[PATCH] D35068: [analyzer] Detect usages of unsafe I/O functions
Gábor Horváth via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Tue Aug 8 01:32:11 PDT 2017
xazax.hun added inline comments.
================
Comment at: lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp:622
+}
+//===----------------------------------------------------------------------===//
+// Check: Use of 'sprintf', 'vsprintf', 'scanf', 'wscanf', 'fscanf',
----------------
I would put a new line above and remove one bellow.
================
Comment at: lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp:632
+
+void WalkAST::checkUnsafeBufferHandling(const CallExpr *CE, const FunctionDecl *FD) { //TODO:TESTS
+ if (!filter.check_UnsafeBufferHandling)
----------------
NoQ wrote:
> Because it also checks deprecated buffer handling, i'd rename this function to `checkDeprecatedOrUnsafeBufferHandling`.
Is the TODO still relevant in this line?
Repository:
rL LLVM
https://reviews.llvm.org/D35068
More information about the cfe-commits
mailing list