[PATCH] D124659: [analyzer][docs] Document alpha.security.cert.pos.34c limitations
Balázs Benics via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Fri Apr 29 01:07:24 PDT 2022
steakhal created this revision.
steakhal added reviewers: martong, NoQ.
Herald added subscribers: manas, ASDenysPetrov, dkrupp, donat.nagy, Szelethus, mikhail.ramalho, a.sidorin, rnkovacs, szepet, baloghadamsoftware, xazax.hun.
Herald added a project: All.
steakhal requested review of this revision.
Herald added a project: clang.
Herald added a subscriber: cfe-commits.
Repository:
rG LLVM Github Monorepo
https://reviews.llvm.org/D124659
Files:
clang/docs/analyzer/checkers.rst
Index: clang/docs/analyzer/checkers.rst
===================================================================
--- clang/docs/analyzer/checkers.rst
+++ clang/docs/analyzer/checkers.rst
@@ -2268,6 +2268,25 @@
return putenv(env); // putenv function should not be called with auto variables
}
+Limitations:
+
+ - Technically, one can pass automatic variables to ``putenv``,
+ but one needs to ensure that the given environment key stays
+ alive until it's removed or overwritten.
+ Since the analyzer cannot keep track of which envvars get overwritten
+ and when, it needs to be slightly more aggressive and warn for such
+ cases too, leading in some cases to false-positive reports like this:
+
+ .. code-block:: c
+
+ void baz() {
+ char env[] = "NAME=value";
+ putenv(env); // false-positive warning: putenv function should not be called...
+ // More code...
+ putenv((char *)"NAME=anothervalue");
+ // This putenv call overwrites the previous entry, thus that can no longer dangle.
+ } // 'env' array becomes dead only here.
+
alpha.security.cert.env
^^^^^^^^^^^^^^^^^^^^^^^
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D124659.425985.patch
Type: text/x-patch
Size: 1172 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20220429/d7ee43d9/attachment-0001.bin>
More information about the cfe-commits
mailing list