You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
known permissions changed for DefId(0:39 ~ lighttpd_rust_amalgamated[c1eb]::{extern#0}::getenv): LFnSig { inputs: [g1868#*const i8[NONE#i8[]]], output: g1869#*mut i8[NONE#i8[]] }
known permissions changed for PointerId g1869: READ | OFFSET_ADD -> READ | OFFSET_ADD | OFFSET_SUB
fngetenv(
s:*constc_char:[READ | OFFSET_ADD | NON_NULL],// Not `WRITE` even though it's `*mut` since future calls may overwrite the returned memory,// as it may be statically allocated and reused. It is not meant to be modified.) -> *mutc_char:[READ | OFFSET_ADD];
I think the return type here just needs OFFSET_SUB added.
known permissions changed for DefId(0:28 ~ lighttpd_rust_amalgamated[c1eb]::{extern#0}::strtoll): LFnSig { inputs: [g1860#*const i8[NONE#i8[]], g1861#*mut *mut i8[g1862#*mut i8[NONE#i8[]]], NONE#i32[]], output: NONE#i64[] }
known permissions changed for PointerId g1862: WRITE | OFFSET_ADD -> READ | WRITE | OFFSET_ADD | OFFSET_SUB
The permission on *endp (the inner *mut char) has gained READ and OFFSET_SUB. This is a bit tricky because our handling of pointer-to-pointer means the inner pointer's permissions in the signature must be equal to the permissions of the pointer passed in at the call site (whereas for outermost pointers, we only require a subset/superset). This means it may gain extra permissions based on what happens to the argument both before and after the call. We may need a special case in the final "known permissions changed" check so we can be more specific about what exactly is required/guaranteed here.
We may discover more cases like this as we expand the analysis to handle more of lighttpd.
The text was updated successfully, but these errors were encountered:
I think the return type here just needs
OFFSET_SUB
added.The permission on
*endp
(the inner*mut char
) has gainedREAD
andOFFSET_SUB
. This is a bit tricky because our handling of pointer-to-pointer means the inner pointer's permissions in the signature must be equal to the permissions of the pointer passed in at the call site (whereas for outermost pointers, we only require a subset/superset). This means it may gain extra permissions based on what happens to the argument both before and after the call. We may need a special case in the final "known permissions changed" check so we can be more specific about what exactly is required/guaranteed here.We may discover more cases like this as we expand the analysis to handle more of lighttpd.
The text was updated successfully, but these errors were encountered: