Page MenuHomePhabricator
Feed Advanced Search

Dec 21 2020

ktomi996 added a comment to D91000: [clang-tidy] Add bugprone-unsafe-functions checker..

Quoting the revision summary:

This checker guards against using some vulnerable C functions which are mentioned in MSC24-C in obsolescent functions table.

Why don't we check the rest of the functions as well?
asctime, atof, atoi, atol, atoll, ctime, fopen, freopen, rewind, setbuf

Hm, I get that cert-err34-c will already diagnose the uses of atof, atoi, atol, atoll, but then why do we check vfscanf, vscanf then?
We should probably omit these, while documenting this.
On the other hand, I would recommend checking asctime, ctime, fopen, freopen, rewind, setbuf for the sake of completeness.

Dec 21 2020, 1:39 AM · Restricted Project, Restricted Project, Restricted Project

Nov 7 2020

ktomi996 updated the diff for D91000: [clang-tidy] Add bugprone-unsafe-functions checker..
Nov 7 2020, 3:37 AM · Restricted Project, Restricted Project, Restricted Project
ktomi996 requested review of D91000: [clang-tidy] Add bugprone-unsafe-functions checker..
Nov 7 2020, 3:24 AM · Restricted Project, Restricted Project, Restricted Project