[cfe-commits] r76905 - in /cfe/trunk: lib/Analysis/CheckSecuritySyntaxOnly.cpp test/Analysis/security-syntax-checks.m

Eli Friedman eli.friedman at gmail.com
Thu Jul 23 15:36:54 PDT 2009


On Thu, Jul 23, 2009 at 3:29 PM, Ted Kremenek<kremenek at apple.com> wrote:
>  //===----------------------------------------------------------------------===//
> +// Check: Any use of 'gets' is insecure.
> +// Originally: <rdar://problem/6335715>
> +// Implements (part of): 300-BSI (buildsecurityin.us-cert.gov)
> +//===----------------------------------------------------------------------===//
> +
> +void WalkAST::CheckCall_gets(const CallExpr *CE, const FunctionDecl *FD) {
> +  if (FD->getIdentifier() != GetIdentifier(II_gets, "gets"))
> +    return;

I think it would be better to add gets() as a builtin, then use
getBuiltinID() to check for it, rather than trying to manually
validate the name/type.

-Eli




More information about the cfe-commits mailing list