[cfe-dev] Static Analysis launch checker in context of another checker
Kristóf Umann via cfe-dev
cfe-dev at lists.llvm.org
Wed Sep 2 01:02:08 PDT 2020
The taint propagation toolset GenericTaintChecker wants to make available
to other checkers is just a collection of helper functions/data structures.
For instance, it would make sense if StreamChecker could mark user inout
from fgets() as tainted. Later, when the analyzer would find a read of that
value, GenericTaintChecker could check whether it is a taintes symbol.
The key thing to note here is that these checkers would still work
independently (StreamChecker wouldnt make GenericTaintChecker run), but do
share knowledge with the use of the GDM.
Here is what you want to do: create a header file that contains functions
like this:
ProgramStateRef markTainted(ProgramStateRef State, SVal S) {
// definition should be in the checker file
return State->add<TaintedSymbols>(S);
}
Or something similar, I just wrotr this code to demonstrate what I wanted
to say, didnt check whether this is how it works on the inside :)
On Wed, 2 Sep 2020, 09:23 Thien Tran via cfe-dev, <cfe-dev at lists.llvm.org>
wrote:
> Thank you very much for your response,
>
> I'm reading GenericTaintChecker and in its document "The taint information
> produced by it might be useful to other checkers". I wonder how I can get
> the information from GenericTaintChecker or is it better to add my own
> analysis to it?
>
> ----------------
> Best regards,
> Thien Tran.
>
>
> On Wed, 2 Sep 2020 at 10:06, Gábor Márton <martongabesz at gmail.com> wrote:
>
>> Hi,
>>
>> Checkers which emit bug reports are ought to be independent. So in this
>> sense, no, you cannot "launch" another checker inside the current checker.
>>
>> Hope this helps,
>> Gábor
>>
>> On Tue, 1 Sep 2020, 08:25 Thien Tran via cfe-dev, <cfe-dev at lists.llvm.org>
>> wrote:
>>
>>> Hello all,
>>>
>>> I'm writing a checker to analyze function calls in the body. Please let
>>> me know if we can launch another checker in the context of the current
>>> checker?
>>>
>>> Thank you very much!
>>>
>>> ----------------
>>> Best regards,
>>> Thien Tran.
>>> _______________________________________________
>>> cfe-dev mailing list
>>> cfe-dev at lists.llvm.org
>>> https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
>>>
>> _______________________________________________
> cfe-dev mailing list
> cfe-dev at lists.llvm.org
> https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20200902/fbb53923/attachment-0001.html>
More information about the cfe-dev
mailing list