mirrors/llvm-project
0
0
Fork 0
mirror of https://github.com/llvm/llvm-project.git synced 2025-04-25 00:26:06 +00:00
Code Issues Projects Releases Wiki Activity
llvm-project/clang/test/Sema/warn-alloca.c
Marco Elver 732ad8ea62 [clang][auto-init] Provide __builtin_alloca*_uninitialized variants 
When `-ftrivial-auto-var-init=` is enabled, allocas unconditionally
receive auto-initialization since [1].

In certain cases, it turns out, this is causing problems. For example,
when using alloca to add a random stack offset, as the Linux kernel does
on syscall entry [2]. In this case, none of the alloca'd stack memory is
ever used, and initializing it should be controllable; furthermore, it
is not always possible to safely call memset (see [2]).

Introduce `__builtin_alloca_uninitialized()` (and
`__builtin_alloca_with_align_uninitialized`), which never performs
initialization when `-ftrivial-auto-var-init=` is enabled.

[1] https://reviews.llvm.org/D60548
[2] https://lkml.kernel.org/r/YbHTKUjEejZCLyhX@elver.google.com

Reviewed By: glider

Differential Revision: https://reviews.llvm.org/D115440
2022-01-12 15:13:10 +01:00

35 lines
1.3 KiB
C
Raw Blame History

// RUN: %clang_cc1 -DSILENCE -fsyntax-only -verify -Wall %s
// RUN: %clang_cc1 -fsyntax-only -verify -Walloca %s
#ifdef SILENCE
// expected-no-diagnostics
#endif
void test1(int a) {
__builtin_alloca(a);
#ifndef SILENCE
// expected-warning@-2 {{use of function '__builtin_alloca' is discouraged; there is no way to check for failure but failure may still occur, resulting in a possibly exploitable security vulnerability}}
#endif
}
void test2(int a) {
__builtin_alloca_with_align(a, 32);
#ifndef SILENCE
// expected-warning@-2 {{use of function '__builtin_alloca_with_align' is discouraged; there is no way to check for failure but failure may still occur, resulting in a possibly exploitable security vulnerability}}
#endif
}
void test3(int a) {
__builtin_alloca_uninitialized(a);
#ifndef SILENCE
// expected-warning@-2 {{use of function '__builtin_alloca_uninitialized' is discouraged; there is no way to check for failure but failure may still occur, resulting in a possibly exploitable security vulnerability}}
#endif
}
void test4(int a) {
__builtin_alloca_with_align_uninitialized(a, 32);
#ifndef SILENCE
// expected-warning@-2 {{use of function '__builtin_alloca_with_align_uninitialized' is discouraged; there is no way to check for failure but failure may still occur, resulting in a possibly exploitable security vulnerability}}
#endif
}
Reference in New Issue View Git Blame Copy Permalink