boga95 added a comment. Sorry for the late answer, I was working on my thesis which is about taint analysis. During that, I implemented several cool features (namespaces, std::cin, std::string, etc.) for the checker. I will share them soon.
I thought about the API notes and I think it will fit very well into the checker. If my understanding is clear, the checker would be configured with attributes and/or a yaml file which contains the attributes. Therefore, the implementation will become simpler, because the checker will only read the attributes. I made a draft for the possible usage of the attributes: [[taint::dst(-1)]] int mySource(); // The return value will become tainted [[taint::src(0, 1)]] [[taint::dst(2)]] void myPropagator(int*, int*, int*); [[taint::src(0)]] [[taint::varDst(2)]] int myFscanf(FILE*, const char*, ...); // The variadic arguments will become tainted, if the first argument is tainted [[taint::dst(0, -1)]] [[taint::varSrc(2)]] int mySprintf(char*, const char*, ... ); // The first argument and the return value will become tainted, if any of the variadic arguments is tainted I think we can use the current yaml configuration in order to not block my progress. I think most of the current implementation can be reused for the API notes. I will be able to easily change the interface after the API notes are ready. ================ Comment at: lib/StaticAnalyzer/Checkers/GenericTaintChecker.cpp:73-75 static const unsigned InvalidArgIndex = UINT_MAX; /// Denotes the return vale. static const unsigned ReturnValueIndex = UINT_MAX - 1; ---------------- Szelethus wrote: > boga95 wrote: > > Szelethus wrote: > > > We should definitely change these, not only is the large integer number > > > impossible to remember, but this value could differ on different > > > platforms. > > I tried to use int, but I got a lot of warnings because of the > > `getNumArgs()` returns an unsigned value. > What warnings? I thought we have `-Wsign-conversion` disabled. I got `-Wsign-compare` warnings, but it compiles. I will change it in the next [[ https://reviews.llvm.org/D59637 | review ]] because that's contains the yaml file and the related tests. CHANGES SINCE LAST ACTION https://reviews.llvm.org/D59555/new/ https://reviews.llvm.org/D59555 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
