[clang] [analyzer] New optin.taint.TaintAlloc checker for catching unbounded memory allocation calls (PR #92420)
Daniel Krupp via cfe-commits
cfe-commits at lists.llvm.org
Mon Jun 3 04:53:15 PDT 2024
================
@@ -1730,6 +1721,21 @@ def UnixAPIPortabilityChecker : Checker<"UnixAPI">,
} // end optin.portability
+
+//===----------------------------------------------------------------------===//
+// Taint checkers.
+//===----------------------------------------------------------------------===//
+
+let ParentPackage = TaintOptIn in {
+
+def TaintMallocChecker: Checker<"TaintMalloc">,
+ HelpText<"Check for memory allocations, where the size parameter "
+ "might be a tainted (attacker controlled) value.">,
+ Dependencies<[DynamicMemoryModeling]>,
----------------
dkrupp wrote:
I added the GenerictaintChecker as a dependency too. I think it makes sense to add it now so that we dont forget it later.
https://github.com/llvm/llvm-project/pull/92420
More information about the cfe-commits
mailing list