Skip to content

Commit 3d6c80d

Browse files
dkruppdkrupp
committed
fixup!
1 parent 88f226f commit 3d6c80d

File tree

1 file changed

+7
-16
lines changed

1 file changed

+7
-16
lines changed

clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp

Lines changed: 7 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -291,14 +291,6 @@ class GenericTaintRule {
291291
return {{}, {}, std::move(SrcArgs), std::move(DstArgs)};
292292
}
293293

294-
/// Make a rule that taints all PropDstArgs if any of PropSrcArgs is tainted.
295-
static GenericTaintRule
296-
SinkProp(ArgSet &&SinkArgs, ArgSet &&SrcArgs, ArgSet &&DstArgs,
297-
std::optional<StringRef> Msg = std::nullopt) {
298-
return {
299-
std::move(SinkArgs), {}, std::move(SrcArgs), std::move(DstArgs), Msg};
300-
}
301-
302294
/// Process a function which could either be a taint source, a taint sink, a
303295
/// taint filter or a taint propagator.
304296
void process(const GenericTaintChecker &Checker, const CallEvent &Call,
@@ -741,8 +733,7 @@ void GenericTaintChecker::initTaintRules(CheckerContext &C) const {
741733
TR::Prop({{1, 2}}, {{0, ReturnValueIndex}})},
742734
{{CDF_MaybeBuiltin, {BI.getName(Builtin::BIstrndup)}},
743735
TR::Prop({{0, 1}}, {{ReturnValueIndex}})},
744-
{{CDF_MaybeBuiltin, {"bcopy"}},
745-
TR::Prop({{0, 2}}, {{1}})},
736+
{{CDF_MaybeBuiltin, {"bcopy"}}, TR::Prop({{0, 2}}, {{1}})},
746737

747738
// Sinks
748739
{{{"system"}}, TR::Sink({{0}}, MsgSanitizeSystemArgs)},
@@ -756,15 +747,15 @@ void GenericTaintChecker::initTaintRules(CheckerContext &C) const {
756747
{{{"execvp"}}, TR::Sink({{0, 1}}, MsgSanitizeSystemArgs)},
757748
{{{"execvpe"}}, TR::Sink({{0, 1, 2}}, MsgSanitizeSystemArgs)},
758749
{{{"dlopen"}}, TR::Sink({{0}}, MsgSanitizeSystemArgs)},
759-
// malloc, calloc, alloca, realloc, memccpy
760-
// are intentionally not marked as taint sinks because unconditional
761-
// reporting for these functions generates many false positives.
762-
// These taint sinks should be implemented in other checkers with more
763-
// sophisticated sanitation heuristics.
750+
// malloc, calloc, alloca, realloc, memccpy
751+
// are intentionally not marked as taint sinks because unconditional
752+
// reporting for these functions generates many false positives.
753+
// These taint sinks should be implemented in other checkers with more
754+
// sophisticated sanitation heuristics.
764755
{{{{"setproctitle"}}}, TR::Sink({{0}, 1}, MsgUncontrolledFormatString)},
765756
{{{{"setproctitle_fast"}}},
766757
TR::Sink({{0}, 1}, MsgUncontrolledFormatString)},
767-
};
758+
};
768759

769760
// `getenv` returns taint only in untrusted environments.
770761
if (TR::UntrustedEnv(C)) {

0 commit comments

Comments
 (0)