1 // RUN: %clang_analyze_cc1 \
2 // RUN:  -analyzer-checker=alpha.security.cert.pos.34c\
3 // RUN:  -verify %s
4 
5 #include "../Inputs/system-header-simulator.h"
6 void free(void *memblock);
7 void *malloc(size_t size);
8 int putenv(char *);
9 int rand();
10 
11 namespace test_auto_var_used_good {
12 
13 extern char *ex;
test_extern()14 int test_extern() {
15   return putenv(ex); // no-warning: extern storage class.
16 }
17 
foo(void)18 void foo(void) {
19   char *buffer = (char *)"huttah!";
20   if (rand() % 2 == 0) {
21     buffer = (char *)malloc(5);
22     strcpy(buffer, "woot");
23   }
24   putenv(buffer);
25 }
26 
bar(void)27 void bar(void) {
28   char *buffer = (char *)malloc(5);
29   strcpy(buffer, "woot");
30 
31   if (rand() % 2 == 0) {
32     free(buffer);
33     buffer = (char *)"blah blah blah";
34   }
35   putenv(buffer);
36 }
37 
baz()38 void baz() {
39   char env[] = "NAME=value";
40   // TODO: False Positive
41   putenv(env);
42   // expected-warning@-1 {{The 'putenv' function should not be called with arguments that have automatic storage}}
43 
44   /*
45     DO SOMETHING
46   */
47 
48   putenv((char *)"NAME=anothervalue");
49 }
50 
51 } // namespace test_auto_var_used_good
52