aboutsummaryrefslogtreecommitdiff
path: root/test/Analysis/taint-generic.c
diff options
context:
space:
mode:
Diffstat (limited to 'test/Analysis/taint-generic.c')
-rw-r--r--test/Analysis/taint-generic.c21
1 files changed, 21 insertions, 0 deletions
diff --git a/test/Analysis/taint-generic.c b/test/Analysis/taint-generic.c
index c50f719344..47bdb4e4c9 100644
--- a/test/Analysis/taint-generic.c
+++ b/test/Analysis/taint-generic.c
@@ -148,5 +148,26 @@ void testTaintedBufferSize() {
// If both buffers are trusted, do not issue a warning.
char *dst2 = (char*)malloc(ts*sizeof(char)); // expected-warning {{Tainted data is used to specify the buffer size}}
strncat(dst2, dst, ts); // no-warning
+}
+#define AF_UNIX 1 /* local to host (pipes) */
+#define AF_INET 2 /* internetwork: UDP, TCP, etc. */
+#define AF_LOCAL AF_UNIX /* backward compatibility */
+#define SOCK_STREAM 1
+int socket(int, int, int);
+size_t read(int, void *, size_t);
+int execl(const char *, const char *, ...);
+
+void testSocket() {
+ int sock;
+ char buffer[100];
+
+ sock = socket(AF_INET, SOCK_STREAM, 0);
+ read(sock, buffer, 100);
+ execl(buffer, "filename", 0); // expected-warning {{Tainted data passed to a system call}}
+
+ sock = socket(AF_LOCAL, SOCK_STREAM, 0);
+ read(sock, buffer, 100);
+ execl(buffer, "filename", 0); // no-warning
}
+
generated by cgit v1.2.3-18-g5258 (git 2.32.0) at 2025-07-25 09:16:24 +0000