[PATCH] D30909: [Analyzer] Finish taint propagation to derived symbols of tainted regions
Vlad Tsyrklevich via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Tue May 9 20:29:52 PDT 2017
vlad.tsyrklevich updated this revision to Diff 98390.
vlad.tsyrklevich marked 3 inline comments as done.
vlad.tsyrklevich added a comment.
Herald added a subscriber: xazax.hun.
- Update the logic to move the LCV symbol logic into ProgramState::addTaint(SVal) out of the GenericTaintChecker. This allows us to no longer have to synthesize a new SymbolDerived from a LazyCompoundVal. This also required adding a new addPartialTaint() function.
- Update TaintedSymRegions name to TaintedSubRegions per @NoQ's comment.
- I realized that the new partial taint logic did not respect the idea of TaintTagTypes, so I updated TaintSubRegion to include a TaintTagType and added appropriate logic to add/check them.
https://reviews.llvm.org/D30909
Files:
include/clang/StaticAnalyzer/Core/PathSensitive/ProgramState.h
include/clang/StaticAnalyzer/Core/PathSensitive/TaintManager.h
lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp
lib/StaticAnalyzer/Core/ProgramState.cpp
lib/StaticAnalyzer/Core/RegionStore.cpp
test/Analysis/taint-generic.c
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D30909.98390.patch
Type: text/x-patch
Size: 16181 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20170510/24af5f99/attachment.bin>
More information about the cfe-commits
mailing list