[cfe-dev] CSA: Tainted argument does not propagate
Artem Dergachev via cfe-dev
cfe-dev at lists.llvm.org
Mon Feb 19 11:33:01 PST 2018
> warning: implicit declaration of function 'somefunc' is invalid in C99
You have a typo: somfunc => somefunc.
Once you fix it, it'd work correctly.
You could have also noticed that via the -analyzer-display-progress flag.
Also you can use the debug.TaintTest checker to dump all tainted
expressions.
On 19/02/2018 4:34 AM, themod 1302 via cfe-dev wrote:
> Hello,
>
> I'm using the Clang Static Analyzer to find tainted allocations, so I
> added the checkBind callback to the Generic Taint Checker to test if
> the loaded "Val" is tainted.
>
> However when running it on the following code ...
>
> int somfunc(int c) {
> int d = c;
> }
> int main() {
> int a;
> scanf("%d", &a);
> int b = a;
> somefunc(a);
> }
>
> ... a and b are marked as tainted, but c is not, State->isTainted(Val)
> returns false.
> Why is that?
>
> Thanks,
> Tom
>
>
> _______________________________________________
> cfe-dev mailing list
> cfe-dev at lists.llvm.org
> http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
More information about the cfe-dev
mailing list