[analyzer] Warn about the use of insecure, deprecated vfork() function PR11053 (http://llvm.org/bugs/show_bug.cgi?id=11053).

A patch by Graham Lee! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@141643 91177308-0d34-0410-b5e6-96231b3b80d8
author: Anna Zaks <ganna@apple.com> 2011-10-11 04:34:54 +0000
committer: Anna Zaks <ganna@apple.com> 2011-10-11 04:34:54 +0000
commit: a7957ff18c2480cb46081311067b61eb47023355 (patch)
tree: a7d014ceacfb3db08aee287d5ea119193b3710a4 /lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp
parent: dd4a889f6a5b05f0061d63af8136ebd70d132c65 (diff)
1 files changed, 22 insertions, 0 deletions
diff --git a/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp b/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp
index 1d69e6b3ff..20c045fe6b 100644
--- a/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp
+++ b/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp
@@ -70,6 +70,7 @@ public:
   void checkCall_strcat(const CallExpr *CE, const FunctionDecl *FD);
   void checkCall_rand(const CallExpr *CE, const FunctionDecl *FD);
   void checkCall_random(const CallExpr *CE, const FunctionDecl *FD);
+  void checkCall_vfork(const CallExpr *CE, const FunctionDecl *FD);
   void checkUncheckedReturnValue(CallExpr *CE);
 };
 } // end anonymous namespace
@@ -116,6 +117,7 @@ void WalkAST::VisitCallExpr(CallExpr *CE) {
     .Case("rand", &WalkAST::checkCall_rand)
     .Case("rand_r", &WalkAST::checkCall_rand)
     .Case("random", &WalkAST::checkCall_random)
+    .Case("vfork", &WalkAST::checkCall_vfork)
     .Default(NULL);
 
   // If the callee isn't defined, it is not of security concern.
@@ -519,6 +521,26 @@ void WalkAST::checkCall_random(const CallExpr *CE, const FunctionDecl *FD) {
 }
 
 //===----------------------------------------------------------------------===//
+// Check: 'vfork' should not be used.
+// POS33-C: Do not use vfork().
+//===----------------------------------------------------------------------===//
+
+void WalkAST::checkCall_vfork(const CallExpr *CE, const FunctionDecl *FD) {
+  // All calls to vfork() are insecure, issue a warning.
+  SourceRange R = CE->getCallee()->getSourceRange();
+  PathDiagnosticLocation CELoc =
+    PathDiagnosticLocation::createBegin(CE, BR.getSourceManager(), AC);
+  BR.EmitBasicReport("Potential insecure implementation-specific behavior in "
+                     "call 'vfork'",
+                     "Security",
+                     "Call to function 'vfork' is insecure as it can lead to "
+                     "denial of service situations in the parent process. "
+                     "Replace calls to vfork with calls to the safer "
+                     "'posix_spawn' function",
+                     CELoc, &R, 1);
+}
+
+//===----------------------------------------------------------------------===//
 // Check: Should check whether privileges are dropped successfully.
 // Originally: <rdar://problem/6337132>
 //===----------------------------------------------------------------------===//
author	Anna Zaks <ganna@apple.com>	2011-10-11 04:34:54 +0000
committer	Anna Zaks <ganna@apple.com>	2011-10-11 04:34:54 +0000
commit	a7957ff18c2480cb46081311067b61eb47023355 (patch)
tree	a7d014ceacfb3db08aee287d5ea119193b3710a4 /lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp
parent	dd4a889f6a5b05f0061d63af8136ebd70d132c65 (diff)