Gitiles
Code Review Sign In
gerrit-public.fairphone.software / toolchain / llvm-project / e93c63d468d36e67cb15d183ecc6b8216c87c138 / . / clang / test / Analysis / vfork.c
blob: da1b5da406657defadf2614032c84939416f0fca [file] [log] [blame]
Dominic Chen184c6242017-03-03 18:02:02 +0000[diff] [blame]1// RUN: %clang_analyze_cc1 -analyzer-checker=core,security.insecureAPI.vfork,unix.Vfork -verify %s
2// RUN: %clang_analyze_cc1 -analyzer-checker=core,security.insecureAPI.vfork,unix.Vfork -verify -x c++ %s
Yury Gribov22b41642015-11-06 11:16:31 +0000[diff] [blame]3
4#include "Inputs/system-header-simulator.h"
5
6void foo();
7
8// Ensure that child process is properly checked.
9int f1(int x) {
10 pid_t pid = vfork(); // expected-warning{{Call to function 'vfork' is insecure}}
11 if (pid != 0)
12 return 0;
13
14 switch (x) {
15 case 0:
16 // Ensure that modifying pid is ok.
17 pid = 1; // no-warning
18 // Ensure that calling whitelisted routines is ok.
19 execl("", "", 0); // no-warning
20 _exit(1); // no-warning
21 break;
22 case 1:
23 // Ensure that writing variables is prohibited.
24 x = 0; // expected-warning{{This assignment is prohibited after a successful vfork}}
25 break;
26 case 2:
27 // Ensure that calling functions is prohibited.
28 foo(); // expected-warning{{This function call is prohibited after a successful vfork}}
29 break;
30 default:
31 // Ensure that returning from function is prohibited.
32 return 0; // expected-warning{{Return is prohibited after a successful vfork; call _exit() instead}}
33 }
34
35 while(1);
36}
37
38// Same as previous but without explicit pid variable.
39int f2(int x) {
40 pid_t pid = vfork(); // expected-warning{{Call to function 'vfork' is insecure}}
41
42 switch (x) {
43 case 0:
44 // Ensure that writing pid is ok.
45 pid = 1; // no-warning
46 // Ensure that calling whitelisted routines is ok.
47 execl("", "", 0); // no-warning
48 _exit(1); // no-warning
49 break;
50 case 1:
51 // Ensure that writing variables is prohibited.
52 x = 0; // expected-warning{{This assignment is prohibited after a successful vfork}}
53 break;
54 case 2:
55 // Ensure that calling functions is prohibited.
56 foo(); // expected-warning{{This function call is prohibited after a successful vfork}}
57 break;
58 default:
59 // Ensure that returning from function is prohibited.
60 return 0; // expected-warning{{Return is prohibited after a successful vfork; call _exit() instead}}
61 }
62
63 while(1);
64}
65
66// Ensure that parent process isn't restricted.
67int f3(int x) {
68 if (vfork() == 0) // expected-warning{{Call to function 'vfork' is insecure}}
69 _exit(1);
70 x = 0; // no-warning
71 foo(); // no-warning
72 return 0;
73} // no-warning
74
75// Unbound pids are special so test them separately.
76void f4(int x) {
77 switch (x) {
78 case 0:
79 vfork(); // expected-warning{{Call to function 'vfork' is insecure}}
80 x = 0; // expected-warning{{This assignment is prohibited after a successful vfork}}
81 break;
82
83 case 1:
84 {
85 char args[2];
86 switch (vfork()) { // expected-warning{{Call to function 'vfork' is insecure}}
87 case 0:
88 args[0] = 0; // expected-warning{{This assignment is prohibited after a successful vfork}}
89 exit(1);
90 }
91 break;
92 }
93
94 case 2:
95 {
96 pid_t pid;
97 if ((pid = vfork()) == 0) // expected-warning{{Call to function 'vfork' is insecure}}
98 while(1); // no-warning
99 break;
100 }
101 }
102 while(1);
103} //no-warning
104
105
106void f5() {
107 // See "libxtables: move some code to avoid cautions in vfork man page"
108 // (http://lists.netfilter.org/pipermail/netfilter-buglog/2014-October/003280.html).
109 if (vfork() == 0) { // expected-warning{{Call to function 'vfork' is insecure}}
110 execl("prog", "arg1", 0); // no-warning
111 exit(1); // expected-warning{{This function call is prohibited after a successful vfork}}
112 }
113}
114