HomePhabricator

[analyzer] Don't flag strcpy of string literals into sufficiently large buffers.

Description

[analyzer] Don't flag strcpy of string literals into sufficiently large buffers.

In the security package, we have a simple syntactic check that warns about
strcpy() being insecure, due to potential buffer overflows.

Suppress that check's warning in the trivial situation when the source is an
immediate null-terminated string literal and the target is an immediate
sufficiently large buffer.

Patch by AndrĂ¡s Leitereg!

Differential Revision: https://reviews.llvm.org/D41384

Details