[PATCH] D41384: [analyzer] Suppress false positive warnings form security.insecureAPI.strcpy
AndrĂ¡s Leitereg via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Thu Jan 11 13:37:21 PST 2018
leanil marked 3 inline comments as done.
leanil added inline comments.
================
Comment at: lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp:526
+ }
+ if (StrLenFound && ArraySize >= StrLen + 1)
+ return;
----------------
george.karpenkov wrote:
> Why not put this if-expression into the one above where `StrLen` is found?
> That would eliminate `StrLenFound` and remove the potential error surface of uninitialized read from `StrLen` (the declaration for which should probably be inside this block as well)
Good point. This makes `StrLen` itself redundant as well.
https://reviews.llvm.org/D41384
More information about the cfe-commits
mailing list