<html>
    <head>
      <base href="https://bugs.llvm.org/">
    </head>
    <body><table border="1" cellspacing="0" cellpadding="8">
        <tr>
          <th>Bug ID</th>
          <td><a class="bz_bug_link 
          bz_status_NEW "
   title="NEW - false positive: VforkChecker::isCallWhitelisted() prohibits IO-related functions, which is wrong."
   href="https://bugs.llvm.org/show_bug.cgi?id=43871">43871</a>
          </td>
        </tr>

        <tr>
          <th>Summary</th>
          <td>false positive: VforkChecker::isCallWhitelisted() prohibits IO-related functions, which is wrong.
          </td>
        </tr>

        <tr>
          <th>Product</th>
          <td>clang
          </td>
        </tr>

        <tr>
          <th>Version</th>
          <td>unspecified
          </td>
        </tr>

        <tr>
          <th>Hardware</th>
          <td>PC
          </td>
        </tr>

        <tr>
          <th>OS</th>
          <td>Linux
          </td>
        </tr>

        <tr>
          <th>Status</th>
          <td>NEW
          </td>
        </tr>

        <tr>
          <th>Severity</th>
          <td>enhancement
          </td>
        </tr>

        <tr>
          <th>Priority</th>
          <td>P
          </td>
        </tr>

        <tr>
          <th>Component</th>
          <td>Static Analyzer
          </td>
        </tr>

        <tr>
          <th>Assignee</th>
          <td>dcoughlin@apple.com
          </td>
        </tr>

        <tr>
          <th>Reporter</th>
          <td>shyouhei@ruby-lang.org
          </td>
        </tr>

        <tr>
          <th>CC</th>
          <td>dcoughlin@apple.com, llvm-bugs@lists.llvm.org
          </td>
        </tr></table>
      <p>
        <div>
        <pre>Created <span class=""><a href="attachment.cgi?id=22757" name="attach_22757" title="reproduction code">attachment 22757</a> <a href="attachment.cgi?id=22757&action=edit" title="reproduction code">[details]</a></span>
reproduction code

zsh % cat tmp.c
#include <sys/types.h>
#include <unistd.h>

void
test(void)
{
    pid_t p = vfork();
    if (p == 0) {
        close(STDIN_FILENO);
        execl("/bin/sh", "/bin/sh", 0);
    }
}
zsh % scan-build-10 clang-10 -c tmp.c
scan-build: Using '/usr/lib/llvm-10/bin/clang' for static analysis
tmp.c:7:15: warning: Call to function 'vfork' is insecure as it can lead to
denial of service situations in the parent process. Replace calls to vfork with
calls to the safer 'posix_spawn' function
    pid_t p = vfork();
              ^~~~~
tmp.c:9:9: warning: This function call is prohibited after a successful vfork
        close(STDIN_FILENO);
        ^~~~~~~~~~~~~~~~~~~
2 warnings generated.
scan-build: 2 bugs found.
scan-build: Run 'scan-view /tmp/scan-build-2019-11-01-104537-23752-1' to
examine bug reports.
zsh %  


This warning #2 is wrong.  AFAIK there has never been any operating system
which prohibits closing file descriptor after a successful vfork.  A file
descriptor is an in-kernel resource thus not shared among vfork parent/child.</pre>
        </div>
      </p>


      <hr>
      <span>You are receiving this mail because:</span>

      <ul>
          <li>You are on the CC list for the bug.</li>
      </ul>
    </body>
</html>