[clang] [clang][analyzer] MmapWriteExecChecker improvements (PR #97078)
Balazs Benics via cfe-commits
cfe-commits at lists.llvm.org
Mon Jul 1 07:01:08 PDT 2024
================
@@ -21,30 +21,55 @@
#include "clang/StaticAnalyzer/Core/PathSensitive/CallDescription.h"
#include "clang/StaticAnalyzer/Core/PathSensitive/CallEvent.h"
#include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"
+#include "clang/StaticAnalyzer/Core/PathSensitive/CheckerHelpers.h"
using namespace clang;
using namespace ento;
namespace {
-class MmapWriteExecChecker : public Checker<check::PreCall> {
+class MmapWriteExecChecker
+ : public Checker<check::BeginFunction, check::PreCall> {
CallDescription MmapFn{CDM::CLibrary, {"mmap"}, 6};
CallDescription MprotectFn{CDM::CLibrary, {"mprotect"}, 3};
- static int ProtWrite;
- static int ProtExec;
- static int ProtRead;
const BugType BT{this, "W^X check fails, Write Exec prot flags set",
"Security"};
+ mutable bool FlagsInitialized = false;
+ mutable int ProtRead = 0x01;
+ mutable int ProtWrite = 0x02;
+ mutable int ProtExec = 0x04;
----------------
steakhal wrote:
Maybe leave here a comment explaining that the macro `PROT_READ` `PROT_WRITE` `PROT_EXEC` will be used if present, otherwise defaults to these initializer values.
https://github.com/llvm/llvm-project/pull/97078
More information about the cfe-commits
mailing list