[PATCH] D70863: [clangd] Try harder to find a plausible `clang` as argv0, particularly on Mac.

[Sam McCall via Phabricator via cfe-commits]

sammccall planned changes to this revision.
sammccall added a comment.

@kbobyrev tested this and it turns out we also have to set `$SDKROOT`. And we probably want to fix `clang` in compile_commands.json too.

In D70863#1764785 <https://reviews.llvm.org/D70863#1764785>, @ilya-biryukov wrote:

> Another interesting consideration: we choose to ask users to whitelists compilers we might run from `compile_commands.json` that we can.
>  We are in a better position here, since we're not running the binaries based on user input.


Interesting idea. Wouldn't mix it with this patch as the purposes don't overlap much...

- apple clang in practice won't report the required info to the driver query until the next major xcode release I think (with your driver patch)
- the motivating case for this patch is the fallback compile command

> Technically, we could consider using the same mechanism for running `xcrun`. It will probably never be used in practice, though (and we'll have to whitelist some common `xcrun` binaries anyway).

You mean the whitelist? The security risk we were worried about with --query_driver is that compile_commands.json is easily attacker-controlled. The string `xcrun` is fixed, and the attack "put a different xcrun on the user's PATH" requires way more privileges - generally you're owned at that point anyway. I don't think it's worth guarding.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D70863/new/

https://reviews.llvm.org/D70863