[clang] [analyzer] Fix core.VLASize checker false positive taint reports (PR #68140)
via cfe-commits
cfe-commits at lists.llvm.org
Wed Oct 4 07:38:25 PDT 2023
https://github.com/DonatNagyE commented:
This change is a good step forward and cleanly implemented. Could you show some results from open source projects?
As a side remark, I'd like to mention that the separate handling of the "size is zero" and the "size is negative" cases is logically incorrect in the old code, e.g. when the size may be either 0 or negative, the checker will claim that it's negative (because in the first step it sees that may be nonzero, and so assumes that it's nonzero). This issue should be cleaned up as a separate improvement
https://github.com/llvm/llvm-project/pull/68140
More information about the cfe-commits
mailing list