================
@@ -12383,6 +12383,13 @@ def warn_unsafe_buffer_operation : Warning<
"%select{unsafe pointer operation|unsafe pointer arithmetic|"
"unsafe buffer access|function introduces unsafe buffer manipulation|unsafe
invocation of span::data}0">,
InGroup<UnsafeBufferUsage>, DefaultIgnore;
+def warn_unsafe_buffer_libc_call : Warning<
+ "function %0 introduces unsafe buffer access">,
+ InGroup<UnsafeBufferUsage>, DefaultIgnore;
+def note_unsafe_buffer_printf_call : Note<
+ "%select{| change to 'snprintf' for explicit bounds checking | buffer
pointer and size may not match"
+ "| use 'std::string::c_str' or string literal as string pointer to
guarantee null-termination"
----------------
jkorous-apple wrote:
Communicating what parameters are used in an unsafe way wouldn't be strictly
necessary for the initial patch if the warning as is pushed the user to do the
right thing.
Have we tried getting data from a real project?
I can also imagine that for some functions it won't be as simple as saying
"pointer parameter 1, 3 and 5" as it could be interplay between pointers,
integer parameters and buffer content.
https://github.com/llvm/llvm-project/pull/101583
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
