[PATCH] D42645: New simple Checker for mmap calls
Jonathan Roelofs via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Mon Feb 5 06:57:58 PST 2018
jroelofs added inline comments.
================
Comment at: include/clang/StaticAnalyzer/Checkers/Checkers.td:399
+ def MmapWriteExecChecker : Checker<"MmapWriteExec">,
+ HelpText<"Check if mmap() call is not both writable and executable">,
+ DescFile<"MmapWriteExecChecker.cpp">;
----------------
I'd reword as:
"Warn on mmap() calls that are both writeable and executable"
================
Comment at: lib/StaticAnalyzer/Checkers/MmapWriteExecChecker.cpp:64
+ auto Report = llvm::make_unique<BugReport>(
+ *BT, "Both PROT_WRITE and PROT_EXEC flags had been set. It can "
+ "lead to exploitable memory regions, overwritten with malicious code"
----------------
The general style of diagnostics is to write everything in the present tense. Talk about how the code is, as the compiler saw it, not how it was.
I'd reword it as:
"Both PROT_WRITE and PROT_EXEC are set. This can lead to exploitable memory regions, which could be overwritten with malicious code"
Repository:
rC Clang
https://reviews.llvm.org/D42645
More information about the cfe-commits
mailing list