steakhal added a comment. There are still a few FPs of the kind, where they iterate over the result of `getenv` in a loop, and continuously checks the character against the zero terminator. I refined the suppression heuristic as follows:
- If the offset is zero, don't report taint issue. (as I suggested in the previous heuristic) - If the offset is non-zero, calculate the offset for the previous element and check if the value there is proven to be non-zero. If it cannot be zero, don't report this taint issue. I'll check the results tomorrow. Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D159105/new/ https://reviews.llvm.org/D159105 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
