gcc/testsuite/sarif-replay.dg/2.1.0-valid/signal-1.c.sarif


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213

/* Test a replay of a .sarif file generated from GCC testsuite.

   The dg directives were stripped out from the generated .sarif
   to avoid confusing DejaGnu for this test.   */

{"$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json",
 "version": "2.1.0",
 "runs": [{"tool": {"driver": {"name": "GNU C17",
                               "fullName": "GNU C17 (GCC) version 15.0.0 20240709 (experimental) (x86_64-pc-linux-gnu)",
                               "version": "15.0.0 20240709 (experimental)",
                               "informationUri": "https://gcc.gnu.org/gcc-15/",
                               "rules": [{"id": "-Wanalyzer-unsafe-call-within-signal-handler",
                                          "helpUri": "https://gcc.gnu.org/onlinedocs/gcc/Static-Analyzer-Options.html#index-Wanalyzer-unsafe-call-within-signal-handler"}]}},
           "taxonomies": [{"name": "CWE",
                           "version": "4.7",
                           "organization": "MITRE",
                           "shortDescription": {"text": "The MITRE Common Weakness Enumeration"},
                           "taxa": [{"id": "479",
                                     "helpUri": "https://cwe.mitre.org/data/definitions/479.html"}]}],
           "invocations": [{"executionSuccessful": true,
                            "toolExecutionNotifications": []}],
           "originalUriBaseIds": {"PWD": {"uri": "file:///home/david/coding/gcc-newgit-more-taint/build/gcc/"}},
           "artifacts": [{"location": {"uri": "../../src/gcc/testsuite/gcc.dg/analyzer/signal-1.c",
                                       "uriBaseId": "PWD"},
                          "sourceLanguage": "c",
                          "contents": {"text": "/* Example of a bad call within a signal handler.\n   'handler' calls 'custom_logger' which calls 'fprintf', and 'fprintf' is\n   not allowed from a signal handler.  */\n\n\n#include <stdio.h>\n#include <signal.h>\n\nextern void body_of_program(void);\n\nvoid custom_logger(const char *msg)\n{\n  fprintf(stderr, \"LOG: %s\", msg);\n}\n\nstatic void handler(int signum)\n{\n  custom_logger(\"got signal\");\n}\n\nint main(int argc, const char *argv)\n{\n  custom_logger(\"started\");\n\n  signal(SIGINT, handler);\n\n  body_of_program();\n\n  custom_logger(\"stopped\");\n\n  return 0;\n}\n"},
                          "roles": ["analysisTarget",
                                    "tracedFile"]}],
           "results": [{"ruleId": "-Wanalyzer-unsafe-call-within-signal-handler",
                        "taxa": [{"id": "479",
                                  "toolComponent": {"name": "cwe"}}],
                        "properties": {"gcc/analyzer/saved_diagnostic/sm": "signal",
                                       "gcc/analyzer/saved_diagnostic/enode": 57,
                                       "gcc/analyzer/saved_diagnostic/snode": 11,
                                       "gcc/analyzer/saved_diagnostic/state": "in_signal_handler",
                                       "gcc/analyzer/saved_diagnostic/idx": 0},
                        "level": "warning",
                        "message": {"text": "call to ‘fprintf’ from within signal handler"},
                        "locations": [{"physicalLocation": {"artifactLocation": {"uri": "../../src/gcc/testsuite/gcc.dg/analyzer/signal-1.c",
                                                                                 "uriBaseId": "PWD"},
                                                            "region": {"startLine": 13,
                                                                       "startColumn": 3,
                                                                       "endColumn": 34},
                                                            "contextRegion": {"startLine": 13,
                                                                              "snippet": {"text": "  fprintf(stderr, \"LOG: %s\", msg);\n"}}},
                                       "logicalLocations": [{"name": "custom_logger",
                                                             "fullyQualifiedName": "custom_logger",
                                                             "decoratedName": "custom_logger",
                                                             "kind": "function"}]}],
                        "codeFlows": [{"threadFlows": [{"id": "main",
                                                        "locations": [{"properties": {"gcc/analyzer/checker_event/emission_id": "(1)",
                                                                                      "gcc/analyzer/checker_event/kind": "EK_FUNCTION_ENTRY"},
                                                                       "location": {"physicalLocation": {"artifactLocation": {"uri": "../../src/gcc/testsuite/gcc.dg/analyzer/signal-1.c",
                                                                                                                              "uriBaseId": "PWD"},
                                                                                                         "region": {"startLine": 21,
                                                                                                                    "startColumn": 5,
                                                                                                                    "endColumn": 9},
                                                                                                         "contextRegion": {"startLine": 21,
                                                                                                                           "snippet": {"text": "int main(int argc, const char *argv)\n"}}},
                                                                                    "logicalLocations": [{"name": "main",
                                                                                                          "fullyQualifiedName": "main",
                                                                                                          "decoratedName": "main",
                                                                                                          "kind": "function"}],
                                                                                    "message": {"text": "entry to ‘main’"}},
                                                                       "kinds": ["enter",
                                                                                 "function"],
                                                                       "nestingLevel": 1,
                                                                       "executionOrder": 1},
                                                                      {"properties": {"gcc/analyzer/checker_event/emission_id": "(2)",
                                                                                      "gcc/analyzer/checker_event/kind": "EK_STATE_CHANGE"},
                                                                       "location": {"physicalLocation": {"artifactLocation": {"uri": "../../src/gcc/testsuite/gcc.dg/analyzer/signal-1.c",
                                                                                                                              "uriBaseId": "PWD"},
                                                                                                         "region": {"startLine": 25,
                                                                                                                    "startColumn": 3,
                                                                                                                    "endColumn": 26},
                                                                                                         "contextRegion": {"startLine": 25,
                                                                                                                           "snippet": {"text": "  signal(SIGINT, handler);\n"}}},
                                                                                    "logicalLocations": [{"name": "main",
                                                                                                          "fullyQualifiedName": "main",
                                                                                                          "decoratedName": "main",
                                                                                                          "kind": "function"}],
                                                                                    "message": {"text": "registering ‘handler’ as signal handler"}},
                                                                       "nestingLevel": 1,
                                                                       "executionOrder": 2},
                                                                      {"properties": {"gcc/analyzer/checker_event/emission_id": "(3)",
                                                                                      "gcc/analyzer/checker_event/kind": "EK_CUSTOM"},
                                                                       "location": {"message": {"text": "later on, when the signal is delivered to the process"}},
                                                                       "nestingLevel": 0,
                                                                       "executionOrder": 3},
                                                                      {"properties": {"gcc/analyzer/checker_event/emission_id": "(4)",
                                                                                      "gcc/analyzer/checker_event/kind": "EK_FUNCTION_ENTRY"},
                                                                       "location": {"physicalLocation": {"artifactLocation": {"uri": "../../src/gcc/testsuite/gcc.dg/analyzer/signal-1.c",
                                                                                                                              "uriBaseId": "PWD"},
                                                                                                         "region": {"startLine": 16,
                                                                                                                    "startColumn": 13,
                                                                                                                    "endColumn": 20},
                                                                                                         "contextRegion": {"startLine": 16,
                                                                                                                           "snippet": {"text": "static void handler(int signum)\n"}}},
                                                                                    "logicalLocations": [{"name": "handler",
                                                                                                          "fullyQualifiedName": "handler",
                                                                                                          "decoratedName": "handler",
                                                                                                          "kind": "function"}],
                                                                                    "message": {"text": "entry to ‘handler’"}},
                                                                       "kinds": ["enter",
                                                                                 "function"],
                                                                       "nestingLevel": 1,
                                                                       "executionOrder": 4},
                                                                      {"properties": {"gcc/analyzer/checker_event/emission_id": "(5)",
                                                                                      "gcc/analyzer/checker_event/kind": "EK_CALL_EDGE",
                                                                                      "gcc/analyzer/superedge_event/superedge": {"kind": "SUPEREDGE_CALL",
                                                                                                                                 "src_idx": 7,
                                                                                                                                 "dst_idx": 10,
                                                                                                                                 "desc": "call"}},
                                                                       "location": {"physicalLocation": {"artifactLocation": {"uri": "../../src/gcc/testsuite/gcc.dg/analyzer/signal-1.c",
                                                                                                                              "uriBaseId": "PWD"},
                                                                                                         "region": {"startLine": 18,
                                                                                                                    "startColumn": 3,
                                                                                                                    "endColumn": 30},
                                                                                                         "contextRegion": {"startLine": 18,
                                                                                                                           "snippet": {"text": "  custom_logger(\"got signal\");\n"}}},
                                                                                    "logicalLocations": [{"name": "handler",
                                                                                                          "fullyQualifiedName": "handler",
                                                                                                          "decoratedName": "handler",
                                                                                                          "kind": "function"}],
                                                                                    "message": {"text": "calling ‘custom_logger’ from ‘handler’"}},
                                                                       "kinds": ["call",
                                                                                 "function"],
                                                                       "nestingLevel": 1,
                                                                       "executionOrder": 5},
                                                                      {"properties": {"gcc/analyzer/checker_event/emission_id": "(6)",
                                                                                      "gcc/analyzer/checker_event/kind": "EK_FUNCTION_ENTRY"},
                                                                       "location": {"physicalLocation": {"artifactLocation": {"uri": "../../src/gcc/testsuite/gcc.dg/analyzer/signal-1.c",
                                                                                                                              "uriBaseId": "PWD"},
                                                                                                         "region": {"startLine": 11,
                                                                                                                    "startColumn": 6,
                                                                                                                    "endColumn": 19},
                                                                                                         "contextRegion": {"startLine": 11,
                                                                                                                           "snippet": {"text": "void custom_logger(const char *msg)\n"}}},
                                                                                    "logicalLocations": [{"name": "custom_logger",
                                                                                                          "fullyQualifiedName": "custom_logger",
                                                                                                          "decoratedName": "custom_logger",
                                                                                                          "kind": "function"}],
                                                                                    "message": {"text": "entry to ‘custom_logger’"}},
                                                                       "kinds": ["enter",
                                                                                 "function"],
                                                                       "nestingLevel": 2,
                                                                       "executionOrder": 6},
                                                                      {"properties": {"gcc/analyzer/checker_event/emission_id": "(7)",
                                                                                      "gcc/analyzer/checker_event/kind": "EK_WARNING"},
                                                                       "location": {"physicalLocation": {"artifactLocation": {"uri": "../../src/gcc/testsuite/gcc.dg/analyzer/signal-1.c",
                                                                                                                              "uriBaseId": "PWD"},
                                                                                                         "region": {"startLine": 13,
                                                                                                                    "startColumn": 3,
                                                                                                                    "endColumn": 34},
                                                                                                         "contextRegion": {"startLine": 13,
                                                                                                                           "snippet": {"text": "  fprintf(stderr, \"LOG: %s\", msg);\n"}}},
                                                                                    "logicalLocations": [{"name": "custom_logger",
                                                                                                          "fullyQualifiedName": "custom_logger",
                                                                                                          "decoratedName": "custom_logger",
                                                                                                          "kind": "function"}],
                                                                                    "message": {"text": "call to ‘fprintf’ from within signal handler"}},
                                                                       "kinds": ["danger"],
                                                                       "nestingLevel": 2,
                                                                       "executionOrder": 7}]}]}]}]}]}

// TODO: show the CWE
/* { dg-begin-multiline-output "" }
In function 'custom_logger':
../../src/gcc/testsuite/gcc.dg/analyzer/signal-1.c:13:3: warning: call to ‘fprintf’ from within signal handler [-Wanalyzer-unsafe-call-within-signal-handler]
   13 |   fprintf(stderr, "LOG: %s", msg);
      |   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  'main': events 1-2
    |
    |   21 | int main(int argc, const char *argv)
    |      |     ^~~~
    |      |     |
    |      |     (1) entry to ‘main’
    |......
    |   25 |   signal(SIGINT, handler);
    |      |   ~~~~~~~~~~~~~~~~~~~~~~~
    |      |   |
    |      |   (2) registering ‘handler’ as signal handler
    |
  event 3
    |
    |GNU C17:
    | (3): later on, when the signal is delivered to the process
    |
    +--> 'handler': events 4-5
           |
           |   16 | static void handler(int signum)
           |      |             ^~~~~~~
           |      |             |
           |      |             (4) entry to ‘handler’
           |   17 | {
           |   18 |   custom_logger("got signal");
           |      |   ~~~~~~~~~~~~~~~~~~~~~~~~~~~
           |      |   |
           |      |   (5) calling ‘custom_logger’ from ‘handler’
           |
           +--> 'custom_logger': events 6-7
                  |
                  |   11 | void custom_logger(const char *msg)
                  |      |      ^~~~~~~~~~~~~
                  |      |      |
                  |      |      (6) entry to ‘custom_logger’
                  |   12 | {
                  |   13 |   fprintf(stderr, "LOG: %s", msg);
                  |      |   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                  |      |   |
                  |      |   (7) call to ‘fprintf’ from within signal handler
                  |
   { dg-end-multiline-output "" } */