dkrupp added a comment.
I also analyzed openssl with the baseline and this version, but did not find
any new warnings.
See:
http://codechecker-demo.eastus.cloudapp.azure.com/Default/#run=D66049_baseline&newcheck=D66049_improved&review-status=Unreviewed&review-status=Confirmed&detection-status=New&detection-status=Reopened&detection-status=Unresolved&tab=D66049_baseline_diff_D66049_improved
================
Comment at: lib/StaticAnalyzer/Checkers/CStringChecker.cpp:1580
// If the function is strncpy, strncat, etc... it is bounded.
if (isBounded) {
----------------
Szelethus wrote:
> Ah, okay, so the assumption is that bounded functions' third argument is
> always a numerical size parameter. Why isn't that enforced at all?
How should we enforce this?
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D66049/new/
https://reviews.llvm.org/D66049
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
