[PATCH] D49360: [analyzer] Add support for more basic_string API in DanglingInternalBufferChecker

Artem Dergachev via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Sun Jul 15 22:15:31 PDT 2018


NoQ accepted this revision.
NoQ added a comment.
This revision is now accepted and ready to land.

Cool! I don't have a strong preference with respect to whitelist vs. blacklist; your approach is safer but listing functions that don't immediately invalidate the buffer would allow us to avoid hard-to-detect false negatives while pretending that our users would notice and report easy-to-fix false positives for us. Also we rarely commit to adding a test for every single supported API function; bonus points for that, but usually 2-3 functions from a series of similar functions is enough :)



================
Comment at: lib/StaticAnalyzer/Checkers/DanglingInternalBufferChecker.cpp:112-124
+  if (const auto *MemOpCall = dyn_cast<CXXMemberOperatorCall>(&Call)) {
+    OverloadedOperatorKind Opc = MemOpCall->getOriginExpr()->getOperator();
+    if (Opc == OO_Equal || Opc == OO_PlusEqual)
+      return true;
+    return false;
+  }
+  return (isa<CXXDestructorCall>(Call) || Call.isCalled(AppendFn) ||
----------------
That quote from the Standard would look great here.


Repository:
  rC Clang

https://reviews.llvm.org/D49360





More information about the cfe-commits mailing list