diff options
| author | Anna Zaks <ganna@apple.com> | 2012-01-31 19:33:31 +0000 |
|---|---|---|
| committer | Anna Zaks <ganna@apple.com> | 2012-01-31 19:33:31 +0000 |
| commit | ee5e8ae845a940d14746f91a4b5ea59e4a43d278 (patch) | |
| tree | 7f204fe922153d7675670392057f2794c2fb87f8 /clang | |
| parent | ebaefe7527d491fbf018ad2e76c614283281cbbe (diff) | |
| download | bcm5719-llvm-ee5e8ae845a940d14746f91a4b5ea59e4a43d278.tar.gz bcm5719-llvm-ee5e8ae845a940d14746f91a4b5ea59e4a43d278.zip | |
[analyzer] Change the warning to suggest 'strlcat/strlcpy' as
replacements for 'starcat/strcpy' instead of 'strncat/strncpy'.
llvm-svn: 149406
Diffstat (limited to 'clang')
| -rw-r--r-- | clang/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp | 4 | ||||
| -rw-r--r-- | clang/test/Analysis/security-syntax-checks.m | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/clang/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp b/clang/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp index 0798a296438..87594ff4a76 100644 --- a/clang/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp +++ b/clang/lib/StaticAnalyzer/Checkers/CheckSecuritySyntaxOnly.cpp @@ -516,7 +516,7 @@ void WalkAST::checkCall_strcpy(const CallExpr *CE, const FunctionDecl *FD) { "Call to function 'strcpy' is insecure as it does not " "provide bounding of the memory buffer. Replace " "unbounded copy functions with analogous functions that " - "support length arguments such as 'strncpy'. CWE-119.", + "support length arguments such as 'strlcpy'. CWE-119.", CELoc, &R, 1); } @@ -543,7 +543,7 @@ void WalkAST::checkCall_strcat(const CallExpr *CE, const FunctionDecl *FD) { "Call to function 'strcat' is insecure as it does not " "provide bounding of the memory buffer. Replace " "unbounded copy functions with analogous functions that " - "support length arguments such as 'strncat'. CWE-119.", + "support length arguments such as 'strlcat'. CWE-119.", CELoc, &R, 1); } diff --git a/clang/test/Analysis/security-syntax-checks.m b/clang/test/Analysis/security-syntax-checks.m index b392bd1ea68..f4ccefe58cd 100644 --- a/clang/test/Analysis/security-syntax-checks.m +++ b/clang/test/Analysis/security-syntax-checks.m @@ -138,7 +138,7 @@ void test_strcpy() { char x[4]; char *y; - strcpy(x, y); //expected-warning{{Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strncpy'. CWE-119.}} + strcpy(x, y); //expected-warning{{Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119.}} } //===----------------------------------------------------------------------=== @@ -162,7 +162,7 @@ void test_strcat() { char x[4]; char *y; - strcat(x, y); //expected-warning{{Call to function 'strcat' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strncat'. CWE-119.}} + strcat(x, y); //expected-warning{{Call to function 'strcat' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcat'. CWE-119.}} } //===----------------------------------------------------------------------=== |
