[PATCH] D35068: [analyzer] Detect usages of unsafe I/O functions
Gábor Horváth via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Mon Jan 21 01:05:58 PST 2019
xazax.hun added a comment.
In D35068#1361902 <https://reviews.llvm.org/D35068#1361902>, @Szelethus wrote:
> In D35068#1069880 <https://reviews.llvm.org/D35068#1069880>, @koldaniel wrote:
>
> > I've evaluated this checker on LLVM+Clang, there were only a few (about 15) warnings, because of the C11 flag check at the beginning of the checker body. However, if this check was removed, number of the warnings would be increased significantly. I wouldn't say the findings were real security issues, most of the warnings were about usages of deprecated functions, which has not been considered unsecure (but which may cause problems if the code is modified in an improper way in the future).
>
>
> My problem is that LLVM+Clang isn't really a C (nor a C11) project, and I think judging this checker on it is a little misleading. Could you please test it on some C11 projects? I think tmux uses C11.
>
> Edit: it doesn't, but CMake is mostly a C project and it does!
What do we want to validate here? The lack of crashes? Or evaluate false positive ratio?
I have some doubts about evaluating this checker on open source projects. If a project does not care about the safe versions of these functions all of the results will be false positive (or a project might actually care but will not be able to comply due to portability constraints). If a project does care about using the safe variants, they are most likely already using another tool to verify this.
So I think the main value here is to subsume other tools.
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D35068/new/
https://reviews.llvm.org/D35068
More information about the cfe-commits
mailing list