[PATCH] D41384: [analyzer] Suppress false positive warnings form security.insecureAPI.strcpy

Artem Dergachev via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Wed Jan 3 15:18:25 PST 2018

NoQ added a comment.

This patch makes a totally valid point :)

Comment at: lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp:513
+  int ArraySize = -1, StrLen = -1;
+  const auto *Target = CE->getArg(0)->IgnoreImpCasts(),
You might want to use a wider integer type because 64-bit arrays may have 2³¹ or more elements (not sure about string literals).


More information about the cfe-commits mailing list