[all-commits] [llvm/llvm-project] b28400: [analyzer] Add a syntactic security check for ObjC...
NoQ via All-commits
all-commits at lists.llvm.org
Thu Dec 19 14:54:51 PST 2019
Branch: refs/heads/master
Home: https://github.com/llvm/llvm-project
Commit: b284005072122fe4af879725e3c8090009f89ca0
https://github.com/llvm/llvm-project/commit/b284005072122fe4af879725e3c8090009f89ca0
Author: Artem Dergachev <artem.dergachev at gmail.com>
Date: 2019-12-19 (Thu, 19 Dec 2019)
Changed paths:
M clang/include/clang/StaticAnalyzer/Checkers/Checkers.td
M clang/lib/Driver/ToolChains/Clang.cpp
M clang/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp
A clang/test/Analysis/security-syntax-checks-nscoder.m
M clang/www/analyzer/available_checks.html
Log Message:
-----------
[analyzer] Add a syntactic security check for ObjC NSCoder API.
Method '-[NSCoder decodeValueOfObjCType:at:]' is not only deprecated
but also a security hazard, hence a loud check.
Differential Revision: https://reviews.llvm.org/D71728
More information about the All-commits
mailing list