[clang] [analyzer] Removing untrusted buffer size taint warning (PR #68607)

Donát Nagy via cfe-commits Thu, 02 May 2024 07:36:00 -0700

================
@@ -95,22 +94,23 @@ void testReadStdIn(){
 }
 
 void multipleTaintSources(void) {
-  int x,y,z;
-  scanf("%d", &x); // expected-note {{Taint originated here}}
+  char cmd[2048], file[1024];
+  scanf ("%1022[^\n] ", cmd); // expected-note {{Taint originated here}}
                    // expected-note@-1 {{Taint propagated to the 2nd argument}}
-  scanf("%d", &y); // expected-note {{Taint originated here}}
+  scanf ("%1023[^\n]", file); // expected-note {{Taint originated here}}
                    // expected-note@-1 {{Taint propagated to the 2nd argument}}
-  scanf("%d", &z);
-  int* ptr = (int*) malloc(y + x); // expected-warning {{Untrusted data is 
used to specify the buffer size}}
-                                   // expected-note@-1{{Untrusted data is used 
to specify the buffer size}}
-  free (ptr);
+  strcat(cmd, file);// expected-note {{Taint propagated to the 1st argument}}
----------------
NagyDonat wrote:


```suggestion
  strcat(cmd, file); // expected-note {{Taint propagated to the 1st argument}}
  strcat(cmd, " "); // expected-note {{Taint propagated to the 1st argument}}
```

https://github.com/llvm/llvm-project/pull/68607
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [analyzer] Removing untrusted buffer size taint warning (PR #68607)

Reply via email to