User Details
- User Since
- Dec 19 2016, 5:58 AM (336 w, 2 d)
Thu, May 18
Tue, May 16
The initialization rules are relaxed compared to their pre-C++17 state, so now there is a possibility of an initialization for enum classes without explicitly mentioning the underlying type.
I have updated the revision body.
Just the test cases are added so far.
Feb 23 2023
Jan 19 2023
Dec 19 2022
I have verified this patch on open-source projects. Bitcoin had quite a few crashes without this; those are gone. LGTM
May 31 2022
Thanks for the quick review!
Fixed the double backtick in the release notes as well.
May 30 2022
Remove literal checking from the matcher for memset as well
fix Release Notes
May 23 2022
Add full diff with arcanist
Added a release note
Also generated the full context (arcanist could validate the site certificate, that's why I had to resort to manual diff creation. Was there a certificate change on the reviews.llmv.org site maybe?)
{F23163926}
There is no change in the results as far as these OS projects are concerned.
May 13 2022
add analyzer tag
May 11 2022
May 9 2022
@steakhal
This is WIP as there is still a stdlib function, that does not pass the test, and I would like to add more complex taint propagation test cases as well.
Could you please glance over these commits:
[Malloc] Pass down a State and a Pred ExplodedNode in the MallocChecker
[BoundV2][Malloc] Place NoteTags when allocated an interesting tainted amount of memory
[Stdlib] Add taint to the StdLibraryFunctionsChecker
- [BoolAssign] Add taint to the BoolAssignmentChecker
- [BugReporter] Transitive interestingness
- [Malloc] Pass down a State and a Pred ExplodedNode in the MallocChecker
- [BoundV2] ArrayBoundV2 checks if the extent is tainted
- [BoundV2][Malloc] Place NoteTags when allocated an interesting tainted amount of memory
- [CString] Add ConsiderTaint checker option for CStringChecker
- [CString] Consider tainted out-of-bound accesses
- [Stdlib] Add taint to the StdLibraryFunctionsChecker
- [Malloc] Implement the rsize_t like heuristic
Mar 7 2022
rebase
Mar 1 2022
- remove vscanf and co.
- use debug.ExprInspection for test cases
- fix semantic issues for modeled functions
Feb 28 2022
fix readlinkat arg index
extend testcase for readlinkat
readlinkat fix incoming
add readlinkat
rename _IO_getc testcase
Feb 23 2022
- s/getcw/getwd
- add gets_s
- remove getopt variants
- add realinkat
- discuss getnameinfo?
- rename tests
- update getnameinfo
- comment on source/propagator discrepancy
- update tests where 1 / tainted, and tainted cannot be 0
- renamed tests
Feb 22 2022
Feb 21 2022
Feb 8 2022
Jan 18 2022
Remove explicit template keyword for MSVC compatibility
Jan 17 2022
All (except the last) commits were excluded in the previous patch upload
This is superseded by D116025.
Applied typo and naming fixes, introduced 2 move operations, and re-introduced short circuiting.
Fixes round two
Jan 12 2022
Tidy things up thanks to the recommendations of @steakhal
Dec 20 2021
Remove static asserts as it adds little to no value in this case
Remove static asserts as it only makes the tests more brittle
Dec 17 2021
Nov 29 2021
Nov 28 2021
Nov 25 2021
update with arc diff $(git merge-base HEAD upstream) --update D113251
in order to satisfy workflow pre-merge checks
Nov 23 2021
fix indentation warning
make inline code formatting look better
tidy up based on comments from whispy
Nov 18 2021
Fix the review comments of @steakhal
Nov 5 2021
Nov 28 2020
On bitcoin v0.18.1, there is an assertion introduced by this change.
The TU that can be used for reproduction is src/script/interpreter.cpp.
Assertion message:
CTU loaded AST file: /home/gamesh411/bitcoin/src/script/script.cpp clang: /home/gamesh411/llvm-project/clang/lib/AST/ASTContext.cpp:4411: clang::QualType clang::ASTContext::getInjectedClassNameType(clang::CXXRecordDecl*, clang::QualType) const: Assertion `NeedsInjectedC lassNameType(Decl)' failed.
Nov 25 2020
Nov 23 2020
Oct 31 2020
Just to make sure we're on the same page -- the current approach is not flow-sensitive, and so my concern is that it won't report any true positives (not that it will be prone to false positives).
Sorry about that. You are absolutely right; what I was trying to say is CallGraph-based.
Oct 30 2020
...
Have you run this check over any large code bases to see if it currently catches any true positive diagnostics?
Oct 19 2020
Oct 16 2020
Sep 28 2020
Do you have some thoughts about this, should this be pursued, or do you think the use-case is not relevant?
Sep 17 2020
Update commit message
Tidy up commit message
Update commit msg with example
Reformat diagnostic message
Use explicit name longjmp instead of jump function
Fix liberal auto inside Collector
Note that there are no negative test cases that assert that we do NOT report in case a custom or an anonymous namespace is used. For that I would need a small patch in the testing infrastructure.
Patch needed in check_clang_tidy.py:
--- a/clang-tools-extra/test/clang-tidy/check_clang_tidy.py +++ b/clang-tools-extra/test/clang-tidy/check_clang_tidy.py @@ -167,7 +167,7 @@ def run_test_once(args, extra_args): subprocess.check_output( ['FileCheck', '-input-file=' + temp_file_name, input_file_name, '-check-prefixes=' + ','.join(check_fixes_prefixes), - '-strict-whitespace'], + '-strict-whitespace', '--allow-empty'], stderr=subprocess.STDOUT) except subprocess.CalledProcessError as e: print('FileCheck failed:\n' + e.output.decode()) @@ -180,7 +180,7 @@ def run_test_once(args, extra_args): subprocess.check_output( ['FileCheck', '-input-file=' + messages_file, input_file_name, '-check-prefixes=' + ','.join(check_messages_prefixes), - '-implicit-check-not={{warning|error}}:'], + '-implicit-check-not={{warning|error}}:', '--allow-empty'], stderr=subprocess.STDOUT) except subprocess.CalledProcessError as e: print('FileCheck failed:\n' + e.output.decode()) @@ -195,7 +195,7 @@ def run_test_once(args, extra_args): subprocess.check_output( ['FileCheck', '-input-file=' + notes_file, input_file_name, '-check-prefixes=' + ','.join(check_notes_prefixes), - '-implicit-check-not={{note|warning|error}}:'], + '-implicit-check-not={{note|warning|error}}:', '--allow-empty'], stderr=subprocess.STDOUT) except subprocess.CalledProcessError as e: print('FileCheck failed:\n' + e.output.decode())
Add abort and terminate handling
Extend tests to cover every exit functions
Extract matcher bind labels