File: security-syntax-checks.c

package info (click to toggle)
llvm-toolchain-9 1%3A9.0.1-16
  • links: PTS, VCS
  • area: main
  • in suites: bullseye
  • size: 882,436 kB
  • sloc: cpp: 4,167,636; ansic: 714,256; asm: 457,610; python: 155,927; objc: 65,094; sh: 42,856; lisp: 26,908; perl: 7,786; pascal: 7,722; makefile: 6,881; ml: 5,581; awk: 3,648; cs: 2,027; xml: 888; javascript: 381; ruby: 156
file content (20 lines) | stat: -rw-r--r-- 921 bytes parent folder | download | duplicates (15)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
// RUN: %clang_analyze_cc1 %s -verify \
// RUN:   -analyzer-checker=security.insecureAPI
// RUN: %clang_analyze_cc1 %s -verify -std=gnu11 \
// RUN:   -analyzer-checker=security.insecureAPI
// RUN: %clang_analyze_cc1 %s -verify -std=gnu99 \
// RUN:   -analyzer-checker=security.insecureAPI

void builtin_function_call_crash_fixes(char *c) {
  __builtin_strncpy(c, "", 6);
  __builtin_memset(c, '\0', (0));
  __builtin_memcpy(c, c, 0);

#if __STDC_VERSION__ > 199901
  // expected-warning@-5{{Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard.}}
  // expected-warning@-5{{Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard.}}
  // expected-warning@-5{{Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard.}}
#else
  // expected-no-diagnostics
#endif
}