[clang] [clang][analyzer] Add taintedness to argv (PR #178054)
Balázs Benics via cfe-commits
cfe-commits at lists.llvm.org
Wed Feb 11 06:18:22 PST 2026
================
@@ -0,0 +1,24 @@
+// RUN: %clang_analyze_cc1 -analyzer-checker=optin.taint,core,security.ArrayBound -analyzer-config assume-controlled-environment=false -analyzer-output=text -verify %s
+// This file is for testing enhanced diagnostics produced by the GenericTaintChecker
+
+
+typedef __typeof(sizeof(int)) size_t;
+int system(const char *command);
+size_t strlen( const char* str );
+char * strncat ( char * destination, const char * source, size_t num );
+char * strncpy ( char * destination, const char * source, size_t num );
----------------
steakhal wrote:
I wish we could, but I don't think we can set it without formatting every test. Another problem could be that some tests might be sensitive to the shape of the AST (including the presence of the `CompoundStmt`, which is the `{ .. }` of an `if` body for example. So clang format can also subtly change the behavior, and the test might want to observe this difference.
I'll admit that it's pretty unlikely that we had some so fragile tests, but one can never be sure.
Where we can be sure though, is new tests; so let's do our part making the statusquo better.
https://github.com/llvm/llvm-project/pull/178054
More information about the cfe-commits
mailing list