[PATCH] D145229: [analyzer] Improve the documentation of the alpha.security.taint.TaintPropagation checker
Daniel Krupp via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Tue Jul 25 03:50:53 PDT 2023
dkrupp added inline comments.
================
Comment at: clang/docs/analyzer/checkers.rst:2471
+ #ifdef __clang_analyzer__
+ void csa_mark_sanitized(const void *);
+ #endif
----------------
steakhal wrote:
> Have you considered unconditionally having this function with an empty body?
> That way it would have no "noise" at callsite.
But that way the program would not compile, because the definition would not be found. Or maybe I misunderstand you.
Maybe in the future we could add an another type of filter function which would support validation type of functions: would sanitize the passed parameter only, if the function returns with non-null, non-zero.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D145229/new/
https://reviews.llvm.org/D145229
More information about the cfe-commits
mailing list