[LLVMbugs] [Bug 11053] New: Checker should warn against any use of vfork()

bugzilla-daemon at llvm.org bugzilla-daemon at llvm.org
Mon Oct 3 05:24:18 PDT 2011


           Summary: Checker should warn against any use of vfork()
           Product: clang
           Version: trunk
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: enhancement
          Priority: P
         Component: Static Analyzer
        AssignedTo: kremenek at apple.com
        ReportedBy: graham at fuzzyaliens.com
                CC: llvmbugs at cs.uiuc.edu

Created an attachment (id=7391)
 --> (http://llvm.org/bugs/attachment.cgi?id=7391)
Patch adds use of vfork() as a security issue.

According to SEI CERT guideline POS33-C[*], vfork(2) should not be used due to
potential denial of service issues and undefined behaviour across different
implementations. The attached patch adds a check to
experimental.security.SecuritySyntactic to detect and report an issue on use of


Configure bugmail: http://llvm.org/bugs/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the llvm-bugs mailing list