[clang] [clang][analyzer] Add checker 'security.SetgidSetuidOrder'. (PR #91445)
Balazs Benics via cfe-commits
cfe-commits at lists.llvm.org
Mon May 13 05:43:30 PDT 2024
=?utf-8?q?Balázs_Kéri?= <balazs.keri at ericsson.com>,
=?utf-8?q?Balázs_Kéri?= <balazs.keri at ericsson.com>,
=?utf-8?q?Balázs_Kéri?= <balazs.keri at ericsson.com>,
=?utf-8?q?Balázs_Kéri?= <balazs.keri at ericsson.com>
Message-ID:
In-Reply-To: <llvm.org/llvm/llvm-project/pull/91445 at github.com>
================
@@ -1179,6 +1179,34 @@ security.insecureAPI.DeprecatedOrUnsafeBufferHandling (C)
strncpy(buf, "a", 1); // warn
}
+security.SetgidSetuidOrder (C)
+""""""""""""""""""""""""""""""
----------------
steakhal wrote:
Give that the [`alpha.unix.chroot`](https://clang.llvm.org/docs/analyzer/checkers.html#alpha-unix-chroot-c) checker does something similar, I wonder if this checker should share the same parent package with that one to aid discoverability.
WDYT?
https://github.com/llvm/llvm-project/pull/91445
More information about the cfe-commits
mailing list