[cfe-commits] New analyzer checker: CStringChecker

Jordy Rose jediknil at belkadan.com
Tue Jun 29 22:33:51 PDT 2010


On Tue, 29 Jun 2010 20:05:37 -0700, Jordy Rose <jediknil at belkadan.com>
wrote:
>> You also made the following comment:
>> 
>> +// FIXME: This was originally copied from ArrayBoundChecker.cpp.
>> Refactor?
>> 
>> I absolutely agree, although I'm fine with a check going in like this
>> first and then refactoring.  There is a bunch of logic here with
> tremendous
>> overlap with ArrayBoundChecker.  Perhaps we should build a more generic
>> "out-of-bounds detection" API, and make ArrayBoundChecker a
> "meta-checker".
>> Not sure.
> 
> The main issue is that the bounds check shouldn't really emit the bug on
> its own. But that leaves it in an awkward place, interface-wise. Does it
> return a pair of StInBound and StOutBound, and force the caller to do
the
> feasibility check? Does it return a bool, and supply the necessary state
by
> reference? It's too bad we need a state whether the check fails or not.
> 
> I wish we could use blocks; I'd just pass in a "bug-reporting" block
that
> takes an ExplodedNode. Maybe it should take a function pointer?
> 
> Maybe we should leave it as is? *grin*

I take it back; in the common case it would be sufficient to pass in a bug
reference and description. Would that suffice? (Also where would this code
live?)



More information about the cfe-commits mailing list