From: Anna Zaks Date: Tue, 11 Oct 2011 04:34:54 +0000 (+0000) Subject: [analyzer] Warn about the use of insecure, deprecated vfork() function PR11053 (http... X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=a7957ff18c2480cb46081311067b61eb47023355;p=clang [analyzer] Warn about the use of insecure, deprecated vfork() function PR11053 (http://llvm.org/bugs/show_bug.cgi?id=11053). A patch by Graham Lee! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@141643 91177308-0d34-0410-b5e6-96231b3b80d8 --- diff --git a/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp b/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp index 1d69e6b3ff..20c045fe6b 100644 --- a/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp +++ b/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp @@ -70,6 +70,7 @@ public: void checkCall_strcat(const CallExpr *CE, const FunctionDecl *FD); void checkCall_rand(const CallExpr *CE, const FunctionDecl *FD); void checkCall_random(const CallExpr *CE, const FunctionDecl *FD); + void checkCall_vfork(const CallExpr *CE, const FunctionDecl *FD); void checkUncheckedReturnValue(CallExpr *CE); }; } // end anonymous namespace @@ -116,6 +117,7 @@ void WalkAST::VisitCallExpr(CallExpr *CE) { .Case("rand", &WalkAST::checkCall_rand) .Case("rand_r", &WalkAST::checkCall_rand) .Case("random", &WalkAST::checkCall_random) + .Case("vfork", &WalkAST::checkCall_vfork) .Default(NULL); // If the callee isn't defined, it is not of security concern. @@ -518,6 +520,26 @@ void WalkAST::checkCall_random(const CallExpr *CE, const FunctionDecl *FD) { "instead", CELoc, &R, 1); } +//===----------------------------------------------------------------------===// +// Check: 'vfork' should not be used. +// POS33-C: Do not use vfork(). +//===----------------------------------------------------------------------===// + +void WalkAST::checkCall_vfork(const CallExpr *CE, const FunctionDecl *FD) { + // All calls to vfork() are insecure, issue a warning. + SourceRange R = CE->getCallee()->getSourceRange(); + PathDiagnosticLocation CELoc = + PathDiagnosticLocation::createBegin(CE, BR.getSourceManager(), AC); + BR.EmitBasicReport("Potential insecure implementation-specific behavior in " + "call 'vfork'", + "Security", + "Call to function 'vfork' is insecure as it can lead to " + "denial of service situations in the parent process. " + "Replace calls to vfork with calls to the safer " + "'posix_spawn' function", + CELoc, &R, 1); +} + //===----------------------------------------------------------------------===// // Check: Should check whether privileges are dropped successfully. // Originally: diff --git a/test/Analysis/security-syntax-checks.m b/test/Analysis/security-syntax-checks.m index 5944006efb..a04401b531 100644 --- a/test/Analysis/security-syntax-checks.m +++ b/test/Analysis/security-syntax-checks.m @@ -164,3 +164,14 @@ void test_strcat() { strcat(x, y); //expected-warning{{Call to function 'strcat' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strncat'. CWE-119.}} } + +//===----------------------------------------------------------------------=== +// vfork() +//===----------------------------------------------------------------------=== +typedef int __int32_t; +typedef __int32_t pid_t; +pid_t vfork(void); + +void test_vfork() { + vfork(); //expected-warning{{Call to function 'vfork' is insecure as it can lead to denial of service situations in the parent process.}} +}