clang 22.0.0git
Classes | Namespaces | Macros | Functions
GenericTaintChecker.cpp File Reference
#include "Yaml.h"
#include "clang/AST/Attr.h"
#include "clang/StaticAnalyzer/Checkers/BuiltinCheckerRegistration.h"
#include "clang/StaticAnalyzer/Checkers/Taint.h"
#include "clang/StaticAnalyzer/Core/BugReporter/BugType.h"
#include "clang/StaticAnalyzer/Core/Checker.h"
#include "clang/StaticAnalyzer/Core/CheckerManager.h"
#include "clang/StaticAnalyzer/Core/PathSensitive/CallDescription.h"
#include "clang/StaticAnalyzer/Core/PathSensitive/CallEvent.h"
#include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"
#include "clang/StaticAnalyzer/Core/PathSensitive/ProgramStateTrait.h"
#include "llvm/ADT/StringExtras.h"
#include "llvm/ADT/StringRef.h"
#include "llvm/Support/YAMLTraits.h"
#include <limits>
#include <memory>
#include <optional>
#include <utility>
#include <vector>

Go to the source code of this file.

Classes

struct  llvm::yaml::MappingTraits< TaintConfiguration >
struct  llvm::yaml::MappingTraits< TaintConfiguration::Sink >
struct  llvm::yaml::MappingTraits< TaintConfiguration::Filter >
struct  llvm::yaml::MappingTraits< TaintConfiguration::Propagation >
struct  llvm::yaml::ScalarEnumerationTraits< TaintConfiguration::VariadicType >

Namespaces

namespace  llvm
 Diagnostic wrappers for TextAPI types for error reporting.
namespace  llvm::yaml

Macros

#define DEBUG_TYPE   "taint-checker"

Functions

 REGISTER_MAP_WITH_PROGRAMSTATE (TaintArgsOnPostVisit, const LocationContext *, ImmutableSet< ArgIdxTy >) void GenericTaintRuleParser
 A set which is used to pass information from call pre-visit instruction to the call post-visit.
static bool getPrintfFormatArgumentNum (const CallEvent &Call, const CheckerContext &C, ArgIdxTy &ArgNum)
 TODO: remove checking for printf format attributes and socket whitelisting from GenericTaintChecker, and that means the following functions: getPrintfFormatArgumentNum, GenericTaintChecker::checkUncontrolledFormatString, GenericTaintChecker::taintUnsafeSocketProtocol.

Macro Definition Documentation

◆ DEBUG_TYPE

#define DEBUG_TYPE   "taint-checker"

Definition at line 38 of file GenericTaintChecker.cpp.

Function Documentation

◆ getPrintfFormatArgumentNum()

bool getPrintfFormatArgumentNum ( const CallEvent & Call,
const CheckerContext & C,
ArgIdxTy & ArgNum )
static

TODO: remove checking for printf format attributes and socket whitelisting from GenericTaintChecker, and that means the following functions: getPrintfFormatArgumentNum, GenericTaintChecker::checkUncontrolledFormatString, GenericTaintChecker::taintUnsafeSocketProtocol.

Definition at line 1064 of file GenericTaintChecker.cpp.

References clang::C, clang::Call, clang::Decl::getAsFunction(), clang::CXXMethodDecl::isStatic(), and clang::Decl::specific_attrs().

◆ REGISTER_MAP_WITH_PROGRAMSTATE()

REGISTER_MAP_WITH_PROGRAMSTATE ( TaintArgsOnPostVisit ,
const LocationContext * ,
ImmutableSet< ArgIdxTy >  )

A set which is used to pass information from call pre-visit instruction to the call post-visit.

The values are signed integers, which are either ReturnValueIndex, or indexes of the pointer/reference argument, which points to data, which should be tainted on return.

Definition at line 472 of file GenericTaintChecker.cpp.

References clang::ento::CheckerManager::getChecker(), and clang::ento::CheckerManager::reportInvalidCheckerOptionValue().

Generated on for clang by doxygen 1.14.0