[PATCH] D30289: [Analyzer] Add bug visitor for taint checker

Artem Dergachev via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Thu Feb 23 01:44:44 PST 2017


NoQ added a comment.

Yay, this is awesome!

It's actually possible to test visitors with the `-analyzer-output=text` option. This option converts path notes to `note:` diagnostics, which you can catch with `expected-note{{}}`, see `test/Analysis/inlining/path-notes.c` for an example (well, it's also possible to test this with other `-analyzer-output` variants, but that'd be an overkill).



================
Comment at: lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp:109
+  private:
+    const SVal S;
+
----------------
Could you call this `V`?  Because `S` is often a statement pointer (so often that you actually shadow this member with a local statement later).


================
Comment at: lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp:681
+  else if (State->isTainted(E, C.getLocationContext()))
+    TaintedSVal = State->getSVal(E, C.getLocationContext());
+  else
----------------
`C.getSVal(E)`

Promoting the new fancy helper function^^


https://reviews.llvm.org/D30289





More information about the cfe-commits mailing list