clang  15.0.0git
Classes | Namespaces | Macros | Functions
GenericTaintChecker.cpp File Reference
#include "Yaml.h"
#include "clang/AST/Attr.h"
#include "clang/Basic/Builtins.h"
#include "clang/StaticAnalyzer/Checkers/BuiltinCheckerRegistration.h"
#include "clang/StaticAnalyzer/Checkers/Taint.h"
#include "clang/StaticAnalyzer/Core/BugReporter/BugType.h"
#include "clang/StaticAnalyzer/Core/Checker.h"
#include "clang/StaticAnalyzer/Core/CheckerManager.h"
#include "clang/StaticAnalyzer/Core/PathSensitive/CallDescription.h"
#include "clang/StaticAnalyzer/Core/PathSensitive/CallEvent.h"
#include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"
#include "clang/StaticAnalyzer/Core/PathSensitive/ProgramStateTrait.h"
#include "llvm/Support/YAMLTraits.h"
#include <limits>
#include <memory>
#include <utility>
Include dependency graph for GenericTaintChecker.cpp:

Go to the source code of this file.

Classes

struct  llvm::yaml::MappingTraits< TaintConfiguration >
 
struct  llvm::yaml::MappingTraits< TaintConfiguration::Sink >
 
struct  llvm::yaml::MappingTraits< TaintConfiguration::Filter >
 
struct  llvm::yaml::MappingTraits< TaintConfiguration::Propagation >
 
struct  llvm::yaml::ScalarEnumerationTraits< TaintConfiguration::VariadicType >
 

Namespaces

 llvm
 YAML serialization mapping.
 
 llvm::yaml
 

Macros

#define DEBUG_TYPE   "taint-checker"
 

Functions

 REGISTER_MAP_WITH_PROGRAMSTATE (TaintArgsOnPostVisit, const LocationContext *, ImmutableSet< ArgIdxTy >) void GenericTaintRuleParser
 A set which is used to pass information from call pre-visit instruction to the call post-visit. More...
 
static bool getPrintfFormatArgumentNum (const CallEvent &Call, const CheckerContext &C, ArgIdxTy &ArgNum)
 TODO: remove checking for printf format attributes and socket whitelisting from GenericTaintChecker, and that means the following functions: getPrintfFormatArgumentNum, GenericTaintChecker::checkUncontrolledFormatString, GenericTaintChecker::taintUnsafeSocketProtocol. More...
 

Macro Definition Documentation

◆ DEBUG_TYPE

#define DEBUG_TYPE   "taint-checker"

Definition at line 35 of file GenericTaintChecker.cpp.

Function Documentation

◆ getPrintfFormatArgumentNum()

static bool getPrintfFormatArgumentNum ( const CallEvent &  Call,
const CheckerContext &  C,
ArgIdxTy &  ArgNum 
)
static

TODO: remove checking for printf format attributes and socket whitelisting from GenericTaintChecker, and that means the following functions: getPrintfFormatArgumentNum, GenericTaintChecker::checkUncontrolledFormatString, GenericTaintChecker::taintUnsafeSocketProtocol.

Definition at line 924 of file GenericTaintChecker.cpp.

References clang::Decl::getAsFunction(), and clang::Decl::specific_attrs().

◆ REGISTER_MAP_WITH_PROGRAMSTATE()

REGISTER_MAP_WITH_PROGRAMSTATE ( TaintArgsOnPostVisit  ,
const LocationContext ,
ImmutableSet< ArgIdxTy >   
)

A set which is used to pass information from call pre-visit instruction to the call post-visit.

The values are signed integers, which are either ReturnValueIndex, or indexes of the pointer/reference argument, which points to data, which should be tainted on return.

Definition at line 423 of file GenericTaintChecker.cpp.