[cfe-dev] CSA: Tainted argument does not propagate
themod 1302 via cfe-dev
cfe-dev at lists.llvm.org
Mon Feb 19 04:34:47 PST 2018
Hello,
I'm using the Clang Static Analyzer to find tainted allocations, so I added
the checkBind callback to the Generic Taint Checker to test if the loaded
"Val" is tainted.
However when running it on the following code ...
int somfunc(int c) {
int d = c;
}
int main() {
int a;
scanf("%d", &a);
int b = a;
somefunc(a);
}
... a and b are marked as tainted, but c is not, State->isTainted(Val)
returns false.
Why is that?
Thanks,
Tom
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20180219/d84151ed/attachment.html>
More information about the cfe-dev
mailing list