[PATCH] D35068: [analyzer] Detect usages of unsafe I/O functions

Gábor Horváth via Phabricator via cfe-commits Tue, 08 Aug 2017 01:32:51 -0700

xazax.hun added inline comments.


================
Comment at: lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp:622
+}
+//===----------------------------------------------------------------------===//
+// Check: Use of 'sprintf', 'vsprintf', 'scanf', 'wscanf', 'fscanf',
----------------
I would put a new line above and remove one bellow. 


================
Comment at: lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp:632
+
+void WalkAST::checkUnsafeBufferHandling(const CallExpr *CE, const FunctionDecl 
*FD) { //TODO:TESTS
+  if (!filter.check_UnsafeBufferHandling)
----------------
NoQ wrote:
> Because it also checks deprecated buffer handling, i'd rename this function 
> to `checkDeprecatedOrUnsafeBufferHandling`.
Is the TODO still relevant in this line?


Repository:
  rL LLVM

https://reviews.llvm.org/D35068



_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D35068: [analyzer] Detect usages of unsafe I/O functions

Reply via email to