[PATCH] D33304: [clang-tidy] Add a new module Android and a new check for file descriptors.
Yan Wang via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Wed May 17 17:18:49 PDT 2017
yawanng created this revision.
yawanng added a project: clang-tools-extra.
Herald added subscribers: krytarowski, xazax.hun, mgorny, srhines.
A common source of security bugs has been code that opens file descriptors without using the O_CLOEXEC flag. (Without that flag, an opened sensitive file would remain open across a fork+exec to a lower-privileged SELinux domain, leaking that sensitive data.).
open(), openat(), and open64() must include O_CLOEXEC in their flags argument.
https://reviews.llvm.org/D33304
Files:
clang-tidy/CMakeLists.txt
clang-tidy/android/AndroidTidyModule.cpp
clang-tidy/android/CMakeLists.txt
clang-tidy/android/FileDescriptorCheck.cpp
clang-tidy/android/FileDescriptorCheck.h
clang-tidy/plugin/CMakeLists.txt
clang-tidy/tool/CMakeLists.txt
clang-tidy/tool/ClangTidyMain.cpp
unittests/clang-tidy/CMakeLists.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D33304.99370.patch
Type: text/x-patch
Size: 10028 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20170518/622bb242/attachment.bin>
More information about the cfe-commits
mailing list