File: tainted.expect

package info (click to toggle)
splint 3.1.2.dfsg1-1
  • links: PTS, VCS
  • area: main
  • in suites: lenny
  • size: 12,908 kB
  • ctags: 15,816
  • sloc: ansic: 150,306; yacc: 3,463; sh: 3,426; makefile: 2,217; lex: 412
file content (117 lines) | stat: -rw-r--r-- 5,430 bytes parent folder | download | duplicates (8) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
 

tainted.c: (in function f)
tainted.c:5:20: Invalid transfer from tainted s to untainted (Possibly tainted
                   storage used as untainted.): f(..., s, ...)
   tainted.c:3:48: s becomes tainted
   tainted.c:3:74: us becomes untainted
tainted.c: (in function test)
tainted.c:12:18: Invalid transfer from tainted s to untainted (Possibly tainted
                    storage used as untainted.): system(..., s, ...)
   tainted.c:9:34: s becomes tainted
   tainted.xh:26:55: s becomes untainted
tainted.c:17:18: Invalid transfer from tainted t to untainted (Possibly tainted
                    storage used as untainted.): system(..., t, ...)
   tainted.c:15:3: t becomes tainted
   tainted.xh:26:55: s becomes untainted
tainted.c:20:18: Invalid transfer from tainted t to untainted (Possibly tainted
                    storage used as untainted.): system(..., t, ...)
   tainted.c:19:3: t becomes tainted
   tainted.xh:26:55: s becomes untainted

Finished checking --- 4 code warnings, as expected

tainted-bad.mts:18:7: Transfer clause uses unrecognized result state peach:
                         untainted as tainted ==> peach
tainted-bad.mts:14:17: Merge clause uses unrecognized second value junky:
                          tainted X junky ==> error "Splat!"
tainted-bad.mts:11:7: Annotation declaration uses unrecognized value name blue:
                         maybetainted reference ==> blue
tainted-bad.mts:5:21: Defaults declaration uses unrecognized value name
                         stainted: stainted reference
tainted-bad.mts:7:21: Duplicate defaults declaration for context parameter:
                         untainted parameter
tainted.c: (in function f)
tainted.c:5:20: Invalid transfer from tainted s to untainted (Possibly tainted
                   storage used as untainted.): f(..., s, ...)
   tainted.c:3:48: s becomes tainted
   tainted.c:3:74: us becomes untainted
tainted.c: (in function test)
tainted.c:12:18: Invalid transfer from tainted s to untainted (Possibly tainted
                    storage used as untainted.): system(..., s, ...)
   tainted.c:9:34: s becomes tainted
   tainted.xh:26:55: s becomes untainted
tainted.c:17:18: Invalid transfer from tainted t to untainted (Possibly tainted
                    storage used as untainted.): system(..., t, ...)
   tainted.c:15:3: t becomes tainted
   tainted.xh:26:55: s becomes untainted
tainted.c:20:18: Invalid transfer from tainted t to untainted (Possibly tainted
                    storage used as untainted.): system(..., t, ...)
   tainted.c:15:3: t becomes tainted
   tainted.xh:26:55: s becomes untainted

Finished checking --- 9 code warnings, as expected

tainted2.c: (in function test)
tainted2.c:20:10: Invalid transfer from tainted stk to untainted (Possibly
                     tainted storage used as untainted.): return stk
   tainted2.c:17:14: stk becomes tainted
   tainted2.c:4:2: becomes untainted

Finished checking --- 1 code warning, as expected

tainted3.c: (in function test)
tainted3.c:7:19: Invalid transfer from tainted def to untainted (Possibly
    tainted storage used as untainted.): checkUntainted(..., def, ...)
   tainted3.c:4:36: def becomes tainted
   tainted3.c:1:53: def becomes untainted

Finished checking --- 1 code warning, as expected

tainted4.c: (in function test)
tainted4.c:9:19: Invalid transfer from tainted def to untainted (*def):
                    Possibly tainted storage used as untainted.
   tainted4.c:6:36: def becomes tainted

Finished checking --- 1 code warning, as expected

Finished checking --- no warnings

taintedmerge.c: (in function f)
taintedmerge.c:11:18: Invalid transfer from tainted t to untainted (Possibly
    tainted storage used as untainted.): system(..., t, ...)
   taintedmerge.c:10:3: t becomes tainted
   tainted.xh:26:55: s becomes untainted
taintedmerge.c:14:18: Invalid transfer from tainted t to untainted (Possibly
    tainted storage used as untainted.): system(..., t, ...)
   taintedmerge.c:13:3: t becomes tainted
   tainted.xh:26:55: s becomes untainted
taintedmerge.c:16:10: Stack-allocated storage t reachable from return value: t

Finished checking --- 3 code warnings, as expected

taintedimplicit.c: (in function dangerouscall)
taintedimplicit.c:17:18: Invalid transfer from tainted [result of taintme] to
    untainted (Possibly tainted storage used as untainted.):
    system(..., taintme(s), ...)
   taintedimplicit.c:17:18: becomes tainted
   tainted.xh:26:55: s becomes untainted

Finished checking --- 1 code warning, as expected

sprintf.c: (in function sp)
sprintf.c:7:3: Buffer overflow possible with sprintf.  Recommend using snprintf
                  instead: sprintf
sprintf.c:10:3: Buffer overflow possible with sprintf.  Recommend using
                   snprintf instead: sprintf
sprintf.c:11:18: Invalid transfer from tainted s to untainted (Possibly tainted
                    storage used as untainted.): system(..., s, ...)
   sprintf.c:10:37: s becomes tainted
   tainted.xh:26:55: s1 becomes untainted
sprintf.c:13:3: Buffer overflow possible with sprintf.  Recommend using
                   snprintf instead: sprintf
sprintf.c:14:18: Invalid transfer from tainted s to untainted (Possibly tainted
                    storage used as untainted.): system(..., s, ...)
   sprintf.c:13:61: s becomes tainted
   tainted.xh:26:55: s1 becomes untainted

Finished checking --- 5 code warnings, as expected