(); |
| gid_t getgid(); |
| |
| |
| |
| void test_note_1() { |
| if (setuid(getuid()) == -1) // expected-note{{Assuming the condition is false}} \ |
| // expected-note{{Taking false branch}} |
| return; |
| if (setuid(getuid()) == -1) // expected-note{{Call to 'setuid' found here that removes superuser privileges}} \ |
| // expected-note{{Assuming the condition is false}} \ |
| // expected-note{{Taking false branch}} |
| return; |
| if (setgid(getgid()) == -1) // expected-warning{{A 'setgid(getgid())' call following a 'setuid(getuid())' call is likely to fail}} \ |
| // expected-note{{A 'setgid(getgid())' call following a 'setuid(getuid())' call is likely to fail}} |
| return; |
| } |
| |
| void test_note_2() { |
| if (setuid(getuid()) == -1) // expected-note{{Call to 'setuid' found here that removes superuser privileges}} \ |
| // expected-note 2 {{Assuming the condition is false}} \ |
| // expected-note 2 {{Taking false branch}} |
| return; |
| if (setgid(getgid()) == -1) // expected-warning{{A 'setgid(getgid())' call following a 'setuid(getuid())' call is likely to fail}} \ |
| // expected-note{{A 'setgid(getgid())' call following a 'setuid(getuid())' call is likely to fail}} \ |
| // expected-note{{Assuming the condition is false}} \ |
| // expected-note{{Taking false branch}} |
| return; |
| if (setuid(getuid()) == -1) // expected-note{{Call to 'setuid' found here that removes superuser privileges}} \ |
| // expected-note{{Assuming the condition is false}} \ |
| // expected-note{{Taking false branch}} |
| return; |
| if (setgid(getgid()) == -1) // expected-warning{{A 'setgid(getgid())' call following a 'setuid(getuid())' call is likely to fail}} \ |
| // expected-note{{A 'setgid(getgid())' call following a 'setuid(getuid())' call is likely to fail}} |
| return; |
| } |
| |
| int f_setuid() { |
| return setuid(getuid()); // expected-note{{Call to 'setuid' found here that removes superuser privileges}} |
| } |
| |
| int f_setgid() { |
| return setgid(getgid()); // expected-warning{{A 'setgid(getgid())' call following a 'setuid(getuid())' call is likely to fail}} \ |
| // expected-note{{A 'setgid(getgid())' call following a 'setuid(getuid())' call is likely to fail}} |
| } |
| |
| void test_note_3() { |
| if (f_setuid() == -1) // expected-note{{Assuming the condition is false}} \ |
| // expected-note{{Calling 'f_setuid'}} \ |
| // expected-note{{Returning from 'f_setuid'}} \ |
| // expected-note{{Taking false branch}} |
| return; |
| if (f_setgid() == -1) // expected-note{{Calling 'f_setgid'}} |
| return; |
| } |
| |
| void test_note_4() { |
| if (setuid(getuid()) == 0) { // expected-note{{Assuming the condition is true}} \ |
| // expected-note{{Call to 'setuid' found here that removes superuser privileges}} \ |
| // expected-note{{Taking true branch}} |
| if (setgid(getgid()) == 0) { // expected-warning{{A 'setgid(getgid())' call following a 'setuid(getuid())' call is likely to fail}} \ |
| // expected-note{{A 'setgid(getgid())' call following a 'setuid(getuid())' call is likely to fail}} |
| } |
| } |
| } |
