[PATCH] D71524: [analyzer] Support tainted objects in GenericTaintChecker
Gábor Horváth via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Thu Feb 6 15:49:32 PST 2020
xazax.hun added inline comments.
================
Comment at: clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp:268
CheckerContext &C) {
- if (isTainted(State, E, C.getLocationContext()) || isStdin(E, C))
+ if (isTainted(State, E, C.getLocationContext()) || isStdin(E, C) ||
+ isStdstream(E, C))
----------------
If we consider `Stdin` and `Stdstream` to be tainted does it make sense to fold them into `isTainted` so we never miss checking for them?
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D71524/new/
https://reviews.llvm.org/D71524
More information about the cfe-commits
mailing list