[clang] [analyzer] New optin.taint.TaintAlloc checker for catching unbounded memory allocation calls (PR #92420)
Balazs Benics via cfe-commits
cfe-commits at lists.llvm.org
Thu May 30 02:56:50 PDT 2024
================
@@ -1730,6 +1721,21 @@ def UnixAPIPortabilityChecker : Checker<"UnixAPI">,
} // end optin.portability
+
+//===----------------------------------------------------------------------===//
+// Taint checkers.
+//===----------------------------------------------------------------------===//
+
+let ParentPackage = TaintOptIn in {
+
+def TaintMallocChecker: Checker<"TaintMalloc">,
+ HelpText<"Check for memory allocations, where the size parameter "
+ "might be a tainted (attacker controlled) value.">,
+ Dependencies<[DynamicMemoryModeling]>,
----------------
steakhal wrote:
Why can't we make it a dependency now? (I don't have a strong opinion, I'm more just curious)
https://github.com/llvm/llvm-project/pull/92420
More information about the cfe-commits
mailing list