|
Revision tags: llvmorg-7.0.1-rc2, llvmorg-7.0.1-rc1, llvmorg-7.0.0, llvmorg-7.0.0-rc3, llvmorg-7.0.0-rc2, llvmorg-7.0.0-rc1, llvmorg-6.0.1, llvmorg-6.0.1-rc3, llvmorg-6.0.1-rc2, llvmorg-6.0.1-rc1, llvmorg-5.0.2, llvmorg-5.0.2-rc2, llvmorg-5.0.2-rc1 |
|
| #
ce5f2d3d |
| 09-Mar-2018 |
Artem Dergachev <artem.dergachev@gmail.com> |
[analyzer] MmapWriteExecChecker: Add support for mprotect().
mprotect() allows setting memory access flags similarly to mmap(),
causing similar security issues if these flags are needlessly broad.
[analyzer] MmapWriteExecChecker: Add support for mprotect().
mprotect() allows setting memory access flags similarly to mmap(),
causing similar security issues if these flags are needlessly broad.
Patch by David Carlier!
Differential Revision: https://reviews.llvm.org/D44250
llvm-svn: 327098
show more ...
|
|
Revision tags: llvmorg-6.0.0 |
|
| #
4579bad8 |
| 01-Mar-2018 |
Artem Dergachev <artem.dergachev@gmail.com> |
[analyzer] Add a checker for mmap()s which are both writable and executable.
This is a security check that warns when both PROT_WRITE and PROT_EXEC are
set during mmap(). If mmap()ed memory is both
[analyzer] Add a checker for mmap()s which are both writable and executable.
This is a security check that warns when both PROT_WRITE and PROT_EXEC are
set during mmap(). If mmap()ed memory is both writable and executable, it makes
it easier for the attacker to execute arbitrary code when contents of this
memory are compromised. Some applications require such mmap()s though, such as
different sorts of JIT.
Re-applied after a revert in r324167.
Temporarily stays in the alpha package because it needs a better way of
determining macro values that are not immediately available in the AST.
Patch by David Carlier!
Differential Revision: https://reviews.llvm.org/D42645
llvm-svn: 326405
show more ...
|
|
Revision tags: llvmorg-6.0.0-rc3, llvmorg-6.0.0-rc2 |
|
| #
d8b6fbc0 |
| 03-Feb-2018 |
Artem Dergachev <artem.dergachev@gmail.com> |
[analyzer] Add a checker for mmap()s which are both writable and executable.
This is a security check which is disabled by default but will be enabled
whenever the user consciously enables the secur
[analyzer] Add a checker for mmap()s which are both writable and executable.
This is a security check which is disabled by default but will be enabled
whenever the user consciously enables the security package. If mmap()ed memory
is both writable and executable, it makes it easier for the attacker to execute
arbitrary code when contents of this memory are compromised. Some applications
require such mmap()s though, such as different sorts of JIT.
Patch by David Carlier!
Differential Revision: https://reviews.llvm.org/D42645
llvm-svn: 324166
show more ...
|