[PATCH] D71155: [analyzer] CERT STR rule checkers: STR30-C
Balogh, Ádám via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Mon Jun 29 09:42:45 PDT 2020
baloghadamsoftware requested changes to this revision.
baloghadamsoftware added inline comments.
This revision now requires changes to proceed.
Herald added a subscriber: rnkovacs.
================
Comment at: clang/docs/analyzer/checkers.rst:1973
+``strpbrk()``, ``strchr()``, ``strrchr()``, ``strstr()``, ``memchr()``.
+
.. _alpha-security-cert-str-31c:
----------------
**STR30-C** is more general: //Do not attempt to modify string literals//. You should not check for these functions specifically, just model that they return string literals. However, you can also declare a string literal yourself. The checker should look for modifications of //any// string literals, whether returned by these functions or not.
================
Comment at: clang/lib/StaticAnalyzer/Checkers/cert/StrChecker.cpp:394
+/// Check whether a constant string is being modified. If so, emit a report.
+static bool isConstantStringModify(SVal L, SVal V, const Stmt *S,
+ CheckerContext &C, const BugType &BT) {
----------------
I do not see `V` used in this function anywhere. We are not interested to //what// it is attempted to be modified. We are just interested that it is attempted to be modified.
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D71155/new/
https://reviews.llvm.org/D71155
More information about the cfe-commits
mailing list