test/Analysis/invalid-ptr-checker.c - llvm-project/clang - Git at Google

 // RUN: %clang_analyze_cc1                                                      \
 // RUN:  -analyzer-checker=security.cert.env.InvalidPtr                         \
 // RUN:  -analyzer-config security.cert.env.InvalidPtr:InvalidatingGetEnv=false \
 // RUN:  -analyzer-output=text -verify -Wno-unused %s
 //
 // RUN: %clang_analyze_cc1                                                      \
 // RUN:  -analyzer-checker=security.cert.env.InvalidPtr                         \
 // RUN:  -analyzer-config                                                       \
 // RUN: security.cert.env.InvalidPtr:InvalidatingGetEnv=true                    \
 // RUN: -analyzer-output=text -verify=expected,pedantic -Wno-unused %s

 #include "Inputs/system-header-simulator.h"

 char *getenv(const char *name);
 int setenv(const char *name, const char *value, int overwrite);
 int strcmp(const char *, const char *);

 int custom_env_handler(const char **envp);

 void getenv_after_getenv(void) {
   char *v1 = getenv("V1");
   // pedantic-note@-1{{previous function call was here}}

   char *v2 = getenv("V2");
   // pedantic-note@-1{{'getenv' call may invalidate the result of the previous 'getenv'}}

   strcmp(v1, v2);
   // pedantic-warning@-1{{use of invalidated pointer 'v1' in a function call}}
   // pedantic-note@-2{{use of invalidated pointer 'v1' in a function call}}
 }

 void setenv_after_getenv(void) {
   char *v1 = getenv("VAR1");

   setenv("VAR2", "...", 1);
   // expected-note@-1{{'setenv' call may invalidate the environment returned by 'getenv'}}

   strcmp(v1, "");
   // expected-warning@-1{{use of invalidated pointer 'v1' in a function call}}
   // expected-note@-2{{use of invalidated pointer 'v1' in a function call}}
 }

 int main(int argc, const char *argv[], const char *envp[]) {
   setenv("VAR", "...", 0);
   // expected-note@-1 2 {{'setenv' call may invalidate the environment parameter of 'main'}}

   *envp;
   // expected-warning@-1 2 {{dereferencing an invalid pointer}}
   // expected-note@-2 2 {{dereferencing an invalid pointer}}
 }

 void multiple_invalidation_no_duplicate_notes(void) {
   char *v1 = getenv("VAR1");

   setenv("VAR2", "...", 1); // no note here

   setenv("VAR3", "...", 1);
   // expected-note@-1{{'setenv' call may invalidate the environment returned by 'getenv'}}

   strcmp(v1, "");
   // expected-warning@-1{{use of invalidated pointer 'v1' in a function call}}
   // expected-note@-2{{use of invalidated pointer 'v1' in a function call}}
 }
	// RUN: %clang_analyze_cc1 \
	// RUN: -analyzer-checker=security.cert.env.InvalidPtr \
	// RUN: -analyzer-config security.cert.env.InvalidPtr:InvalidatingGetEnv=false \
	// RUN: -analyzer-output=text -verify -Wno-unused %s
	//
	// RUN: %clang_analyze_cc1 \
	// RUN: -analyzer-checker=security.cert.env.InvalidPtr \
	// RUN: -analyzer-config \
	// RUN: security.cert.env.InvalidPtr:InvalidatingGetEnv=true \
	// RUN: -analyzer-output=text -verify=expected,pedantic -Wno-unused %s

	#include "Inputs/system-header-simulator.h"

	char getenv(const char name);
	int setenv(const char name, const char value, int overwrite);
	int strcmp(const char , const char );

	int custom_env_handler(const char **envp);

	void getenv_after_getenv(void) {
	char *v1 = getenv("V1");
	// pedantic-note@-1{{previous function call was here}}

	char *v2 = getenv("V2");
	// pedantic-note@-1{{'getenv' call may invalidate the result of the previous 'getenv'}}

	strcmp(v1, v2);
	// pedantic-warning@-1{{use of invalidated pointer 'v1' in a function call}}
	// pedantic-note@-2{{use of invalidated pointer 'v1' in a function call}}
	}

	void setenv_after_getenv(void) {
	char *v1 = getenv("VAR1");

	setenv("VAR2", "...", 1);
	// expected-note@-1{{'setenv' call may invalidate the environment returned by 'getenv'}}

	strcmp(v1, "");
	// expected-warning@-1{{use of invalidated pointer 'v1' in a function call}}
	// expected-note@-2{{use of invalidated pointer 'v1' in a function call}}
	}

	int main(int argc, const char argv[], const char envp[]) {
	setenv("VAR", "...", 0);
	// expected-note@-1 2 {{'setenv' call may invalidate the environment parameter of 'main'}}

	*envp;
	// expected-warning@-1 2 {{dereferencing an invalid pointer}}
	// expected-note@-2 2 {{dereferencing an invalid pointer}}
	}

	void multiple_invalidation_no_duplicate_notes(void) {
	char *v1 = getenv("VAR1");

	setenv("VAR2", "...", 1); // no note here

	setenv("VAR3", "...", 1);
	// expected-note@-1{{'setenv' call may invalidate the environment returned by 'getenv'}}

	strcmp(v1, "");
	// expected-warning@-1{{use of invalidated pointer 'v1' in a function call}}
	// expected-note@-2{{use of invalidated pointer 'v1' in a function call}}
	}