clang/test/Analysis/security-syntax-checks.c

   1 // RUN: %clang_analyze_cc1 %s -verify \
   2 // RUN:   -analyzer-checker=security.insecureAPI
   3 // RUN: %clang_analyze_cc1 %s -verify -std=gnu11 \
   4 // RUN:   -analyzer-checker=security.insecureAPI
   5 // RUN: %clang_analyze_cc1 %s -verify -std=gnu99 \
   6 // RUN:   -analyzer-checker=security.insecureAPI
   7
   8 #include "Inputs/system-header-simulator.h"
   9
  10 extern FILE *fp;
  11 extern char buf[128];
  12
  13 void builtin_function_call_crash_fixes(char *c) {
  14   __builtin_strncpy(c, "", 6);
  15   __builtin_memset(c, '\0', (0));
  16   __builtin_memcpy(c, c, 0);
  17   __builtin_sprintf(buf, "%s", c);
  18   __builtin_fprintf(fp, "%s", c);
  19
  20 #if __STDC_VERSION__ > 199901
  21   // expected-warning@-7{{Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard.}}
  22   // expected-warning@-7{{Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard.}}
  23   // expected-warning@-7{{Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard.}}
  24   // expected-warning@-7{{Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard.}}
  25   // expected-warning@-7{{Call to function 'fprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard.}}
  26 #else
  27   // expected-no-diagnostics
  28 #endif
  29 }