[cfe-dev] More static analysis...
Ted Kremenek
kremenek at apple.com
Wed Feb 25 09:27:15 PST 2009
On Feb 25, 2009, at 8:56 AM, Ben Laurie wrote:
> I'm interested in looking at detecting "known bad" patterns, for
> example:
>
> (<expr> & 0) == 0 (this example is stolen from FindBugs)
>
> if(<non-boolean value>) (cause of recent OpenSSL vuln)
Both of these would be easy to add. We've been mainly focusing on
gradually enhancing the base symbolic reasoning of integer values,
providing the substrate to write checks like these. We can talk about
specifics if you are interested. I believe it wouldn't take more than
a few lines of code to add checks for these.
More information about the cfe-dev
mailing list