[PATCH] D71524: [analyzer] Support tainted objects in GenericTaintChecker

Balázs Benics via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Mon Mar 16 07:35:34 PDT 2020


steakhal added a comment.

In D71524#1917251 <https://reviews.llvm.org/D71524#1917251>, @Szelethus wrote:

> Are we sure this is what we want? If this is a heuristic, we should document it well, and even then I'm not sure whether we want it. I'm also pretty sure this would make the eventual change to `CallDescriptionMap` more difficult, because the way taintedness is propagated around `std::basic_istream` not really the property of the global `>>` operator and what its parameters are, but rather the property of `std::basic_istream<CharT,Traits>::operator>>`, right? What do you think?


I think `CallDescription` can only identify objects/functions which has `IdefntifyerInfo` in them. AFAIK operators don't have such. Though somehow AST matchers of Clang Tidy were triggered with this: `functionDecl(hasName("operator>>"))`
I'm afraid it needs to be a different patch to replace with `CallDescriptionMap`, even though I agree with you.


CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D71524/new/

https://reviews.llvm.org/D71524





More information about the cfe-commits mailing list