[clang] [analyzer] Add alpha.cplusplus.BoundsInformation checker (PR #112784)
Artem Dergachev via cfe-commits
cfe-commits at lists.llvm.org
Tue Oct 22 18:54:39 PDT 2024
haoNoQ wrote:
> a function that returns a pointer and takes a reference (or a pointer) to a length variable
Yes, this one should be easy to catch. Both values will be `SymbolConjured` pointing to the same function call expression / program point. (The out-parameter value may also be `SymbolDerived` which is derived from the same `SymbolConjured`; you may need to carefully unwrap it, as well as make sure that it's not falling into the "known origin region" category because `SymbolDerived` does indeed respond nicely to `->getOriginRegion()`).
https://github.com/llvm/llvm-project/pull/112784
More information about the cfe-commits
mailing list