On Fri, 2019-11-15 at 20:23 -0500, David Malcolm wrote: > This patch adds a state machine checker for tracking exposure of > sensitive data (e.g. writing passwords to log files). > > This checker isn't ready for production, and is presented as a > proof-of-concept of the sm-based approach. > > gcc/ChangeLog: > * analyzer/sm-sensitive.cc: New file. Given it's not ready for production, fine. Presumably one of the areas for improvement is a better answer to the "what constitutes exposure" question ;-)
jeff >