This is an archive of the discontinued LLVM Phabricator instance.

[analyzer] Introduce the assume-controlled-environment config option
ClosedPublic

Authored by steakhal on Oct 7 2021, 3:30 AM.

Details

Summary

If the assume-controlled-environment is true, we should expect getenv() to succeed, and the result should not be considered tainted.
By default, the option will be false.

Diff Detail

Event Timeline

steakhal created this revision.Oct 7 2021, 3:30 AM
steakhal requested review of this revision.Oct 7 2021, 3:30 AM
steakhal added inline comments.Oct 7 2021, 3:47 AM
clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp
438

I'm checking this separately.

martong accepted this revision.Oct 12 2021, 8:23 AM

LGTM!

clang/include/clang/StaticAnalyzer/Core/AnalyzerOptions.def
331–337

I think we should explicitly mention getenv here.

This revision is now accepted and ready to land.Oct 12 2021, 8:23 AM
steakhal updated this revision to Diff 379121.Oct 12 2021, 11:22 AM

Mention getenv() in the config help.

steakhal marked an inline comment as done.Oct 12 2021, 11:22 AM
NoQ accepted this revision.Oct 12 2021, 5:03 PM

Aha, yeah, something like that.

Herald added a project: Restricted Project. · View Herald TranscriptOct 13 2021, 1:51 AM
Herald added a subscriber: cfe-commits. · View Herald Transcript