[clang] [clang][analyzer] Add taintedness to argv (PR #178054)
DonĂ¡t Nagy via cfe-commits
cfe-commits at lists.llvm.org
Tue Jan 27 05:49:47 PST 2026
================
@@ -827,8 +831,40 @@ void GenericTaintChecker::initTaintRules(CheckerContext &C) const {
std::make_move_iterator(Rules.end()));
}
+// The incoming parameters of the main function get tainted
+// if the program called in an untrusted environment.
----------------
NagyDonat wrote:
As we discussed in person, you decided to only apply taint to `argv`, because putting taint on `argc` wouldn't be useful in practice. I support this decision, but please update the comments accordingly.
https://github.com/llvm/llvm-project/pull/178054
More information about the cfe-commits
mailing list