[PATCH] D137379: [-Wunsafe-buffer-usage] Add warnings for unsafe buffer accesses by array subscript operations
Gábor Horváth via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Fri Nov 18 14:43:35 PST 2022
xazax.hun added inline comments.
================
Comment at: clang/lib/Analysis/UnsafeBufferUsage.cpp:168-169
+ static Matcher matcher() {
+ // FIXME: What if the index is integer literal 0? Should this be
+ // a safe gadget in this case?
+ return stmt(
----------------
As per some of the discussions, in the future the compiler might be able to recognize certain safe patterns, e.g., when there is a simple for loop with known bounds, or when both the index and the array size is statically known.
I think here we need to make a very important design decision: Do we want the gadgets to have the right "safety" category when it is created (e.g., we have to be able to decide if a gadget is safe or not using matchers), or do we want some mechanisms to be able to promote an unsafe gadget to be a safe one? (E.g., do we want to be able to prove some unsafe gadgets safe using dataflow analysis in a later pass?)
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D137379/new/
https://reviews.llvm.org/D137379
More information about the cfe-commits
mailing list