[cfe-dev] A patch for chroot checker
Zhongxing Xu
xuzhongxing at gmail.com
Wed Sep 15 19:25:16 PDT 2010
Hi Lei,
Instead of introducing new symbols, how about use enums to represent the
type state?
For example, we could use the following states:
NO_CHROOT, ROOT_CHANGED, JAIL_ENTERED, JAIL_BROKEN
NO_CHROOT ---chroot(foo)--> ROOT_CHANGED ---chdir(/)--> JAIL_ENTERED
|
------chdir('..')--> JAIL_BROKEN
These states are stored directly in the GDM and operated by the
ChrootChecker. Is this sufficient for checking this?
On Tue, Sep 14, 2010 at 4:09 PM, 章磊 <ioripolo at gmail.com> wrote:
> hi, clang
>
> This patch try to check improper use of chroot.
>
> In order to implement this checker, i add a subclass (SymbolEnv) of
> SymbolData to represent some environment variables. Now it contains only one
> kind of environment variables(JailKind).Then adds several states to the Jail
> Symbol.
>
> This is an experimental checker, and i don't know it is the right way to do
> this stuff.
>
> I'll appreciate it if there are any advice about this patch.
>
>
>
> --
> Best regards!
>
> Lei Zhang
>
> _______________________________________________
> cfe-dev mailing list
> cfe-dev at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20100916/bc20a39a/attachment-0001.html>
More information about the cfe-dev
mailing list