[PATCH] D71566: New checks for fortified sprintf
serge via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Tue Dec 17 03:47:50 PST 2019
serge-sans-paille marked 7 inline comments as done.
serge-sans-paille added inline comments.
================
Comment at: clang/lib/Sema/SemaChecking.cpp:370
// FIXME: There are some more useful checks we could be doing here:
// - Analyze the format string of sprintf to see how much of buffer is used.
// - Evaluate strlen of strcpy arguments, use as object size.
----------------
erik.pilkington wrote:
> Can you delete this comment now?
I only deleted the one related to sprintf
================
Comment at: clang/lib/Sema/SemaChecking.cpp:392
+ EstimateSizeFormatHandler H(StrE);
+ StringRef StrRef = StrE->getString();
+ const char *Str = StrRef.data();
----------------
erik.pilkington wrote:
> Will this assert on: `sprintf(buf, L"foo");`? Not that that makes any sense, but we shouldn't crash.
Still need to check that.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D71566/new/
https://reviews.llvm.org/D71566
More information about the cfe-commits
mailing list