[clang] [clang][analyzer] Change default value of checker option in unix.StdCLibraryFunctions. (PR #80457)

[via cfe-commits]

NagyDonat wrote:

> > * a [straightforward leak of a string returned by `strdup()`](https://codechecker-demo.eastus.cloudapp.azure.com/Default/report-detail?run=postgres_REL_13_0_modelposix_defaulton&newcheck=postgres_REL_13_0_modelposix_defaultoff&is-unique=on&diff-type=New&report-id=3467892&report-hash=9278b17f14a2612356e847d5ef5426a0&report-filepath=%2aexec.c) is lost and I don't know why. Perhaps turn this into an unit test to examine what happens?
> 
> This may happen because the "controlled environment" analyzer option may be set to `true` (but I did not check it). Without `ModelPOSIX` the `getenv` call can fail or not (it is not modeled), but with `ModelPOSIX` it is modeled by the checker and it is assumed that it can not fail (environment variable exists always). In this case the branch with `strdup` is not executed at all. Additionally this is maybe not a true positive. The string is passed to `putenv` and probably should not be freed by the program.

You're right that the string passed to `putenv` should not be freed, so this was a false positive. Let's just ignore the disappearance of this report, investigating it provides negligible benefits but could be difficult.

> Because the many cases with `fileno` I can agree to change the summary so we assume that it never fails.

Thanks, that would be a good way forward. Ping me if you have a commit for changing the summary, I'll review it quickly.

> Probably an other checker may find a case if the passed file handle is invalid because it was not initialized, or the file was already closed (`StreamChecker` should find this).

Good idea, that would be very nice as a separate longer-term solution :)

https://github.com/llvm/llvm-project/pull/80457