[all-commits] [llvm/llvm-project] 8c22cb: [analyzer] ArrayBoundCheckerV2: suppress false pos...
DonatNagyE via All-commits
all-commits at lists.llvm.org
Wed May 3 09:55:21 PDT 2023
Branch: refs/heads/main
Home: https://github.com/llvm/llvm-project
Commit: 8c22cbea87beb74da3dc5891c40cdf574cd5fe56
https://github.com/llvm/llvm-project/commit/8c22cbea87beb74da3dc5891c40cdf574cd5fe56
Author: DonĂ¡t Nagy <donat.nagy at ericsson.com>
Date: 2023-05-03 (Wed, 03 May 2023)
Changed paths:
M clang/lib/StaticAnalyzer/Checkers/ArrayBoundCheckerV2.cpp
M clang/test/Analysis/taint-generic.c
Log Message:
-----------
[analyzer] ArrayBoundCheckerV2: suppress false positives from ctype macros
The checker alpha.security.ArrayBoundV2 created bug reports in
situations when the (tainted) result of fgetc() or getchar() was passed
to one of the isXXXXX() macros from ctype.h.
This is a common input handling pattern (within the limited toolbox of
the C language) and several open source projects contained code where it
led to false positive reports; so this commit suppresses ArrayBoundV2
reports generated within the isXXXXX() macros.
Note that here even true positive reports would be difficult to
understand, as they'd refer to the implementation details of these
macros.
Differential Revision: https://reviews.llvm.org/D149460
More information about the All-commits
mailing list