Page MenuHomePhabricator

[analyzer] CERT STR rule checkers: STR51-CPP
Needs RevisionPublic

Authored by Charusso on May 24 2020, 9:53 PM.



This patch introduces a new experimental checker:

This checker is implemented based on the following rule:

It warns on possible std::string construction from a nullptr.

Diff Detail

Event Timeline

Charusso created this revision.May 24 2020, 9:53 PM
Charusso marked an inline comment as done.
Charusso added inline comments.

We do not really try to model the construction and whether the members are nullable (dataflow, fixed-point, ugh!) so that this assumption is needed to relax this checker. It is still somewhat noisy.


I support the idea that MemRegionManager should be directly accessible from CheckerContext but I would create a separate micro-patch for that. With a unit test, of course.


I do not see this function used (even defined) anywhere. Not even EvalCDM which the comment refers to.


OK, let us make something clear at the beginning: do we look for constructor arguments that may be null or are null? I would think the latter one is more useful, and then we should not disclose arguments.

baloghadamsoftware requested changes to this revision.Jun 30 2020, 5:09 AM
This revision now requires changes to proceed.Jun 30 2020, 5:09 AM