=?utf-8?q?Balázs_Kéri?= <balazs.k...@ericsson.com>, =?utf-8?q?Balázs_Kéri?= <balazs.k...@ericsson.com>, =?utf-8?q?Balázs_Kéri?= <balazs.k...@ericsson.com>, =?utf-8?q?Balázs_Kéri?= <balazs.k...@ericsson.com>, =?utf-8?q?Balázs_Kéri?= <balazs.k...@ericsson.com>, =?utf-8?q?Balázs_Kéri?= <balazs.k...@ericsson.com>, =?utf-8?q?Balázs_Kéri?= <balazs.k...@ericsson.com> Message-ID: In-Reply-To: <llvm.org/llvm/llvm-project/pull/91...@github.com>
================ @@ -0,0 +1,75 @@ +// RUN: %clang_analyze_cc1 -analyzer-checker=core,security.SetgidSetuidOrder -analyzer-output=text -verify %s + +typedef int uid_t; +typedef int gid_t; + +int setuid(uid_t); +int setgid(gid_t); + +uid_t getuid(); +gid_t getgid(); + + + +void test_note_1() { + if (setuid(getuid()) == -1) // expected-note{{Assuming the condition is false}} \ + // expected-note{{Taking false branch}} + return; + if (setuid(getuid()) == -1) // expected-note{{Call to 'setuid' found here that removes superuser privileges}} \ + // expected-note{{Assuming the condition is false}} \ + // expected-note{{Taking false branch}} + return; + if (setgid(getgid()) == -1) // expected-warning{{A 'setgid(getgid())' call following a 'setuid(getuid())' call is likely to fail}} \ + // expected-note{{A 'setgid(getgid())' call following a 'setuid(getuid())' call is likely to fail}} + return; +} + +void test_note_2() { + if (setuid(getuid()) == -1) // expected-note{{Call to 'setuid' found here that removes superuser privileges}} \ + // expected-note{{Assuming the condition is false}} \ + // expected-note{{Taking false branch}} \ + // expected-note{{Assuming the condition is false}} \ + // expected-note{{Taking false branch}} ---------------- steakhal wrote: ```suggestion // expected-note 2 {{Assuming the condition is false}} \ // expected-note 2 {{Taking false branch}} ``` https://github.com/llvm/llvm-project/pull/91445 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits