[clang] [analyzer] Modernize, improve and promote chroot checker (PR #117791)
Balazs Benics via cfe-commits
cfe-commits at lists.llvm.org
Wed Nov 27 01:29:46 PST 2024
================
@@ -121,17 +183,40 @@ void ChrootChecker::checkPreCall(const CallEvent &Call,
return;
// If jail state is ROOT_CHANGED, generate BugReport.
- void *const* k = C.getState()->FindGDM(ChrootChecker::getTag());
- if (k)
- if (isRootChanged((intptr_t) *k))
- if (ExplodedNode *N = C.generateNonFatalErrorNode()) {
- constexpr llvm::StringLiteral Msg =
- "No call of chdir(\"/\") immediately after chroot";
- C.emitReport(
- std::make_unique<PathSensitiveBugReport>(BT_BreakJail, Msg, N));
- }
+ const ChrootKind k = C.getState()->get<ChrootState>();
+ if (k == ROOT_CHANGED) {
+ ExplodedNode *Err =
+ C.generateNonFatalErrorNode(C.getState(), C.getPredecessor());
+ if (!Err)
+ return;
+ const Expr *ChrootExpr = C.getState()->get<ChrootCall>();
+
+ const ExplodedNode *ChrootCallNode = getAcquisitionSite(Err, C);
+ assert(ChrootCallNode && "Could not find place of stream opening.");
+
+ PathDiagnosticLocation LocUsedForUniqueing;
+ if (const Stmt *ChrootStmt = ChrootCallNode->getStmtForDiagnostics())
+ LocUsedForUniqueing = PathDiagnosticLocation::createBegin(
+ ChrootStmt, C.getSourceManager(),
+ ChrootCallNode->getLocationContext());
+
+ std::unique_ptr<PathSensitiveBugReport> R =
+ std::make_unique<PathSensitiveBugReport>(
+ BT_BreakJail, "No call of chdir(\"/\") immediately after chroot",
+ Err, LocUsedForUniqueing,
+ ChrootCallNode->getLocationContext()->getDecl());
+
+ R->addNote("chroot called here",
+ PathDiagnosticLocation::create(ChrootCallNode->getLocation(),
+ C.getSourceManager()),
+ {ChrootExpr->getSourceRange()});
----------------
steakhal wrote:
Yes, I think you wanted to use a BugReportVisitor instead of this.
https://github.com/llvm/llvm-project/pull/117791
More information about the cfe-commits
mailing list