@@ -1,3 +1,7 @@
+/* { dg-do compile } */
+/* { dg-options "-fanalyzer" } */
+/* { dg-require-effective-target analyzer } */
+
typedef __SIZE_TYPE__ size_t;
#define __user
@@ -1,6 +1,6 @@
/* { dg-do compile } */
/* { dg-require-effective-target analyzer } */
-/* { dg-additional-options "-Wno-pedantic" } */
+/* { dg-additional-options "-fanalyzer -Wno-pedantic" } */
/* See notes in this header. */
#include "taint-CVE-2011-0521.h"
@@ -1,5 +1,5 @@
/* { dg-do compile } */
-/* { dg-additional-options "-Wno-pedantic" } */
+/* { dg-additional-options "-fanalyzer -Wno-pedantic" } */
/* { dg-require-effective-target analyzer } */
/* See notes in this header. */
@@ -1,5 +1,5 @@
/* { dg-do compile } */
-/* { dg-additional-options "-Wno-pedantic" } */
+/* { dg-additional-options "-fanalyzer -Wno-pedantic" } */
/* { dg-require-effective-target analyzer } */
/* See notes in this header. */
@@ -67,6 +67,8 @@ int dvb_usercopy(struct file *file,
if (copy_from_user(parg, (void __user *)arg, _IOC_SIZE(cmd)))
goto out;
break;
+ default:
+ goto out;
}
/* call driver */
@@ -1,6 +1,6 @@
/* { dg-do compile } */
/* { dg-require-effective-target analyzer } */
-/* { dg-additional-options "-Wno-pedantic" } */
+/* { dg-additional-options "-fanalyzer -Wno-pedantic" } */
/* See notes in this header. */
#include "taint-CVE-2011-0521.h"
@@ -67,6 +67,8 @@ int dvb_usercopy(struct file *file,
if (copy_from_user(parg, (void __user *)arg, _IOC_SIZE(cmd)))
goto out;
break;
+ default:
+ goto out;
}
/* call driver */
@@ -1,6 +1,6 @@
/* { dg-do compile } */
/* { dg-require-effective-target analyzer } */
-/* { dg-additional-options "-Wno-pedantic" } */
+/* { dg-additional-options "-fanalyzer -Wno-pedantic" } */
/* See notes in this header. */
#include "taint-CVE-2011-0521.h"
@@ -1,6 +1,6 @@
/* { dg-do compile } */
/* { dg-require-effective-target analyzer } */
-/* { dg-additional-options "-Wno-pedantic" } */
+/* { dg-additional-options "-fanalyzer -Wno-pedantic" } */
/* See notes in this header. */
#include "taint-CVE-2011-0521.h"
@@ -19,8 +19,7 @@ int dvb_ca_ioctl(struct file *file, unsigned int cmd, void *parg)
if (info->num > 1)
return -EINVAL;
- av7110->ci_slot[info->num].num = info->num; /* { dg-warning "attacker-controlled value" "" { xfail *-*-* } } */
- /* TODO(xfail). */
+ av7110->ci_slot[info->num].num = info->num; /* { dg-warning "attacker-controlled value" } */
av7110->ci_slot[info->num].type = FW_CI_LL_SUPPORT(av7110->arm_app) ?
CA_CI_LINK : CA_CI;
memcpy(info, &av7110->ci_slot[info->num], sizeof(ca_slot_info_t));
Successfully bootstrapped & regrtested on x86_64-pc-linux-gnu. Successful run of analyzer integration tests on x86_64-pc-linux-gnu. Pushed to trunk as r14-9895-gd09d70cdb2a4bc. gcc/testsuite/ChangeLog: * gcc.dg/plugin/copy_from_user-1.c: Add missing directives for an analyzer test. * gcc.dg/plugin/taint-CVE-2011-0521-1-fixed.c: Add missing -fanalyzer to options. * gcc.dg/plugin/taint-CVE-2011-0521-1.c: Likewise. * gcc.dg/plugin/taint-CVE-2011-0521-2-fixed.c: Likewise. (dvb_usercopy): Add default case to avoid complaints about NULL derefs. * gcc.dg/plugin/taint-CVE-2011-0521-2.c: Likewise. * gcc.dg/plugin/taint-CVE-2011-0521-3-fixed.c: Add missing -fanalyzer to options. * gcc.dg/plugin/taint-CVE-2011-0521-3.c: Likewise. Drop xfail. Signed-off-by: David Malcolm <dmalcolm@redhat.com> --- gcc/testsuite/gcc.dg/plugin/copy_from_user-1.c | 4 ++++ gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-1-fixed.c | 2 +- gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-1.c | 2 +- gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-2-fixed.c | 4 +++- gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-2.c | 4 +++- gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-3-fixed.c | 2 +- gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-3.c | 5 ++--- 7 files changed, 15 insertions(+), 8 deletions(-)