koldaniel added a comment. In https://reviews.llvm.org/D35068#1049530, @george.karpenkov wrote:
> @koldaniel Have you evaluated this checker? On which codebases? Were the > warnings real security issues, or were they mostly spurious? The code seems > fine, but I'm not sure whether it should be in `security` or in `alpha`. I've evaluated this checker on LLVM+Clang, there were only a few (about 15) warnings, because of the C11 flag check at the beginning of the checker body. However, if this check was removed, number of the warnings would be increased significantly. I wouldn't say the findings were real security issues, most of the warnings were about usages of deprecated functions, which has not been considered unsecure (but which may cause problems if the code is modified in an improper way in the future). https://reviews.llvm.org/D35068 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
