[clang] [clang][analyzer] Add taintedness to argv (PR #178054)
Daniel Krupp via cfe-commits
cfe-commits at lists.llvm.org
Fri Feb 20 11:12:38 PST 2026
================
@@ -1413,9 +1371,16 @@ For a more detailed description of configuration options, please see the
**Configuration**
-* `Config` Specifies the name of the YAML configuration file. The user can
+* ``Config`` Specifies the name of the YAML configuration file. The user can
define their own taint sources and sinks.
+* The if the analyzer option ``assume-controlled-environment`` is set to ``false``,
+ it is assumed that the command line arguments and the environment
+ variables of the program are attacker controlled.
+ In particular, the ``argv`` argument of the ``main`` function and
----------------
dkrupp wrote:
taintedness added to envp too. Testcase `taint-diagnostic-visitor-main_envp.c` updated.
https://github.com/llvm/llvm-project/pull/178054
More information about the cfe-commits
mailing list