[cfe-dev] Adding taint sources to GenericTaintChecker
Artem Dergachev via cfe-dev
cfe-dev at lists.llvm.org
Mon Apr 11 08:13:32 PDT 2016
On 11.04.2016 16:32, Ashwin Ganesh wrote:
> Is there anyway by which I can guarantee those
> initial return values to be tainted?
There shouldn't be a problem unless these values are compile-time constants.
There might be a bit tricky (though not very hard) to determine if the
correct function is called, in case it's actually loaded from a dynamic
library and passed around as a pointer, but that's a different story. If
the loading process is hidden in another translation unit, and the end
user receives only a forward declaration of readval(), that shouldn't be
a problem.
More information about the cfe-dev
mailing list