diff options
| author | Kristof Umann <dkszelethus@gmail.com> | 2019-02-11 13:46:43 +0000 |
|---|---|---|
| committer | Kristof Umann <dkszelethus@gmail.com> | 2019-02-11 13:46:43 +0000 |
| commit | 8d239996392ca19efe868432fc521cfd4a8a40d7 (patch) | |
| tree | d92d5a814f4a34abaf863547a6c2f429004a31f3 /clang/docs/analyzer | |
| parent | 07834061205152cb9f7240ea8c5d8170ec9af98c (diff) | |
| download | bcm5719-llvm-8d239996392ca19efe868432fc521cfd4a8a40d7.tar.gz bcm5719-llvm-8d239996392ca19efe868432fc521cfd4a8a40d7.zip | |
[analyzer] New checker for detecting usages of unsafe I/O functions
There are certain unsafe or deprecated (since C11) buffer handling
functions which should be avoided in safety critical code. They
could cause buffer overflows. A new checker,
'security.insecureAPI.DeprecatedOrUnsafeBufferHandling' warns for
every occurrence of such functions (unsafe or deprecated printf,
scanf family, and other buffer handling functions, which now have
a secure variant).
Patch by Dániel Kolozsvári!
Differential Revision: https://reviews.llvm.org/D35068
llvm-svn: 353698
Diffstat (limited to 'clang/docs/analyzer')
| -rw-r--r-- | clang/docs/analyzer/checkers.rst | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/clang/docs/analyzer/checkers.rst b/clang/docs/analyzer/checkers.rst index c6fcfe4d5e9..62f7f7bfc8c 100644 --- a/clang/docs/analyzer/checkers.rst +++ b/clang/docs/analyzer/checkers.rst @@ -566,6 +566,17 @@ security.insecureAPI.vfork (C) vfork(); // warn } +security.insecureAPI.DeprecatedOrUnsafeBufferHandling (C) +"""""""""""""""""""""""""""""" + Warn on occurrences of unsafe or deprecated buffer handling functions, which now have a secure variant: ``sprintf, vsprintf, scanf, wscanf, fscanf, fwscanf, vscanf, vwscanf, vfscanf, vfwscanf, sscanf, swscanf, vsscanf, vswscanf, swprintf, snprintf, vswprintf, vsnprintf, memcpy, memmove, strncpy, strncat, memset`` + +.. code-block:: c + + void test() { + char buf [5]; + strncpy(buf, "a", 1); // warn + } + .. _unix-checkers: unix |
