1 //== GenericTaintChecker.cpp ----------------------------------- -*- C++ -*--=//
31 class GenericTaintChecker : public Checker< check::PostStmt<CallExpr>,
74   typedef ProgramStateRef (GenericTaintChecker::*FnCheck)(const CallExpr *,
174 const unsigned GenericTaintChecker::ReturnValueIndex;
175 const unsigned GenericTaintChecker::InvalidArgIndex;
177 const char GenericTaintChecker::MsgUncontrolledFormatString[] =
181 const char GenericTaintChecker::MsgSanitizeSystemArgs[] =
185 const char GenericTaintChecker::MsgTaintedBufferSize[] =
198 GenericTaintChecker::TaintPropagationRule
199 GenericTaintChecker::TaintPropagationRule::getTaintPropagationRule(
276 void GenericTaintChecker::checkPreStmt(const CallExpr *CE,
286 void GenericTaintChecker::checkPostStmt(const CallExpr *CE,
293 void GenericTaintChecker::addSourcesPre(const CallExpr *CE,
317     .Case("fscanf", &GenericTaintChecker::preFscanf)
328 bool GenericTaintChecker::propagateFromPre(const CallExpr *CE,
369 void GenericTaintChecker::addSourcesPost(const CallExpr *CE,
381     .Case("scanf", &GenericTaintChecker::postScanf)
383     .Case("getchar", &GenericTaintChecker::postRetTaint)
384     .Case("getchar_unlocked", &GenericTaintChecker::postRetTaint)
385     .Case("getenv", &GenericTaintChecker::postRetTaint)
386     .Case("fopen", &GenericTaintChecker::postRetTaint)
387     .Case("fdopen", &GenericTaintChecker::postRetTaint)
388     .Case("freopen", &GenericTaintChecker::postRetTaint)
389     .Case("getch", &GenericTaintChecker::postRetTaint)
390     .Case("wgetch", &GenericTaintChecker::postRetTaint)
391     .Case("socket", &GenericTaintChecker::postSocket)
405 bool GenericTaintChecker::checkPre(const CallExpr *CE, CheckerContext &C) const{
427 SymbolRef GenericTaintChecker::getPointedToSymbol(CheckerContext &C,
446 GenericTaintChecker::TaintPropagationRule::process(const CallExpr *CE,
516 ProgramStateRef GenericTaintChecker::preFscanf(const CallExpr *CE,
535 ProgramStateRef GenericTaintChecker::postSocket(const CallExpr *CE,
551 ProgramStateRef GenericTaintChecker::postScanf(const CallExpr *CE,
569 ProgramStateRef GenericTaintChecker::postRetTaint(const CallExpr *CE,
574 bool GenericTaintChecker::isStdin(const Expr *E, CheckerContext &C) {
636 bool GenericTaintChecker::generateReportIfTainted(const Expr *E,
658 bool GenericTaintChecker::checkUncontrolledFormatString(const CallExpr *CE,
672 bool GenericTaintChecker::checkSystemCall(const CallExpr *CE,
703 bool GenericTaintChecker::checkTaintedBufferSize(const CallExpr *CE,
744   mgr.registerChecker<GenericTaintChecker>();

Indexes created Fri Jul 05 22:58:02 MDT 2024