1bc70c295SPiotr Zegar.. title:: clang-tidy - clang-analyzer-security.SetgidSetuidOrder 2*1cc71197SCongcong Cai.. meta:: 3*1cc71197SCongcong Cai :http-equiv=refresh: 5;URL=https://clang.llvm.org/docs/analyzer/checkers.html#security-setgidsetuidorder-c 4bc70c295SPiotr Zegar 5bc70c295SPiotr Zegarclang-analyzer-security.SetgidSetuidOrder 6bc70c295SPiotr Zegar========================================= 7bc70c295SPiotr Zegar 8602bbf2fSCongcong CaiThe checker checks for sequences of ``setuid(getuid())`` and ``setgid(getgid())`` 9602bbf2fSCongcong Caicalls (in this order). If such a sequence is found and there is no other 10602bbf2fSCongcong Caiprivilege-changing function call (``seteuid``, ``setreuid``, ``setresuid`` and 11602bbf2fSCongcong Caithe GID versions of these) in between, a warning is generated. The checker finds 12602bbf2fSCongcong Caionly exactly ``setuid(getuid())`` calls (and the GID versions), not for example 13602bbf2fSCongcong Caiif the result of ``getuid()`` is stored in a variable. 14bc70c295SPiotr Zegar 15602bbf2fSCongcong CaiThe `clang-analyzer-security.SetgidSetuidOrder` check is an alias, please see 16602bbf2fSCongcong Cai`Clang Static Analyzer Available Checkers 17602bbf2fSCongcong Cai<https://clang.llvm.org/docs/analyzer/checkers.html#security-setgidsetuidorder-c>`_ 18602bbf2fSCongcong Caifor more information. 19