[cfe-commits] r76905 - in /cfe/trunk: lib/Analysis/CheckSecuritySyntaxOnly.cpp test/Analysis/security-syntax-checks.m
Eli Friedman
eli.friedman at gmail.com
Thu Jul 23 15:36:54 PDT 2009
On Thu, Jul 23, 2009 at 3:29 PM, Ted Kremenek<kremenek at apple.com> wrote:
> //===----------------------------------------------------------------------===//
> +// Check: Any use of 'gets' is insecure.
> +// Originally: <rdar://problem/6335715>
> +// Implements (part of): 300-BSI (buildsecurityin.us-cert.gov)
> +//===----------------------------------------------------------------------===//
> +
> +void WalkAST::CheckCall_gets(const CallExpr *CE, const FunctionDecl *FD) {
> + if (FD->getIdentifier() != GetIdentifier(II_gets, "gets"))
> + return;
I think it would be better to add gets() as a builtin, then use
getBuiltinID() to check for it, rather than trying to manually
validate the name/type.
-Eli
More information about the cfe-commits
mailing list