[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

https://github.com/devnexen updated https://github.com/llvm/llvm-project/pull/83675 >From 39a9b19e266275624e472bd3fbd5fdab542a5c31 Mon Sep 17 00:00:00 2001 From: David Carlier Date: Sat, 2 Mar 2024 14:56:15 + Subject: [PATCH] [clang][StaticAnalyzer] Adding getentropy to CStringChecker.

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -2515,6 +2517,53 @@ void CStringChecker::evalSprintfCommon(CheckerContext , const CallEvent , C.addTransition(State); } +void CStringChecker::evalGetentropy(CheckerContext , const CallEvent ) const { + DestinationArgExpr Buffer = {{Call.getArgExpr(0), 0}}; +

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

https://github.com/devnexen updated https://github.com/llvm/llvm-project/pull/83675 >From 010c0c2acddbe36a84382284835e94bffe94b040 Mon Sep 17 00:00:00 2001 From: David Carlier Date: Sat, 2 Mar 2024 14:56:15 + Subject: [PATCH 1/3] [clang][StaticAnalyzer] Adding getentropy to

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

github-actions[bot] wrote: :white_check_mark: With the latest revision this PR passed the Python code formatter. https://github.com/llvm/llvm-project/pull/83675 ___ cfe-commits mailing list cfe-commits@lists.llvm.org

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

https://github.com/devnexen updated https://github.com/llvm/llvm-project/pull/83675 >From 5e99ec4cbc47b513c54f2579529aed611cd8b847 Mon Sep 17 00:00:00 2001 From: David Carlier Date: Sat, 2 Mar 2024 14:56:15 + Subject: [PATCH 1/3] [clang][StaticAnalyzer] Adding getentropy to

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

https://github.com/NagyDonat edited https://github.com/llvm/llvm-project/pull/83675 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

https://github.com/NagyDonat requested changes to this pull request. I'll try to take over this review process and help with finalizing this commit. I also added @balazske who's also familiar with this area. Unfortunately currently there are significant problems in the state/assumption

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -2515,6 +2517,53 @@ void CStringChecker::evalSprintfCommon(CheckerContext , const CallEvent , C.addTransition(State); } +void CStringChecker::evalGetentropy(CheckerContext , const CallEvent ) const { + DestinationArgExpr Buffer = {{Call.getArgExpr(0), 0}}; +

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -2515,6 +2517,53 @@ void CStringChecker::evalSprintfCommon(CheckerContext , const CallEvent , C.addTransition(State); } +void CStringChecker::evalGetentropy(CheckerContext , const CallEvent ) const { + DestinationArgExpr Buffer = {{Call.getArgExpr(0), 0}}; +

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -529,3 +529,37 @@ void nocrash_on_locint_offset(void *addr, void* from, struct S s) { size_t iAdd = (size_t) addr; memcpy(((void *) &(s.f)), from, iAdd); } + +//===--===// +// getentropy()

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -529,3 +529,37 @@ void nocrash_on_locint_offset(void *addr, void* from, struct S s) { size_t iAdd = (size_t) addr; memcpy(((void *) &(s.f)), from, iAdd); } + +//===--===// +// getentropy()

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -2515,6 +2517,53 @@ void CStringChecker::evalSprintfCommon(CheckerContext , const CallEvent , C.addTransition(State); } +void CStringChecker::evalGetentropy(CheckerContext , const CallEvent ) const { + DestinationArgExpr Buffer = {{Call.getArgExpr(0), 0}}; +

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -2516,6 +2518,47 @@ void CStringChecker::evalSprintfCommon(CheckerContext , const CallEvent , C.addTransition(State); } +void CStringChecker::evalGetentropy(CheckerContext , +const CallEvent ) const { + DestinationArgExpr Buffer =

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -2515,6 +2517,53 @@ void CStringChecker::evalSprintfCommon(CheckerContext , const CallEvent , C.addTransition(State); } +void CStringChecker::evalGetentropy(CheckerContext , const CallEvent ) const { + DestinationArgExpr Buffer = {{Call.getArgExpr(0), 0}}; +

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -2515,6 +2517,53 @@ void CStringChecker::evalSprintfCommon(CheckerContext , const CallEvent , C.addTransition(State); } +void CStringChecker::evalGetentropy(CheckerContext , const CallEvent ) const { + DestinationArgExpr Buffer = {{Call.getArgExpr(0), 0}}; +

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -2515,6 +2517,53 @@ void CStringChecker::evalSprintfCommon(CheckerContext , const CallEvent , C.addTransition(State); } +void CStringChecker::evalGetentropy(CheckerContext , const CallEvent ) const { + DestinationArgExpr Buffer = {{Call.getArgExpr(0), 0}}; +

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -2515,6 +2517,53 @@ void CStringChecker::evalSprintfCommon(CheckerContext , const CallEvent , C.addTransition(State); } +void CStringChecker::evalGetentropy(CheckerContext , const CallEvent ) const { + DestinationArgExpr Buffer = {{Call.getArgExpr(0), 0}}; +

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -2515,6 +2517,53 @@ void CStringChecker::evalSprintfCommon(CheckerContext , const CallEvent , C.addTransition(State); } +void CStringChecker::evalGetentropy(CheckerContext , const CallEvent ) const { + DestinationArgExpr Buffer = {{Call.getArgExpr(0), 0}}; +

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

steakhal wrote: I'm sorry, but I'm out of bandwidth. Maybe someone else can step up for the review. https://github.com/llvm/llvm-project/pull/83675 ___ cfe-commits mailing list cfe-commits@lists.llvm.org

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

https://github.com/devnexen updated https://github.com/llvm/llvm-project/pull/83675 >From 1b2fec2c9a41be4ad216d7032189f561eed3f751 Mon Sep 17 00:00:00 2001 From: David Carlier Date: Sat, 2 Mar 2024 14:56:15 + Subject: [PATCH 1/3] [clang][StaticAnalyzer] Adding getentropy to

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -2515,6 +2518,57 @@ void CStringChecker::evalSprintfCommon(CheckerContext , const CallEvent , C.addTransition(State); } +void CStringChecker::evalGetentropy(CheckerContext , +const CallEvent , CharKind CK) const { +

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -529,3 +529,42 @@ void nocrash_on_locint_offset(void *addr, void* from, struct S s) { size_t iAdd = (size_t) addr; memcpy(((void *) &(s.f)), from, iAdd); } + +#if defined(__linux__) || defined(__FreeBSD__) || defined(__OpenBSD__) +/* present in both glibc 2.25 and musl

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -2515,6 +2518,57 @@ void CStringChecker::evalSprintfCommon(CheckerContext , const CallEvent , C.addTransition(State); } +void CStringChecker::evalGetentropy(CheckerContext , +const CallEvent , CharKind CK) const { +

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -219,6 +221,7 @@ class CStringChecker : public Checker< eval::Call, void evalSnprintf(CheckerContext , const CallEvent ) const; void evalSprintfCommon(CheckerContext , const CallEvent , bool IsBounded, bool IsBuiltin) const; + void

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -2515,6 +2518,57 @@ void CStringChecker::evalSprintfCommon(CheckerContext , const CallEvent , C.addTransition(State); } +void CStringChecker::evalGetentropy(CheckerContext , +const CallEvent , CharKind CK) const { +

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -2516,6 +2518,47 @@ void CStringChecker::evalSprintfCommon(CheckerContext , const CallEvent , C.addTransition(State); } +void CStringChecker::evalGetentropy(CheckerContext , +const CallEvent ) const { + DestinationArgExpr Buffer =

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -2515,6 +2518,57 @@ void CStringChecker::evalSprintfCommon(CheckerContext , const CallEvent , C.addTransition(State); } +void CStringChecker::evalGetentropy(CheckerContext , +const CallEvent , CharKind CK) const { +

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -2515,6 +2518,57 @@ void CStringChecker::evalSprintfCommon(CheckerContext , const CallEvent , C.addTransition(State); } +void CStringChecker::evalGetentropy(CheckerContext , +const CallEvent , CharKind CK) const {

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -529,3 +529,42 @@ void nocrash_on_locint_offset(void *addr, void* from, struct S s) { size_t iAdd = (size_t) addr; memcpy(((void *) &(s.f)), from, iAdd); } + +#if defined(__linux__) || defined(__FreeBSD__) || defined(__OpenBSD__) +/* present in both glibc 2.25 and musl

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -165,6 +165,8 @@ class CStringChecker : public Checker< eval::Call, {{CDM::CLibrary, {"explicit_bzero"}, 2}, ::evalBzero}, {{CDM::CLibrary, {"sprintf"}, 2}, ::evalSprintf}, {{CDM::CLibrary, {"snprintf"}, 2}, ::evalSnprintf}, + {{CDM::CLibrary,

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

https://github.com/steakhal requested changes to this pull request. https://github.com/llvm/llvm-project/pull/83675 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

https://github.com/steakhal edited https://github.com/llvm/llvm-project/pull/83675 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

https://github.com/devnexen updated https://github.com/llvm/llvm-project/pull/83675 >From 1b2fec2c9a41be4ad216d7032189f561eed3f751 Mon Sep 17 00:00:00 2001 From: David Carlier Date: Sat, 2 Mar 2024 14:56:15 + Subject: [PATCH 1/2] [clang][StaticAnalyzer] Adding getentropy to

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -2516,6 +2518,47 @@ void CStringChecker::evalSprintfCommon(CheckerContext , const CallEvent , C.addTransition(State); } +void CStringChecker::evalGetentropy(CheckerContext , +const CallEvent ) const { + DestinationArgExpr Buffer =

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

balazske wrote: Currently it looks OK to add `getentropy` to this checker because it is a string related function in a way. Otherwise it looks like that many of the checks (for buffer access, and buffer invalidations) that are implemented in `CStringChecker` could be moved to

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -2516,6 +2518,47 @@ void CStringChecker::evalSprintfCommon(CheckerContext , const CallEvent , C.addTransition(State); } +void CStringChecker::evalGetentropy(CheckerContext , +const CallEvent ) const { + DestinationArgExpr Buffer =

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -2516,6 +2518,47 @@ void CStringChecker::evalSprintfCommon(CheckerContext , const CallEvent , C.addTransition(State); } +void CStringChecker::evalGetentropy(CheckerContext , +const CallEvent ) const { + DestinationArgExpr Buffer =

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -2516,6 +2518,47 @@ void CStringChecker::evalSprintfCommon(CheckerContext , const CallEvent , C.addTransition(State); } +void CStringChecker::evalGetentropy(CheckerContext , +const CallEvent ) const { + DestinationArgExpr Buffer =

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

@@ -2516,6 +2518,47 @@ void CStringChecker::evalSprintfCommon(CheckerContext , const CallEvent , C.addTransition(State); } +void CStringChecker::evalGetentropy(CheckerContext , +const CallEvent ) const { + DestinationArgExpr Buffer =

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

https://github.com/steakhal edited https://github.com/llvm/llvm-project/pull/83675 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

https://github.com/steakhal requested changes to this pull request. Thanks for the PR! At first I was hesitant if this checker is the right place for this API. But actually, it should be fine to have it here. Maybe the stdlibraryfunctionschecker would be a better place in long term, but I

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

https://github.com/devnexen updated https://github.com/llvm/llvm-project/pull/83675 >From 685c7e56c1ce8d2e11c0f9a97f6c4d24f63a05b8 Mon Sep 17 00:00:00 2001 From: David Carlier Date: Sat, 2 Mar 2024 14:56:15 + Subject: [PATCH] [clang][StaticAnalyzer] Adding getentropy to CStringChecker.

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

github-actions[bot] wrote: :warning: C/C++ code formatter, clang-format found issues in your code. :warning: You can test this locally with the following command: ``bash git-clang-format --diff ca827d53c5524409dcca5ade3949b25f38a60fef f9e571bfa3e64d9fb54e965f3c363aef40fa3b80 --

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

llvmbot wrote: @llvm/pr-subscribers-clang Author: David CARLIER (devnexen) Changes since it went way beyond just openbsd, adding basic check for possible misusage. --- Full diff: https://github.com/llvm/llvm-project/pull/83675.diff 1 Files Affected: - (modified)

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

https://github.com/devnexen created https://github.com/llvm/llvm-project/pull/83675 since it went way beyond just openbsd, adding basic check for possible misusage. >From f9e571bfa3e64d9fb54e965f3c363aef40fa3b80 Mon Sep 17 00:00:00 2001 From: David Carlier Date: Sat, 2 Mar 2024 14:56:15 +