[clang] [analyzer] Move security.cert.env.InvalidPtr out of alpha (PR #71912)
via cfe-commits
cfe-commits at lists.llvm.org
Mon Nov 13 05:40:05 PST 2023
================
@@ -755,6 +755,75 @@ security
Security related checkers.
+.. _security-cert-env-InvalidPtr:
+
+security.cert.env.InvalidPtr
+""""""""""""""""""""""""""""""""""
+
+Corresponds to SEI CERT Rules ENV31-C and ENV34-C.
+
+ENV31-C:
+Rule is about the possible problem with `main` function's third argument, environment pointer,
+"envp". When environment array is modified using some modification function
+such as putenv, setenv or others, It may happen that memory is reallocated,
+however "envp" is not updated to reflect the changes and points to old memory
+region.
+
+ENV34-C:
+Some functions return a pointer to a statically allocated buffer.
+Consequently, subsequent call of these functions will invalidate previous
+pointer. These functions include: getenv, localeconv, asctime, setlocale, strerror
----------------
whisperity wrote:
I know you only moved the source of the documentation here, but will these render nicely? Currently the "alpha" version looks like this:
I'm mainly used to Tidy documentation, so take this with a generous pinch of salt, but... Perhaps we should ensure the function names are monospace, that the "header" for `ENV31-C` and `ENV34-C` are more highlighted. Maybe they can be parts of a bulleted list, even, instead of just two separate paragraphs?
https://github.com/llvm/llvm-project/pull/71912
More information about the cfe-commits
mailing list