lebedev.ri added a comment. This does not do anything more than traversing the AST, shouldn't this be a clang-tidy check? Also, i suspect CERT-MSC24-C <https://www.securecoding.cert.org/confluence/display/c/MSC24-C.+Do+not+use+deprecated+or+obsolescent+functions> might be relevant
================ Comment at: lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp:607 + << Name << "'"; + out2 << "Using '" << Name << "' is depracated as it does not " + "provide bounding of the memory buffer or security " ---------------- depr*e*cated https://reviews.llvm.org/D35068 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
