[cfe-commits] [PATCH] review request - strcmp/strcasecmp security checker

pageexec at freemail.hu pageexec at freemail.hu
Wed Apr 6 16:13:16 PDT 2011


On 7 Apr 2011 at 0:59, Joerg Sonnenberger wrote:

> On Wed, Apr 06, 2011 at 04:25:21PM -0600, Lenny Maiorani wrote:
> > Add security syntax checker for strcmp() and strcasecmp() which causes
> > the Static Analyzer to generate a warning any time the strcmp()
> > function is used with a note suggesting to use a function which
> > provides bounded buffers such as strncmp() or strncasecmp(). CWE-119.
> 
> Sorry, but this sounds completely wrong.

i raised the issue already last week but got no response....
http://lists.cs.uiuc.edu/pipermail/cfe-commits/Week-of-Mon-20110328/040517.html




More information about the cfe-commits mailing list