boga95 marked 2 inline comments as done.
boga95 added a comment.
I think it shouldn't give compile error in case of incorrect configuration now
(maybe warning) because:
- Without qualified names, I can create a code which cannot be configured
properly.
- It can throw an error without configuration, for example:
void read(int*); // There is an existing propagation rule for it
I suggest to let it unchanged now, and I will change it when the checker can
handle qualified names.
On the other hand, I think we should make this type of error configurable (from
the command line). So the user can select between warnings and errors.
================
Comment at: clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp:836
+ CheckerContext &C) const {
+ auto It = CustomSinks.find(Name);
+ if (It == CustomSinks.end())
----------------
Szelethus wrote:
> Hmmm, how do we do with qualified names (`MyClass::generateTaint()`,
> `std::cin >>`)?
These patches focus on C style functions. I have implemented the uses of
qualified names, but I intended to make a separate patch for that.
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D59637/new/
https://reviews.llvm.org/D59637
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
