If the assume-controlled-environment is true, we should expect getenv() to succeed, and the result should not be considered tainted.
By default, the option will be false.
Details
Details
Diff Detail
Diff Detail
- Repository
- rG LLVM Github Monorepo
Event Timeline
clang/lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp | ||
---|---|---|
438 | I'm checking this separately. |
Comment Actions
LGTM!
clang/include/clang/StaticAnalyzer/Core/AnalyzerOptions.def | ||
---|---|---|
331–337 | I think we should explicitly mention getenv here. |
I think we should explicitly mention getenv here.