Add TaintBugVisitor to the ArrayBoundV2, DivideZero, VLASize to be able to indicate where the taint information originated from.
Details
- Reviewers
NoQ george.karpenkov xazax.hun a.sidorin - Commits
- rGe14e591c937e: [analyzer] Add `TaintBugVisitor` to the ArrayBoundV2, DivideZero and VLASize.
rC331345: [analyzer] Add `TaintBugVisitor` to the ArrayBoundV2, DivideZero and VLASize.
rL331345: [analyzer] Add `TaintBugVisitor` to the ArrayBoundV2, DivideZero and VLASize.
Diff Detail
- Repository
- rC Clang
Event Timeline
Mostly LG.
lib/StaticAnalyzer/Checkers/VLASizeChecker.cpp | ||
---|---|---|
75 | In this patch, sometimes we check the visitor to be non-null, sometimes not. As I can see, BugReport::addVisitor() works well with nullptr arguments (it checks arguments) so I think we can omit the checks. |
lib/StaticAnalyzer/Checkers/VLASizeChecker.cpp | ||
---|---|---|
75 | Thanks for your reminder, a.sidorin! My mistakes led to some checkers doing the check and some did not check! But as you said, there is no need to check the nullptr. I will update the patch. |
Since BugReport::addVisitor() has checks for the null Visitor, remove the checks before BugReport->addVisitor().
Looks great, thanks!
I think the overall plan for any taint work would be to remove it from the program state API and move getters/setters into its own translation unit (like dynamic type propagation) as part of the overall plan to introduce shared checker states. So, like, not just the visitor, but the whole trait itself.
In this patch, sometimes we check the visitor to be non-null, sometimes not. As I can see, BugReport::addVisitor() works well with nullptr arguments (it checks arguments) so I think we can omit the checks.