Szelethus added a comment.
In general, don't emit to stderr unless we either emit a warning/error about
the incorrect configuration. As an experiment, what happens when you try to
emit an error in the middle of the symbolic execution? You can retrieve a
`DiagnosticsEngine` from any decl: `D->getASTContext().getDiagnostics()` (it's
funny how you can retrieve almost all major manager objects if you try hard
enough).
================
Comment at: clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp:136
+ /// Check if tainted data is used as a custom sink's parameter.
+ static const char MsgCustomSink[];
+ bool checkCustomSinks(const CallExpr *CE, StringRef Name,
----------------
How about `llvm::StringLiteral`?
================
Comment at: clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp:836
+ CheckerContext &C) const {
+ auto It = CustomSinks.find(Name);
+ if (It == CustomSinks.end())
----------------
Hmmm, how do we do with qualified names (`MyClass::generateTaint()`, `std::cin
>>`)?
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D59637/new/
https://reviews.llvm.org/D59637
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
