[PATCH] D113251: [analyzer][doc] Add user documenation for taint analysis
Endre Fülöp via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Thu Nov 18 01:48:40 PST 2021
gamesh411 marked 13 inline comments as done.
gamesh411 added inline comments.
================
Comment at: clang/docs/analyzer/checkers.rst:2351
+
+ clang --analyze ... -Xclang -analyzer-config -Xclang alpha.security.taint.TaintPropagation:Config=taint_config.yaml
+
----------------
steakhal wrote:
> Per https://reviews.llvm.org/D113004#inline-1078695 we should not advocate users use the `-Xclang` machinery, we should rather refer to it by other tools such as `scan-build`. However, we haven't reached a consensus about this decision yet.
> Consider moving some parts of this doc to the proposed Configuration documentation file - housing the //more// user-facing analyzer options.
Removed the command-line invocation part, and just left a mention to the configuration option.
================
Comment at: clang/docs/analyzer/user-docs/TaintAnalysisConfiguration.rst:133
+ The value of ``None`` will not consider the arguments that are part of a variadic argument list (this option is redundant but can be used to temporarily switch off handling of a particular variadic argument option without removing the entire variadic entry).
+ - `VariadicIndex` is a number in the range of [0..int_max]. It indicates the starting index of the variadic argument in the signature of the function.
+
----------------
steakhal wrote:
> It's not exactly for this patch, but we should investigate If we could infer this index from the declaration of the function.
Good idea, this seems like the way forward, I agree.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D113251/new/
https://reviews.llvm.org/D113251
More information about the cfe-commits
mailing list