[cfe-commits] [PATCH] review request - strcmp/strcasecmp security checker

pageexec at freemail.hu pageexec at freemail.hu
Wed Apr 6 16:13:16 PDT 2011

On 7 Apr 2011 at 0:59, Joerg Sonnenberger wrote:

> On Wed, Apr 06, 2011 at 04:25:21PM -0600, Lenny Maiorani wrote:
> > Add security syntax checker for strcmp() and strcasecmp() which causes
> > the Static Analyzer to generate a warning any time the strcmp()
> > function is used with a note suggesting to use a function which
> > provides bounded buffers such as strncmp() or strncasecmp(). CWE-119.
> Sorry, but this sounds completely wrong.

i raised the issue already last week but got no response....

More information about the cfe-commits mailing list