koldaniel added inline comments.
================ Comment at: include/clang/StaticAnalyzer/Checkers/Checkers.td:382 + DescFile<"CheckSecuritySyntaxOnly.cpp">; + def DeprecatedBufferHandling : Checker<"DeprecatedBufferHandling">, + HelpText<"Warn on uses of deprecated buffer manipulating functions">, ---------------- xazax.hun wrote: > koldaniel wrote: > > xazax.hun wrote: > > > I do not like the naming of these two checks, It feels like one of them > > > warns for a subset of the other, however, it is not the case. > > > What about removing the "deprecated" part from the first check? > > Both checker warns if a buffer handling function is deprecated > > (DeprecatedOrUnsafeBufferHandling calls DeprecatedBufferHandling), but the > > DeprecatedOrUnsafeBufferHandling checker also warns if a function is not > > only deprecated but unsafe (i.e. writes a buffer without size restrictions) > > too. > I see. Maybe it would be better to make them disjoint? Also, I think it is > not a good user experience to get two warnings for the same function call. Do you mean to separate them, so we would have one checker which warns for the unsafe and deprecated buffer handling functions, and one which warns for the deprecated functions which have some boundary restrictions? https://reviews.llvm.org/D35068 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
