History log of /external/clang/test/Analysis/taint-tester.c
Revision Date Author Comments (<<< Hide modified files) (Show modified files >>>)
9a0b3c2f7c440c53b65bd1b085a7471d9f7ed490 15-Apr-2013 Jordan Rose <jordan_rose@apple.com> [analyzer] Tests: move system functions into system header simulator files.

Some checkers ascribe different behavior to functions declared in system
headers, so when working with standard library functions it's probably best
to always have them in a standard location.

Test change only (no functionality change), but necessary for the next commit.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@179552 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/taint-tester.c
9b29f4fe3d0600edf6ba00d48f2d4f2b1984f247 16-Oct-2012 David Blaikie <dblaikie@gmail.com> Implement GCC's -Wint-to-pointer-cast.

This implementation doesn't warn on anything that GCC doesn't warn on with the
exception of templates specializations (GCC doesn't warn, Clang does). The
specific skipped cases (boolean, constant expressions, enums) are open for
debate/adjustment if anyone wants to demonstrate that GCC is being overly
conservative here. The only really obvious false positive I found was in the
Clang regression suite's MPI test - apparently MPI uses specific flag values in
pointer constants. (eg: #define FOO (void*)~0)

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@166039 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/taint-tester.c
cdc3a89d5de90b2299c56f4a46c3de590c5184d1 24-Aug-2012 Ted Kremenek <kremenek@apple.com> Fix analyzer tests.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162588 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/taint-tester.c
4213e389d6f8fa96ab30eec0d932e4e3eee32997 08-May-2012 Ted Kremenek <kremenek@apple.com> Having RegionStore lower field bindings to raw offsets, just like ElementRegions. This is a bit
disruptive, but it allows RegionStore to better "see" through casts that reinterpret arrays of values
as structs. Fixes <rdar://problem/11405978>.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156428 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/taint-tester.c
b9ac30cf9ec001fd0d63ffc44289a333a21e691d 24-Jan-2012 Anna Zaks <ganna@apple.com> [analyzer] Add more C taint sources/sinks.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@148844 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/taint-tester.c
273c3a3a3f009e26349ad9dfe67eaaa12db43af4 05-Jan-2012 Anna Zaks <ganna@apple.com> [analyzer] Add another tests to taint tester.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147570 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/taint-tester.c
2cbe791d3e9b26f30196c4852da75d9ad67b4ad9 20-Dec-2011 Anna Zaks <ganna@apple.com> [analyzer] Do not invalidate arguments when the parameter's
type is a pointer to const. (radar://10595327)

The regions corresponding to the pointer and reference arguments to
a function get invalidated by the calls since a function call can
possibly modify the pointed to data. With this change, we are not going
to invalidate the data if the argument is a pointer to const. This
change makes the analyzer more optimistic in reporting errors.
(Support for C, C++ and Obj C)

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147002 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/taint-tester.c
5238474707de2c9a08465429bbb083be15b8e81a 17-Dec-2011 Anna Zaks <ganna@apple.com> [analyzer] Fixup for r146793. Add tests for atol and atoll.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@146794 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/taint-tester.c
9ffbe243cca46082b4a59b5c3be454ab0c455378 17-Dec-2011 Anna Zaks <ganna@apple.com> [analyzer] Add support for taint flowing through a function (atoi).

Check if the input parameters are tainted (or point to tainted data) on
a checkPreStmt<CallExpr>. If the output should be tainted, record it in
the state. On post visit (checkPostStmt<CallExpr>), use the state to
make decisions (in addition to the existing logic). Use this logic for
atoi and fscanf.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@146793 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/taint-tester.c
d3d8548e75f3fb6db53ed0927c1df30d78f4ce1d 16-Dec-2011 Anna Zaks <ganna@apple.com> [analyzer] Better stdin support.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@146748 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/taint-tester.c
2135ebb83179ee87910afdebc1bc091e17a7d1eb 15-Dec-2011 Anna Zaks <ganna@apple.com> Add support for matching one or more (aka regex +) diagnostic messages with -verify.

Ex:
// expected-warning + {{tainted}

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@146633 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/taint-tester.c
557a3829ebe0e36785b9a7679dc19dc67dbc7639 15-Dec-2011 Anna Zaks <ganna@apple.com> [analyzer] Ensure that the order in which checker callbacks are called
is deterministic.

Non-determinism was the reason for the test which caused the earlier
buildbot failures, so re-enable the test.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@146628 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/taint-tester.c
99295233aef6a73c7fa20d6442f05222b2cb7116 14-Dec-2011 Anna Zaks <ganna@apple.com> [analyzer] Disable verification step on the failing test.

I need to keep the test itself in the repository since it's the only way I can currently reproduce the issue.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@146582 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/taint-tester.c
86277c5cd80d4f5911945fa207062aa9a44db8ff 14-Dec-2011 Anna Zaks <ganna@apple.com> [analyzer] Re-enable the test which was failing on one of the bots.

I cannot reproduce the failures neither on my machine nor on the same buildbot machine (with the clang binary built on it). Let's see if it fails again..

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@146574 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/taint-tester.c
f512560e06185f99b156e1a269d7297658768881 14-Dec-2011 Anna Zaks <ganna@apple.com> [analyzer] Revert the taint test, which is failing on one of the bots for time being.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@146541 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/taint-tester.c
efd6989f4644c8460854606e085fc69535054058 14-Dec-2011 Anna Zaks <ganna@apple.com> [analyzer] Treat stdin as a source of taint.

Some of the test cases do not currently work because the analyzer core
does not seem to call checkers for pre/post DeclRefExpr visits.
(Opened radar://10573500. To be fixed later on.)

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@146536 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/taint-tester.c
1009ac715501a4fa1951d94722dcbe6ab30068f8 14-Dec-2011 Anna Zaks <ganna@apple.com> [analyzer] Mark output of fscanf and fopen as tainted.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@146533 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/taint-tester.c
e55a22b917327651178ddea36b3615f579681eea 14-Dec-2011 Anna Zaks <ganna@apple.com> [analyzer] Mark getenv output as tainted.

Also, allow adding taint to a region (not only a symbolic value).

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@146532 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/taint-tester.c
6fcd932dfd6835f70cc00d6f7c6789793f6d7b66 10-Dec-2011 Hans Wennborg <hans@hanshq.net> Check that arguments to a scanf call match the format specifier,
and offer fixits when there is a mismatch.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@146326 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/taint-tester.c
432a4558b8161c362efc319f8a38e074e74da201 09-Dec-2011 Anna Zaks <ganna@apple.com> [analyzer] Fix inconsistency on when SValBuilder assumes that 2
types are equivalent.

+ A taint test which tests bitwise operations and which was
triggering an assertion due to presence of the integer to integer cast.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@146240 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/taint-tester.c
5fc7def35ee858791e591d005b4ae343632ca931 08-Dec-2011 Anna Zaks <ganna@apple.com> [analyzer] If memory region is tainted mark data as tainted.
+ random comments

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@146199 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/taint-tester.c
dcf06fa1fbb9c018e152629ef3f3fa7b1acffe7a 07-Dec-2011 Anna Zaks <ganna@apple.com> [analyzer] Propagate taint through MemRegions.
SVal can be not only a symbol, but a MemRegion. Add support for such
cases.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@146006 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/taint-tester.c
aace9ef279be3dadd53b481aee568bd7701178b4 07-Dec-2011 Anna Zaks <ganna@apple.com> [analyzer] Propagate taint through NonLoc to NonLoc casts.

- Created a new SymExpr type - SymbolCast.
- SymbolCast is created when we don't know how to simplify a NonLoc to
NonLoc casts.
- A bit of code refactoring: introduced dispatchCast to have better
code reuse, remove a goto.
- Updated the test case to showcase the new taint flow.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@145985 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/taint-tester.c
447375500b03f208ebac7303364106c530e2a9b3 05-Dec-2011 Anna Zaks <ganna@apple.com> [analyzer] Simplify the expected-warning statement.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@145855 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/taint-tester.c
bea728b0f49fcb7fef74d34bfe7d19db4f09075b 05-Dec-2011 Anna Zaks <ganna@apple.com> [analyzer] Add a missing taint tester warning.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@145834 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/taint-tester.c
a50b7ab5af79690855af68f1fff7897291ba9535 05-Dec-2011 Anna Zaks <ganna@apple.com> [analyzer] Add a debug checker to test for tainted data.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@145827 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/taint-tester.c