Page MenuHomePhabricator

gerazo (Zoltán Gera)
User

Projects

User does not belong to any projects.

User Details

User Since
Dec 14 2016, 1:50 AM (139 w, 3 d)

Recent Activity

Nov 27 2018

gerazo accepted D54918: [analyzer] Apply clang-format to GenericTaintChecker.cpp.

Looks correct clang-format to me.

Nov 27 2018, 3:10 AM · Restricted Project
gerazo updated subscribers of D54918: [analyzer] Apply clang-format to GenericTaintChecker.cpp.
Nov 27 2018, 3:10 AM · Restricted Project

Jul 25 2018

gerazo created D49792: [ASTmporter] SourceRange-free function parameter checking for declarations.
Jul 25 2018, 5:32 AM

Jul 12 2018

gerazo added a comment to D47946: [ASTImporter] Fix infinite recursion on function import with struct definition in parameters.

@martong I don't have commit rights. Thanks for your help in advance.

Jul 12 2018, 1:11 AM

Jul 11 2018

gerazo updated the diff for D47946: [ASTImporter] Fix infinite recursion on function import with struct definition in parameters.

Minor fixes for Aleksei's comments.

Jul 11 2018, 7:08 AM
gerazo added inline comments to D47946: [ASTImporter] Fix infinite recursion on function import with struct definition in parameters.
Jul 11 2018, 7:06 AM

Jul 4 2018

gerazo added a comment to D47946: [ASTImporter] Fix infinite recursion on function import with struct definition in parameters.

@a.sidorin what do you think?

Jul 4 2018, 6:35 AM

Jun 20 2018

gerazo updated the diff for D47946: [ASTImporter] Fix infinite recursion on function import with struct definition in parameters.

Added @martong 's suggestions.

Jun 20 2018, 4:19 AM

Jun 15 2018

gerazo updated the diff for D47946: [ASTImporter] Fix infinite recursion on function import with struct definition in parameters.

Updated to not conflict with and use the stuff implemented in https://reviews.llvm.org/D47445 (so became a bit smaller)
Now, it is ready for a review. Enjoy!

Jun 15 2018, 10:26 AM

Jun 12 2018

gerazo added a comment to D47946: [ASTImporter] Fix infinite recursion on function import with struct definition in parameters.

Problem: This change interferes with https://reviews.llvm.org/D47445. Probably that should be committed, it is approved already.

Jun 12 2018, 2:50 AM

Jun 8 2018

gerazo created D47946: [ASTImporter] Fix infinite recursion on function import with struct definition in parameters.
Jun 8 2018, 8:12 AM

Feb 12 2018

gerazo added inline comments to D30691: [analyzer] Support for naive cross translational unit analysis.
Feb 12 2018, 6:39 AM

Dec 15 2017

gerazo added a comment to D30691: [analyzer] Support for naive cross translational unit analysis.

I've tried using the patch, and I got blocked at the following: CTU options are only exposed when one goes through analyze-build frontend, which requires compile_commands.json to be present. I've used libear to generate compile_commands.json, but the generated JSON does not contain the command field, which causes @require before run to die (also, due to the passing style this error was unnecessarily difficult to debug).
So could you write a short documentation somewhere how all pieces fit together? What entry point should be used, what should people do who don't have a build system-generated compile_commands.jsonetc. etc.

Dec 15 2017, 6:16 AM

Dec 11 2017

gerazo added inline comments to D30691: [analyzer] Support for naive cross translational unit analysis.
Dec 11 2017, 5:30 AM

Dec 6 2017

gerazo added a comment to D30691: [analyzer] Support for naive cross translational unit analysis.

The code modifications are coming soon (after doing some extensive testing) for the scan-build part.

Dec 6 2017, 7:17 AM

Nov 29 2017

gerazo added a comment to D30691: [analyzer] Support for naive cross translational unit analysis.

Thanks George for the review. I will start working on the code right away. I've tried to answer the simpler cases.

Nov 29 2017, 3:42 AM

Nov 13 2017

gerazo added a comment to D39247: [ASTImporter] TypeAliasTemplate and PackExpansion importing capability.

Thank you guys!

Nov 13 2017, 10:16 AM · Restricted Project
gerazo updated the diff for D39247: [ASTImporter] TypeAliasTemplate and PackExpansion importing capability.

removing non-conforming braces

Nov 13 2017, 6:27 AM · Restricted Project
gerazo updated the diff for D39247: [ASTImporter] TypeAliasTemplate and PackExpansion importing capability.

Removing needless asserts and typos

Nov 13 2017, 6:19 AM · Restricted Project

Nov 6 2017

gerazo updated the diff for D39247: [ASTImporter] TypeAliasTemplate and PackExpansion importing capability.

ASTImporter unittests added.

Nov 6 2017, 7:05 AM · Restricted Project

Oct 24 2017

gerazo created D39247: [ASTImporter] TypeAliasTemplate and PackExpansion importing capability.
Oct 24 2017, 10:42 AM · Restricted Project

Aug 28 2017

gerazo abandoned D27753: [analyzer] alpha.security.DirtyScalar Checker.
Aug 28 2017, 2:31 AM

Jun 14 2017

gerazo added a comment to D27753: [analyzer] alpha.security.DirtyScalar Checker.

Before abandoning this patch and rewriting it, I would like to get a thumbs up for my plans: I will reimplement all functionality included here but without creating a new checker. Some parts which relate to specific checkers will be put into the corresponding checkers (like ArrayBoundCheckerV2). General ideas on taintedness (cleansing rules and usage warnings on standard types) will be put into GenericTaintChecker. We will see how it goes, will we have a smaller patch or not. WDYT?

Jun 14 2017, 5:15 AM

Mar 31 2017

gerazo added inline comments to D30691: [analyzer] Support for naive cross translational unit analysis.
Mar 31 2017, 12:49 PM

Mar 13 2017

gerazo added inline comments to D30831: [ASTImporter] Import fix of GCCAsmStmts w/ missing symbolic operands.
Mar 13 2017, 5:32 AM
gerazo updated the diff for D30831: [ASTImporter] Import fix of GCCAsmStmts w/ missing symbolic operands.

Better check not letting a real import problem passing through

Mar 13 2017, 5:31 AM

Mar 10 2017

gerazo created D30831: [ASTImporter] Import fix of GCCAsmStmts w/ missing symbolic operands.
Mar 10 2017, 8:24 AM
gerazo added a comment to D27753: [analyzer] alpha.security.DirtyScalar Checker.

Stepping back a bit, what do you consider "dirty" vs "clean"? It seems that you are looking for prove that the values are known to be within the bounds of min and max int values. What happens if there is a comparison to an unknown symbolic value? Should that be considered as clean or tainted? Are there test cases for this?

Mar 10 2017, 4:23 AM

Mar 3 2017

gerazo added a comment to D27753: [analyzer] alpha.security.DirtyScalar Checker.

Hmm... I am thinking on this issue for a week now...

Mar 3 2017, 7:38 AM

Feb 28 2017

gerazo added inline comments to D27753: [analyzer] alpha.security.DirtyScalar Checker.
Feb 28 2017, 5:50 AM

Feb 17 2017

gerazo added a comment to D27753: [analyzer] alpha.security.DirtyScalar Checker.

Hi, did you have time to check my changes?

Feb 17 2017, 8:38 AM

Dec 22 2016

gerazo added a comment to D27753: [analyzer] alpha.security.DirtyScalar Checker.

So thank you again for the valuable questions.
In this checker, I give warnings for values which are both tainted and were also not checked by the programmer. So unlike GenericTaintChecker, I do implement the boundedness check here for certain, interesting constructs (which is controlled by the critical option). GenericTaintChecker focuses purely on taintedness, almost like a service for other checkers. I've added a new rule to it, improving the taintedness logic, but I felt mixing the bound checking logic into it would make the two ideas inseparable.

Dec 22 2016, 6:21 AM
gerazo added a comment to D27753: [analyzer] alpha.security.DirtyScalar Checker.

Thank you very much for your help. I've added all suggested modifications including tests covering all checker option settings.

Dec 22 2016, 5:45 AM
gerazo updated the diff for D27753: [analyzer] alpha.security.DirtyScalar Checker.
Dec 22 2016, 5:42 AM

Dec 14 2016

gerazo retitled D27753: [analyzer] alpha.security.DirtyScalar Checker from to [analyzer] alpha.security.DirtyScalar Checker.
Dec 14 2016, 5:01 AM